Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
File:                     XOackdRTOWv6Fm8FG_jwbAOghcs.mft (raw, json)
Hash identifier:          AR3i43s9Uy64NRJsmUWSofOy2Z3/bObg5zD1aALtI9s=
Subject key identifier:   B2:B8:EB:85:CA:3D:A5:03:89:C6:49:AF:E5:48:7A:16:21:54:45:D7
Authority key identifier: 5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB
Certificate issuer:       /CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
Certificate serial:       019D3865C7033FB5AB43FD9BE63C73352461
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
Manifest number:          0D9B
Signing time:             Sun 29 Mar 2026 07:01:27 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:27 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:27 +0000
Files and hashes:         1: XOackdRTOWv6Fm8FG_jwbAOghcs.crl (hash: 6FlfD4l9KKhCYDL6AbV7bOoB5OAsKAjq/fhQjJjQrrE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:c7:03:3f:b5:ab:43:fd:9b:e6:3c:73:35:24:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
        Validity
            Not Before: Mar 29 07:01:27 2026 GMT
            Not After : Mar 30 07:01:27 2026 GMT
        Subject: CN=b2b8eb85ca3da50389c649afe5487a16215445d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:19:0f:af:6c:1c:19:f1:2c:85:a4:7c:86:af:
                    cb:fc:a0:2d:20:b1:4e:03:4d:7c:ba:d7:3e:4d:79:
                    98:99:9a:ba:70:7d:62:b2:1f:d6:bb:21:05:d5:0e:
                    bf:0f:12:bc:69:e4:4f:59:2c:83:6d:4a:ab:f8:48:
                    b2:be:3e:be:ee:34:91:ad:96:74:7b:25:1b:e8:97:
                    be:00:bf:d4:04:84:68:bd:6c:ad:e5:86:38:f5:17:
                    dd:e7:13:0d:11:14:ef:fe:76:ad:ff:4f:38:b7:e0:
                    09:2a:3e:16:b2:7c:18:4b:e1:74:6d:63:ed:73:db:
                    62:5d:fb:6f:f1:74:33:42:3a:7e:f3:e5:2d:aa:57:
                    39:e4:7d:9a:cf:20:e5:15:8b:30:fe:00:83:ab:21:
                    24:53:bb:64:0d:96:35:ff:a3:66:a2:fa:2a:38:91:
                    4d:0b:e3:96:2d:e6:1b:22:26:2d:b5:79:11:7d:24:
                    cc:e3:7f:42:73:4e:24:ee:f6:66:fd:d7:4e:be:e4:
                    b5:d6:66:50:55:86:63:45:6f:7d:b4:af:f6:ae:e0:
                    33:0f:70:34:7b:a5:d3:2d:82:45:54:fd:78:c0:3a:
                    21:82:d6:23:b2:bc:24:ce:bd:25:0b:3b:92:38:7b:
                    0b:7c:ee:c8:ac:87:0b:ad:76:65:9c:22:7f:e7:b4:
                    8d:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:B8:EB:85:CA:3D:A5:03:89:C6:49:AF:E5:48:7A:16:21:54:45:D7
            X509v3 Authority Key Identifier:
                keyid:5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:fc:fc:6c:9a:ff:dd:28:9b:32:61:29:43:60:93:20:ac:04:
         83:fd:cc:d9:12:ba:84:b5:c5:83:26:c6:c7:0e:8e:a5:2a:74:
         16:ab:85:eb:25:fa:0e:47:71:85:03:6f:a9:8f:4f:78:a1:98:
         31:21:ba:72:23:c0:a4:42:d5:40:14:ad:9d:a8:f0:58:c5:d2:
         28:fd:f8:d8:6d:ea:9a:8b:d4:26:c4:9c:55:82:97:3a:67:d5:
         42:70:81:7a:f4:5f:fc:9c:8f:a5:ed:0f:9e:66:db:53:dc:7e:
         d9:70:4f:30:98:15:11:80:c8:a3:67:3e:0d:7a:f4:79:d7:1c:
         68:fc:c9:79:0c:1c:0d:12:43:94:ca:e0:da:84:28:3c:78:0b:
         f6:e7:c1:55:59:62:ac:3d:a4:e8:46:52:0a:ba:d8:75:81:4e:
         2a:f2:a2:cd:cc:f5:ec:3f:f4:77:ca:ab:ae:32:2c:45:04:82:
         0d:3e:db:9f:4c:f1:d2:b3:ab:62:9b:52:d5:63:2b:d5:c4:cd:
         c9:e7:0c:30:f1:9d:24:d3:9c:0c:f2:3c:25:ca:62:91:46:b6:
         64:7e:bb:b8:fc:7a:21:cd:f8:89:d1:3b:70:d8:84:dd:2e:92:
         16:e2:97:a9:2e:c4:29:24:6c:2a:3a:96:6e:95:30:22:36:f0:
         c3:d2:d7:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZccDP7WrQ/2b5jxzNSRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZTY5YzkxZDQ1MzM5NmJmYTE2NmYwNTFiZjhmMDZjMDNh
MDg1Y2IwHhcNMjYwMzI5MDcwMTI3WhcNMjYwMzMwMDcwMTI3WjAzMTEwLwYDVQQD
EyhiMmI4ZWI4NWNhM2RhNTAzODljNjQ5YWZlNTQ4N2ExNjIxNTQ0NWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RkPr2wcGfEshaR8hq/L/KAtILFO
A018utc+TXmYmZq6cH1ish/WuyEF1Q6/DxK8aeRPWSyDbUqr+Eiyvj6+7jSRrZZ0
eyUb6Je+AL/UBIRovWyt5YY49Rfd5xMNERTv/nat/084t+AJKj4WsnwYS+F0bWPt
c9tiXftv8XQzQjp+8+Utqlc55H2azyDlFYsw/gCDqyEkU7tkDZY1/6NmovoqOJFN
C+OWLeYbIiYttXkRfSTM439Cc04k7vZm/ddOvuS11mZQVYZjRW99tK/2ruAzD3A0
e6XTLYJFVP14wDohgtYjsrwkzr0lCzuSOHsLfO7IrIcLrXZlnCJ/57SNAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLK464XKPaUDicZJr+VIehYhVEXXMB8GA1UdIwQY
MBaAFFzmnJHUUzlr+hZvBRv48GwDoIXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQt
YTU5N2VlNjM3ZGI0LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQtYTU5N2VlNjM3ZGI0
LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHPz8bJr/
3SibMmEpQ2CTIKwEg/3M2RK6hLXFgybGxw6OpSp0FquF6yX6DkdxhQNvqY9PeKGY
MSG6ciPApELVQBStnajwWMXSKP342G3qmovUJsScVYKXOmfVQnCBevRf/JyPpe0P
nmbbU9x+2XBPMJgVEYDIo2c+DXr0edccaPzJeQwcDRJDlMrg2oQoPHgL9ufBVVli
rD2k6EZSCrrYdYFOKvKizcz17D/0d8qrrjIsRQSCDT7bn0zx0rOrYptS1WMr1cTN
yecMMPGdJNOcDPI8JcpikUa2ZH67uPx6Ic34idE7cNiE3S6SFuKXqS7EKSRsKjqW
bpUwIjbww9LXiQ==
-----END CERTIFICATE-----