Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
File:                     xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json)
Hash identifier:          rWeRnt3kS4Vv0dSotdrCZNHCOChEYYEAS2M3y3Kw6qs=
Subject key identifier:   05:1D:2A:08:AD:24:39:B7:F6:75:C6:2D:D0:5B:20:8F:58:D4:D8:CF
Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0
Certificate issuer:       /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
Certificate serial:       019D2AE1301157AC7D5048BFD0160A2E3A78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
Manifest number:          0844
Signing time:             Thu 26 Mar 2026 16:01:34 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:34 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:34 +0000
Files and hashes:         1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: HZCwsSHMMVPmoSwc9vs72oA1OXAGXsfELQt3QWueBao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e1:30:11:57:ac:7d:50:48:bf:d0:16:0a:2e:3a:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
        Validity
            Not Before: Mar 26 16:01:34 2026 GMT
            Not After : Mar 27 16:01:34 2026 GMT
        Subject: CN=051d2a08ad2439b7f675c62dd05b208f58d4d8cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d2:5b:6d:0b:83:75:08:f1:55:5e:dc:c0:a5:
                    03:40:a9:07:5e:36:a7:4a:95:f9:30:fa:cf:a5:5b:
                    cf:ec:79:5b:56:38:97:3f:27:89:18:10:fb:f9:b7:
                    ba:b6:aa:d8:68:7f:92:a0:7d:61:d8:fe:c4:15:e3:
                    0c:7b:8a:52:47:f1:03:d9:e1:42:f4:ac:52:cb:ea:
                    5e:1c:29:8e:bb:94:1e:cb:d9:78:bd:f0:d4:cc:25:
                    f0:98:14:56:1b:b1:a5:41:51:8f:3b:58:6a:d6:bb:
                    8b:ce:5d:a5:5a:c4:57:b7:5f:d3:a7:ef:bb:aa:0a:
                    55:dc:be:f9:fd:db:34:d4:28:37:ac:5b:73:11:4a:
                    ac:c5:43:b6:88:52:87:c3:d4:56:73:4d:02:b4:f4:
                    03:32:f6:88:03:91:cf:e9:56:63:ed:40:06:31:19:
                    1a:9f:4c:85:78:33:e2:75:56:91:51:87:cf:cd:67:
                    05:a6:29:ae:b7:0a:ae:6c:c1:83:b0:42:a8:d8:27:
                    3b:ff:6c:58:ec:27:97:72:2b:11:04:da:60:7f:7d:
                    4b:a5:dd:cc:17:31:4c:6f:7e:be:5b:e9:9e:f7:cf:
                    85:00:38:ad:d9:83:f3:71:ea:c7:10:b1:fd:d3:d0:
                    7d:21:c3:ec:5e:59:ac:58:1a:86:74:e7:fb:36:3e:
                    58:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:1D:2A:08:AD:24:39:B7:F6:75:C6:2D:D0:5B:20:8F:58:D4:D8:CF
            X509v3 Authority Key Identifier:
                keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:19:eb:17:f9:1b:f9:c2:c0:04:f3:90:87:51:81:fc:4b:30:
         72:df:d7:e5:2a:27:85:88:ae:12:ef:64:dc:81:ce:44:1f:07:
         37:2d:66:3b:00:81:8a:21:af:a9:62:56:29:8f:10:7f:88:2b:
         8a:61:08:55:5a:80:d7:39:3a:b2:bd:9e:e8:cc:49:79:8a:c7:
         4f:da:5b:63:c5:ab:e0:9d:2e:b4:29:19:2a:60:c2:21:74:69:
         97:b1:b9:bb:30:2b:04:66:08:8d:cc:d4:fa:d1:cc:8d:52:71:
         e2:97:2b:2b:4e:82:da:8f:75:35:1d:78:9b:f1:a0:f7:14:f4:
         cf:b4:e1:bb:23:77:0d:fa:00:d2:0a:48:5d:24:ce:f7:15:60:
         54:8d:c4:79:27:e6:34:09:ea:f2:52:f2:19:d9:2a:04:3f:15:
         1b:74:64:4d:46:8a:05:8d:23:3e:4f:ac:a8:3d:54:a5:cc:c7:
         fb:3c:cf:e8:be:51:8a:6f:c9:39:74:3c:ff:f1:f0:2f:a3:89:
         e6:d8:b7:d2:05:e5:75:eb:01:5d:80:20:f7:23:c0:52:5d:4e:
         f5:66:fa:53:ba:86:16:e6:37:e2:67:84:74:24:74:d0:ab:8b:
         02:90:4d:38:4e:b5:f0:c8:aa:fb:7a:5c:14:d3:0d:f6:5c:12:
         97:c6:45:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4TARV6x9UEi/0BYKLjp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk
YzY4YTAwHhcNMjYwMzI2MTYwMTM0WhcNMjYwMzI3MTYwMTM0WjAzMTEwLwYDVQQD
EygwNTFkMmEwOGFkMjQzOWI3ZjY3NWM2MmRkMDViMjA4ZjU4ZDRkOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotJbbQuDdQjxVV7cwKUDQKkHXjan
SpX5MPrPpVvP7HlbVjiXPyeJGBD7+be6tqrYaH+SoH1h2P7EFeMMe4pSR/ED2eFC
9KxSy+peHCmOu5Qey9l4vfDUzCXwmBRWG7GlQVGPO1hq1ruLzl2lWsRXt1/Tp++7
qgpV3L75/ds01Cg3rFtzEUqsxUO2iFKHw9RWc00CtPQDMvaIA5HP6VZj7UAGMRka
n0yFeDPidVaRUYfPzWcFpimutwqubMGDsEKo2Cc7/2xY7CeXcisRBNpgf31Lpd3M
FzFMb36+W+me98+FADit2YPzcerHELH909B9IcPsXlmsWBqGdOf7Nj5YNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAUdKgitJDm39nXGLdBbII9Y1NjPMB8GA1UdIwQY
MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt
OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh
LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBnrF/kb
+cLABPOQh1GB/Eswct/X5SonhYiuEu9k3IHORB8HNy1mOwCBiiGvqWJWKY8Qf4gr
imEIVVqA1zk6sr2e6MxJeYrHT9pbY8Wr4J0utCkZKmDCIXRpl7G5uzArBGYIjczU
+tHMjVJx4pcrK06C2o91NR14m/Gg9xT0z7ThuyN3DfoA0gpIXSTO9xVgVI3EeSfm
NAnq8lLyGdkqBD8VG3RkTUaKBY0jPk+sqD1UpczH+zzP6L5Rim/JOXQ8//HwL6OJ
5ti30gXldesBXYAg9yPAUl1O9Wb6U7qGFuY34meEdCR00KuLApBNOE618Miq+3pc
FNMN9lwSl8ZFdQ==
-----END CERTIFICATE-----