Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft
File:                     XJF3tPVOZX44dlbmc6-MDuCmCRc.mft (raw, json)
Hash identifier:          /8XWUD7v7budp3v3ifD9hEAqjmwIOKrQFrvEqOpzrOY=
Subject key identifier:   4A:F0:73:84:8D:E1:CE:C0:49:45:26:E9:D2:76:CF:B4:46:2E:3E:CE
Authority key identifier: 5C:91:77:B4:F5:4E:65:7E:38:76:56:E6:73:AF:8C:0E:E0:A6:09:17
Certificate issuer:       /CN=5c9177b4f54e657e387656e673af8c0ee0a60917
Certificate serial:       019D27722837C52E17A097F6E99F15F33ED0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XJF3tPVOZX44dlbmc6-MDuCmCRc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft
Manifest number:          042D
Signing time:             Thu 26 Mar 2026 00:01:25 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:25 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:25 +0000
Files and hashes:         1: XJF3tPVOZX44dlbmc6-MDuCmCRc.crl (hash: +t2TjmhfcP2pGoOSW7V/XPfrDoSS/upC2nx2guZ/ag8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XJF3tPVOZX44dlbmc6-MDuCmCRc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:28:37:c5:2e:17:a0:97:f6:e9:9f:15:f3:3e:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c9177b4f54e657e387656e673af8c0ee0a60917
        Validity
            Not Before: Mar 26 00:01:25 2026 GMT
            Not After : Mar 27 00:01:25 2026 GMT
        Subject: CN=4af073848de1cec0494526e9d276cfb4462e3ece
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:14:e8:08:40:f4:25:6c:24:43:17:16:c8:0b:
                    a2:ee:f0:93:8d:b3:15:de:e3:4a:95:11:ee:ba:8b:
                    86:38:e9:5a:bb:ac:1e:a7:7a:6a:be:37:df:e1:b7:
                    7a:e1:ca:a3:65:86:4e:0b:4a:6f:e8:8c:c4:5a:c2:
                    ef:b4:07:b7:00:3a:00:56:27:6c:46:34:f3:88:4d:
                    58:0b:4b:28:18:29:ee:c9:af:d7:40:13:e6:3b:bc:
                    d4:cf:17:2f:6a:64:1f:f2:28:d1:f6:b1:b2:cc:75:
                    b4:58:0a:4d:1c:e7:5a:37:1a:21:c6:e6:0b:64:39:
                    9a:26:75:b3:04:dd:06:b9:8e:a4:04:08:74:4e:47:
                    a8:6f:fb:70:cc:52:72:2e:6a:25:5a:cf:87:37:8a:
                    bc:3f:ae:43:74:0c:21:76:c8:f8:b0:fd:6b:1d:a2:
                    83:ee:d5:ba:36:7a:0e:c2:89:e7:7e:d8:f6:80:73:
                    91:64:90:9e:bc:4c:34:35:15:20:64:30:65:7e:66:
                    63:da:27:9b:4f:4d:e0:aa:cc:92:e8:14:78:5e:af:
                    22:92:a8:9f:75:de:bc:54:1c:76:f9:ae:53:03:18:
                    fd:7a:9d:8b:53:df:06:19:2b:4f:b6:e1:c3:2a:1d:
                    03:47:70:f8:ab:2a:d1:7b:c7:90:4b:1e:24:4b:e4:
                    2b:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:F0:73:84:8D:E1:CE:C0:49:45:26:E9:D2:76:CF:B4:46:2E:3E:CE
            X509v3 Authority Key Identifier:
                keyid:5C:91:77:B4:F5:4E:65:7E:38:76:56:E6:73:AF:8C:0E:E0:A6:09:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XJF3tPVOZX44dlbmc6-MDuCmCRc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ca52f0-d3b3-42c5-8a7b-6dc369dff53f/1/XJF3tPVOZX44dlbmc6-MDuCmCRc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:72:ed:59:95:2a:fa:64:c9:82:52:7a:be:bc:66:ec:c7:5f:
         c4:c8:f3:a4:e0:43:a5:aa:b3:50:4f:da:7a:ea:e8:95:f0:00:
         ec:78:aa:1f:2e:6e:35:f6:95:3d:47:5e:72:72:a5:b7:ee:aa:
         f7:a4:38:e3:c6:ec:dc:c1:49:20:a7:61:1f:10:c4:e9:f9:74:
         3a:07:e7:10:a5:d8:92:31:e1:82:49:4f:48:f0:ee:2e:64:b1:
         83:f2:a4:1f:37:5f:a4:49:84:a4:eb:35:9a:1a:9c:14:7f:07:
         52:68:79:07:34:f7:8d:cd:7b:aa:c6:0c:dd:15:a7:f7:ba:19:
         1f:b2:77:1e:19:1e:d2:9f:d7:16:77:82:05:7d:7e:6d:91:fb:
         ae:7d:85:0c:60:73:26:64:00:85:b0:94:af:64:96:ee:31:94:
         39:f5:a3:6a:ce:ea:ad:bf:1e:de:fc:40:cc:48:6f:13:92:03:
         81:a0:66:c5:ea:9f:c5:5a:01:07:80:17:19:59:a2:bb:01:78:
         dc:e8:d6:e5:f9:38:86:d6:b9:d0:be:e8:61:cf:ae:2a:6c:d9:
         af:ed:6f:3b:9e:02:ae:dd:f7:c9:d4:d8:68:71:74:83:8d:f8:
         1f:ad:79:94:5c:64:40:8f:1c:e0:53:9f:fd:20:a1:a8:1e:13:
         9f:2e:7e:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncig3xS4XoJf26Z8V8z7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjOTE3N2I0ZjU0ZTY1N2UzODc2NTZlNjczYWY4YzBlZTBh
NjA5MTcwHhcNMjYwMzI2MDAwMTI1WhcNMjYwMzI3MDAwMTI1WjAzMTEwLwYDVQQD
Eyg0YWYwNzM4NDhkZTFjZWMwNDk0NTI2ZTlkMjc2Y2ZiNDQ2MmUzZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxToCED0JWwkQxcWyAui7vCTjbMV
3uNKlRHuuouGOOlau6wep3pqvjff4bd64cqjZYZOC0pv6IzEWsLvtAe3ADoAVids
RjTziE1YC0soGCnuya/XQBPmO7zUzxcvamQf8ijR9rGyzHW0WApNHOdaNxohxuYL
ZDmaJnWzBN0GuY6kBAh0Tkeob/twzFJyLmolWs+HN4q8P65DdAwhdsj4sP1rHaKD
7tW6NnoOwonnftj2gHORZJCevEw0NRUgZDBlfmZj2iebT03gqsyS6BR4Xq8ikqif
dd68VBx2+a5TAxj9ep2LU98GGStPtuHDKh0DR3D4qyrRe8eQSx4kS+QroQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFErwc4SN4c7ASUUm6dJ2z7RGLj7OMB8GA1UdIwQY
MBaAFFyRd7T1TmV+OHZW5nOvjA7gpgkXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEpGM3RQVk9aWDQ0ZGxibWM2LU1EdUNtQ1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9jYTUyZjAtZDNiMy00MmM1LThhN2It
NmRjMzY5ZGZmNTNmLzEvWEpGM3RQVk9aWDQ0ZGxibWM2LU1EdUNtQ1JjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9jYTUyZjAtZDNiMy00MmM1LThhN2ItNmRjMzY5ZGZmNTNm
LzEvWEpGM3RQVk9aWDQ0ZGxibWM2LU1EdUNtQ1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJXLtWZUq
+mTJglJ6vrxm7MdfxMjzpOBDpaqzUE/aeurolfAA7HiqHy5uNfaVPUdecnKlt+6q
96Q448bs3MFJIKdhHxDE6fl0OgfnEKXYkjHhgklPSPDuLmSxg/KkHzdfpEmEpOs1
mhqcFH8HUmh5BzT3jc17qsYM3RWn97oZH7J3Hhke0p/XFneCBX1+bZH7rn2FDGBz
JmQAhbCUr2SW7jGUOfWjas7qrb8e3vxAzEhvE5IDgaBmxeqfxVoBB4AXGVmiuwF4
3OjW5fk4hta50L7oYc+uKmzZr+1vO54Crt33ydTYaHF0g434H615lFxkQI8c4FOf
/SChqB4Tny5+yQ==
-----END CERTIFICATE-----