Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/e44508-1f2b-4668-a51e-0e921418c1b5/1/XVD5SGhvOBoJxg1NlogMD45LFIU.mft
File:                     XVD5SGhvOBoJxg1NlogMD45LFIU.mft (raw, json)
Hash identifier:          Vtfs3Q0mtDAMterPn2nGydYaANTiAwqj6AFDrZ8EHtQ=
Subject key identifier:   71:66:CD:F2:77:18:F8:C6:B7:28:AD:E5:74:50:B4:47:87:B3:B5:BA
Authority key identifier: 5D:50:F9:48:68:6F:38:1A:09:C6:0D:4D:96:88:0C:0F:8E:4B:14:85
Certificate issuer:       /CN=5d50f948686f381a09c60d4d96880c0f8e4b1485
Certificate serial:       019D28BB4DB725A63046F20F78083EFCF442
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XVD5SGhvOBoJxg1NlogMD45LFIU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/e44508-1f2b-4668-a51e-0e921418c1b5/1/XVD5SGhvOBoJxg1NlogMD45LFIU.mft
Manifest number:          D2
Signing time:             Thu 26 Mar 2026 06:00:56 +0000
Manifest this update:     Thu 26 Mar 2026 06:00:56 +0000
Manifest next update:     Fri 27 Mar 2026 06:00:56 +0000
Files and hashes:         1: XVD5SGhvOBoJxg1NlogMD45LFIU.crl (hash: xQM6/aT/52JSnIg8TEZNUK80PyyriZfiLsCKLCI3wvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/e44508-1f2b-4668-a51e-0e921418c1b5/1/XVD5SGhvOBoJxg1NlogMD45LFIU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/e44508-1f2b-4668-a51e-0e921418c1b5/1/XVD5SGhvOBoJxg1NlogMD45LFIU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XVD5SGhvOBoJxg1NlogMD45LFIU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 06:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:4d:b7:25:a6:30:46:f2:0f:78:08:3e:fc:f4:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d50f948686f381a09c60d4d96880c0f8e4b1485
        Validity
            Not Before: Mar 26 06:00:56 2026 GMT
            Not After : Mar 27 06:00:56 2026 GMT
        Subject: CN=7166cdf27718f8c6b728ade57450b44787b3b5ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:70:9b:1f:2f:5b:65:44:4b:94:2d:39:ff:08:
                    f6:fa:83:4b:2f:0b:96:dc:c2:2f:b7:49:67:45:77:
                    24:14:86:b8:35:9a:cb:4c:f0:66:aa:6c:c0:0e:74:
                    f5:9e:f3:64:8c:17:97:0f:39:93:2c:ec:f1:94:ca:
                    25:e0:36:61:6d:04:4d:69:fd:d2:24:54:d5:f3:73:
                    93:89:cf:cd:0e:af:15:31:f4:36:42:94:04:a5:ad:
                    4b:78:8e:3e:b0:42:d2:78:21:1b:b7:16:1f:e2:e7:
                    ff:fc:8b:a1:8e:bb:e7:67:ad:d6:59:62:91:25:9f:
                    89:28:69:a6:ff:27:08:5f:cd:84:a8:f2:41:e8:62:
                    5d:e7:8b:d5:ce:17:c7:d2:46:55:7c:20:01:04:32:
                    0c:fb:4f:f6:f4:42:b1:be:83:84:23:4c:6d:4f:2a:
                    72:0c:f0:48:83:8a:31:94:15:b6:39:93:ca:10:63:
                    dc:97:74:5d:b8:43:e1:f1:46:0a:ff:99:f3:9d:74:
                    7d:5d:de:a5:b7:83:fe:a6:8c:ef:fb:09:f1:c7:98:
                    4d:10:9a:58:7d:ee:ea:9b:1d:14:4e:1c:b4:70:0b:
                    7b:6b:58:c2:90:42:29:12:68:d8:e3:7f:ed:44:8c:
                    4f:04:42:15:56:58:59:26:1c:6d:d4:f5:a0:4f:5e:
                    44:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:66:CD:F2:77:18:F8:C6:B7:28:AD:E5:74:50:B4:47:87:B3:B5:BA
            X509v3 Authority Key Identifier:
                keyid:5D:50:F9:48:68:6F:38:1A:09:C6:0D:4D:96:88:0C:0F:8E:4B:14:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVD5SGhvOBoJxg1NlogMD45LFIU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e44508-1f2b-4668-a51e-0e921418c1b5/1/XVD5SGhvOBoJxg1NlogMD45LFIU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e44508-1f2b-4668-a51e-0e921418c1b5/1/XVD5SGhvOBoJxg1NlogMD45LFIU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:b3:f5:24:3e:9d:20:34:c9:5d:11:de:e2:6b:44:c3:6e:78:
         02:0a:7f:b2:e9:aa:67:92:81:cd:27:49:54:74:a2:8e:0d:ca:
         f1:07:0d:be:d2:e9:35:54:e6:a3:94:8f:22:cb:7c:6c:03:ce:
         67:ce:7e:92:a2:81:a2:2c:03:69:c2:ba:09:30:c3:9a:6e:cf:
         2d:a1:25:a9:57:81:50:65:0f:6e:48:03:29:35:6c:82:b0:fc:
         0e:a7:9f:cb:38:03:4c:3b:ec:34:fd:75:5e:89:95:6b:2b:e4:
         6b:d5:b8:5f:81:24:22:6a:ed:05:14:11:dd:47:1a:74:e8:f0:
         a8:ad:c8:56:61:b4:18:8a:4e:29:8e:77:ea:5e:82:b3:54:e4:
         f5:cb:02:c2:e8:28:09:7e:ec:dc:76:24:3e:5b:97:9d:a6:b1:
         32:a0:72:76:70:96:59:da:47:76:42:72:7f:b3:a9:f7:b9:7a:
         c4:e8:e9:1a:6d:25:5d:dc:f2:8f:bf:e4:22:43:d0:a5:b6:9b:
         9c:ca:0f:95:36:4e:b5:c5:fa:ac:9b:2f:5a:46:83:fd:6a:fc:
         ff:9d:07:b5:f9:9b:59:04:8e:f5:08:d6:12:bc:0c:0a:0d:93:
         4f:31:18:e4:4f:c5:5b:48:99:ec:cb:fb:a8:ff:a0:21:e8:fa:
         b4:e6:c9:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou023JaYwRvIPeAg+/PRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTBmOTQ4Njg2ZjM4MWEwOWM2MGQ0ZDk2ODgwYzBmOGU0
YjE0ODUwHhcNMjYwMzI2MDYwMDU2WhcNMjYwMzI3MDYwMDU2WjAzMTEwLwYDVQQD
Eyg3MTY2Y2RmMjc3MThmOGM2YjcyOGFkZTU3NDUwYjQ0Nzg3YjNiNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznCbHy9bZURLlC05/wj2+oNLLwuW
3MIvt0lnRXckFIa4NZrLTPBmqmzADnT1nvNkjBeXDzmTLOzxlMol4DZhbQRNaf3S
JFTV83OTic/NDq8VMfQ2QpQEpa1LeI4+sELSeCEbtxYf4uf//IuhjrvnZ63WWWKR
JZ+JKGmm/ycIX82EqPJB6GJd54vVzhfH0kZVfCABBDIM+0/29EKxvoOEI0xtTypy
DPBIg4oxlBW2OZPKEGPcl3RduEPh8UYK/5nznXR9Xd6lt4P+pozv+wnxx5hNEJpY
fe7qmx0UThy0cAt7a1jCkEIpEmjY43/tRIxPBEIVVlhZJhxt1PWgT15E9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFmzfJ3GPjGtyit5XRQtEeHs7W6MB8GA1UdIwQY
MBaAFF1Q+UhobzgaCcYNTZaIDA+OSxSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZENVNHaHZPQm9KeGcxTmxvZ01ENDVMRklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9lNDQ1MDgtMWYyYi00NjY4LWE1MWUt
MGU5MjE0MThjMWI1LzEvWFZENVNHaHZPQm9KeGcxTmxvZ01ENDVMRklVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9lNDQ1MDgtMWYyYi00NjY4LWE1MWUtMGU5MjE0MThjMWI1
LzEvWFZENVNHaHZPQm9KeGcxTmxvZ01ENDVMRklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh7P1JD6d
IDTJXRHe4mtEw254Agp/sumqZ5KBzSdJVHSijg3K8QcNvtLpNVTmo5SPIst8bAPO
Z85+kqKBoiwDacK6CTDDmm7PLaElqVeBUGUPbkgDKTVsgrD8DqefyzgDTDvsNP11
XomVayvka9W4X4EkImrtBRQR3UcadOjwqK3IVmG0GIpOKY536l6Cs1Tk9csCwugo
CX7s3HYkPluXnaaxMqBydnCWWdpHdkJyf7Op97l6xOjpGm0lXdzyj7/kIkPQpbab
nMoPlTZOtcX6rJsvWkaD/Wr8/50HtfmbWQSO9QjWErwMCg2TTzEY5E/FW0iZ7Mv7
qP+gIej6tObJEQ==
-----END CERTIFICATE-----