Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft
File:                     XlTVGjJHsX9vlqDM4lMBktyfdCI.mft (raw, json)
Hash identifier:          YqCtFRHlZ3n6aEIjF2tUkJ0mmeK9A2sjqbZzDWiMYjY=
Subject key identifier:   1D:48:85:C7:88:97:85:E1:00:F5:E8:2F:AE:2D:0C:93:B9:0A:CA:0C
Authority key identifier: 5E:54:D5:1A:32:47:B1:7F:6F:96:A0:CC:E2:53:01:92:DC:9F:74:22
Certificate issuer:       /CN=5e54d51a3247b17f6f96a0cce2530192dc9f7422
Certificate serial:       019D2772B4A7706DEE0F954BDFCF9738B8A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft
Manifest number:          0857
Signing time:             Thu 26 Mar 2026 00:02:01 +0000
Manifest this update:     Thu 26 Mar 2026 00:02:01 +0000
Manifest next update:     Fri 27 Mar 2026 00:02:01 +0000
Files and hashes:         1: XlTVGjJHsX9vlqDM4lMBktyfdCI.crl (hash: OfVcaJZEbA8DXdyyQOrDLfe5HAynyI3TsQFQFKQaNaY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:b4:a7:70:6d:ee:0f:95:4b:df:cf:97:38:b8:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e54d51a3247b17f6f96a0cce2530192dc9f7422
        Validity
            Not Before: Mar 26 00:02:01 2026 GMT
            Not After : Mar 27 00:02:01 2026 GMT
        Subject: CN=1d4885c7889785e100f5e82fae2d0c93b90aca0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:24:7c:c6:f6:80:bb:92:41:a4:cb:c8:6b:5c:
                    69:a2:60:41:d5:4a:df:10:ac:a1:63:69:a0:d3:79:
                    83:ec:8a:e8:79:f5:44:50:cb:94:be:5d:c4:97:eb:
                    74:48:6d:a7:f2:41:ed:a1:66:6b:3e:60:67:a5:9f:
                    eb:1a:6d:e1:4d:41:ed:aa:b9:2b:11:44:31:c7:f7:
                    66:c6:a2:9f:47:9d:2b:14:8e:9a:be:65:e9:c8:fe:
                    83:46:c2:e8:b7:f8:77:df:a2:3b:1f:30:af:4d:a8:
                    9e:34:02:bb:9c:b8:de:97:d5:19:48:e5:76:48:51:
                    07:c3:26:f0:13:c7:2f:26:68:b7:cb:cd:25:45:86:
                    85:81:48:c9:c2:67:aa:9d:a8:68:6e:da:77:bb:24:
                    ab:68:95:d7:09:1c:12:5a:3f:ba:90:43:75:93:a8:
                    10:3f:e3:65:78:16:f2:1e:ff:64:35:ad:80:73:05:
                    4e:df:43:72:cc:00:5e:29:a3:ee:87:98:54:4a:9c:
                    07:2b:27:6b:18:a9:e7:96:25:eb:bc:25:48:1d:6f:
                    ba:55:4c:b0:fc:a0:b4:12:7b:f7:c5:fd:a9:13:45:
                    d1:9e:5b:26:b3:9d:7e:39:f2:09:f2:64:8c:c6:e4:
                    c6:a9:92:d5:a6:a5:46:a9:b8:03:2a:0f:ab:a3:9f:
                    b7:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:48:85:C7:88:97:85:E1:00:F5:E8:2F:AE:2D:0C:93:B9:0A:CA:0C
            X509v3 Authority Key Identifier:
                keyid:5E:54:D5:1A:32:47:B1:7F:6F:96:A0:CC:E2:53:01:92:DC:9F:74:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlTVGjJHsX9vlqDM4lMBktyfdCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/6524f6-5320-4686-a5c3-72e1fc4a306e/1/XlTVGjJHsX9vlqDM4lMBktyfdCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:87:54:1d:84:0d:fc:c8:27:6c:c1:ba:48:d7:bf:4f:fe:56:
         17:c2:cb:8f:1d:23:7b:af:e4:c7:b2:74:b7:64:3a:be:c8:fd:
         1c:86:6d:f1:56:aa:e3:f6:a8:ab:99:86:f6:8a:d2:22:55:bc:
         a2:d8:82:25:85:39:8c:2b:79:15:e2:e4:23:a9:17:c5:b9:c6:
         23:15:69:b0:2e:1c:ff:ce:ce:44:07:ba:aa:bd:04:32:2d:8d:
         e3:9c:91:0e:d3:15:f4:93:1e:7e:2d:a0:b1:da:ca:0e:f1:d3:
         5a:97:96:1c:11:86:f6:4b:f4:45:dc:8d:ad:86:82:74:46:d0:
         79:93:70:b5:78:69:2f:f4:75:38:ae:44:af:de:1d:13:c2:cf:
         3c:27:6e:19:bc:4c:e9:cb:3d:e8:a9:c4:70:94:85:b3:61:0a:
         72:36:92:8a:e5:ec:ad:77:a4:79:6a:a1:65:2a:e0:f6:c9:18:
         bd:06:3b:3f:80:9d:83:e2:56:18:3a:07:73:36:24:c6:2b:80:
         04:40:11:a1:8a:99:1e:a4:7f:81:e7:38:45:c7:5d:77:09:43:
         e8:dd:58:25:4a:5d:98:64:79:21:31:c6:14:b9:ef:5f:b6:cf:
         60:eb:5e:47:85:75:6a:51:1a:85:09:88:e8:20:2d:f0:49:ff:
         39:4d:1c:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncrSncG3uD5VL38+XOLihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTRkNTFhMzI0N2IxN2Y2Zjk2YTBjY2UyNTMwMTkyZGM5
Zjc0MjIwHhcNMjYwMzI2MDAwMjAxWhcNMjYwMzI3MDAwMjAxWjAzMTEwLwYDVQQD
EygxZDQ4ODVjNzg4OTc4NWUxMDBmNWU4MmZhZTJkMGM5M2I5MGFjYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCR8xvaAu5JBpMvIa1xpomBB1Urf
EKyhY2mg03mD7IroefVEUMuUvl3El+t0SG2n8kHtoWZrPmBnpZ/rGm3hTUHtqrkr
EUQxx/dmxqKfR50rFI6avmXpyP6DRsLot/h336I7HzCvTaieNAK7nLjel9UZSOV2
SFEHwybwE8cvJmi3y80lRYaFgUjJwmeqnahobtp3uySraJXXCRwSWj+6kEN1k6gQ
P+NleBbyHv9kNa2AcwVO30NyzABeKaPuh5hUSpwHKydrGKnnliXrvCVIHW+6VUyw
/KC0Env3xf2pE0XRnlsms51+OfIJ8mSMxuTGqZLVpqVGqbgDKg+ro5+3OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB1IhceIl4XhAPXoL64tDJO5CsoMMB8GA1UdIwQY
MBaAFF5U1RoyR7F/b5agzOJTAZLcn3QiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy82NTI0ZjYtNTMyMC00Njg2LWE1YzMt
NzJlMWZjNGEzMDZlLzEvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy82NTI0ZjYtNTMyMC00Njg2LWE1YzMtNzJlMWZjNGEzMDZl
LzEvWGxUVkdqSkhzWDl2bHFETTRsTUJrdHlmZENJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYodUHYQN
/MgnbMG6SNe/T/5WF8LLjx0je6/kx7J0t2Q6vsj9HIZt8Vaq4/aoq5mG9orSIlW8
otiCJYU5jCt5FeLkI6kXxbnGIxVpsC4c/87ORAe6qr0EMi2N45yRDtMV9JMefi2g
sdrKDvHTWpeWHBGG9kv0RdyNrYaCdEbQeZNwtXhpL/R1OK5Er94dE8LPPCduGbxM
6cs96KnEcJSFs2EKcjaSiuXsrXekeWqhZSrg9skYvQY7P4Cdg+JWGDoHczYkxiuA
BEARoYqZHqR/gec4RcdddwlD6N1YJUpdmGR5ITHGFLnvX7bPYOteR4V1alEahQmI
6CAt8En/OU0cRQ==
-----END CERTIFICATE-----