Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          5vuykXC2hiZZ99Rd9HEt5m/alGJTm12N4iB/rOVsbZ0=
Subject key identifier:   AC:82:B8:77:A6:6E:25:D4:C4:34:99:86:B7:55:BF:9B:5C:C8:B4:2B
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       019D2704375D27873845BC4606537B9F0391
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0EC3
Signing time:             Wed 25 Mar 2026 22:01:20 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:20 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:20 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: Gm1zkh5oJWsPJxW0mpCYUQ317agI3RH01qV0yh5RQo0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:37:5d:27:87:38:45:bc:46:06:53:7b:9f:03:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Mar 25 22:01:20 2026 GMT
            Not After : Mar 26 22:01:20 2026 GMT
        Subject: CN=ac82b877a66e25d4c4349986b755bf9b5cc8b42b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:21:e3:f1:3a:e8:6d:b0:d2:e5:29:30:f5:b3:
                    58:a3:08:80:7b:d0:ac:2d:c7:4f:8a:53:1f:d7:85:
                    88:99:b0:e9:cb:6e:55:2c:c7:0e:b7:51:97:ec:d2:
                    fe:aa:a3:8d:64:ce:be:7b:67:79:6b:1f:b5:d8:2f:
                    f8:c4:ce:61:70:ec:5e:c2:ad:61:1f:f5:cf:4e:ea:
                    6e:74:ca:70:89:55:a2:e8:6b:4e:5f:11:e8:cb:43:
                    bd:7f:13:0c:a5:dc:fd:03:78:5c:4f:4f:07:64:14:
                    f0:0a:f3:8c:57:93:74:29:63:d2:4c:df:c7:ab:6a:
                    aa:b8:44:da:c0:a2:17:79:c4:af:50:2b:16:f6:1e:
                    07:23:0d:ee:93:5a:74:08:9a:af:66:0a:95:e2:7d:
                    2c:b8:d0:02:ee:6a:9a:56:77:21:d7:0e:9a:be:68:
                    7a:b8:bc:1e:e2:bd:cf:ed:58:04:e1:e1:86:78:a4:
                    4f:d0:92:e9:d6:ff:74:0b:95:0a:98:bf:4b:15:7c:
                    a3:f2:df:5a:16:1a:94:ac:e4:be:c3:c9:de:4a:94:
                    ce:a3:ea:4d:80:d2:07:83:a3:1c:fa:ef:4a:c7:b0:
                    4c:ab:61:43:36:ae:05:14:dd:ee:48:dc:4f:38:e0:
                    6d:d2:95:0e:28:d1:59:7d:64:ae:48:71:53:18:9f:
                    71:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:82:B8:77:A6:6E:25:D4:C4:34:99:86:B7:55:BF:9B:5C:C8:B4:2B
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:ba:e8:0d:0e:5e:a0:58:27:03:0c:f4:6c:5f:93:d8:2b:0b:
         fa:bf:e6:b9:ce:c3:36:d4:3b:e1:76:31:ad:c5:4c:ba:bc:91:
         0b:7b:7c:5d:0b:e8:4d:62:b2:4c:4f:24:82:ae:fb:92:04:45:
         f0:33:6c:ab:fe:54:cd:fb:20:38:f7:c8:a7:51:ff:19:d2:d3:
         30:98:28:6b:7d:3c:c7:ab:b2:42:84:cb:83:1b:56:4e:18:92:
         16:d2:49:30:91:a3:bd:db:3b:14:5b:32:fb:4d:7a:4d:ad:fd:
         9d:8b:11:19:30:89:a8:0b:b4:b8:e8:24:12:13:b7:05:86:f8:
         e8:e1:69:49:01:c0:3d:f4:83:0c:41:98:5d:01:39:79:f0:41:
         63:f8:88:35:36:7d:17:7f:19:14:02:14:61:13:ea:c9:1e:d7:
         16:83:8c:f8:31:4e:fa:4f:09:a3:ad:41:44:4d:b1:1e:46:57:
         eb:17:cf:f6:f1:37:45:7e:fb:13:1e:ff:0c:84:ea:02:3d:d8:
         2d:57:ef:9a:73:10:1e:ae:66:39:a7:28:81:a1:cc:51:71:c8:
         63:e6:91:05:f2:f9:a8:3a:f2:da:4d:f1:46:b1:9f:40:77:a4:
         09:af:92:29:28:54:13:c2:05:71:c0:04:2f:95:ab:8a:a2:bc:
         e7:9e:85:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBDddJ4c4RbxGBlN7nwORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjYwMzI1MjIwMTIwWhcNMjYwMzI2MjIwMTIwWjAzMTEwLwYDVQQD
EyhhYzgyYjg3N2E2NmUyNWQ0YzQzNDk5ODZiNzU1YmY5YjVjYzhiNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviHj8TrobbDS5Skw9bNYowiAe9Cs
LcdPilMf14WImbDpy25VLMcOt1GX7NL+qqONZM6+e2d5ax+12C/4xM5hcOxewq1h
H/XPTupudMpwiVWi6GtOXxHoy0O9fxMMpdz9A3hcT08HZBTwCvOMV5N0KWPSTN/H
q2qquETawKIXecSvUCsW9h4HIw3uk1p0CJqvZgqV4n0suNAC7mqaVnch1w6avmh6
uLwe4r3P7VgE4eGGeKRP0JLp1v90C5UKmL9LFXyj8t9aFhqUrOS+w8neSpTOo+pN
gNIHg6Mc+u9Kx7BMq2FDNq4FFN3uSNxPOOBt0pUOKNFZfWSuSHFTGJ9xYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyCuHembiXUxDSZhrdVv5tcyLQrMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgLroDQ5e
oFgnAwz0bF+T2CsL+r/muc7DNtQ74XYxrcVMuryRC3t8XQvoTWKyTE8kgq77kgRF
8DNsq/5UzfsgOPfIp1H/GdLTMJgoa308x6uyQoTLgxtWThiSFtJJMJGjvds7FFsy
+016Ta39nYsRGTCJqAu0uOgkEhO3BYb46OFpSQHAPfSDDEGYXQE5efBBY/iINTZ9
F38ZFAIUYRPqyR7XFoOM+DFO+k8Jo61BRE2xHkZX6xfP9vE3RX77Ex7/DITqAj3Y
LVfvmnMQHq5mOacogaHMUXHIY+aRBfL5qDry2k3xRrGfQHekCa+SKShUE8IFccAE
L5WriqK8556Fzg==
-----END CERTIFICATE-----