Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
File:                     XZOOJrKYSy-hYarAewS9uFCq3RY.mft (raw, json)
Hash identifier:          NNjfMPowjqLpy3xm08u++qjOULzgdR86tTU9qpgQMhE=
Subject key identifier:   05:52:92:3B:3C:60:02:48:00:11:94:57:07:42:94:E2:D1:39:B4:83
Authority key identifier: 5D:93:8E:26:B2:98:4B:2F:A1:61:AA:C0:7B:04:BD:B8:50:AA:DD:16
Certificate issuer:       /CN=5d938e26b2984b2fa161aac07b04bdb850aadd16
Certificate serial:       019D37529C0CE224C0B096CD177A5DB3169A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
Manifest number:          0C74
Signing time:             Sun 29 Mar 2026 02:00:53 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:53 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:53 +0000
Files and hashes:         1: XZOOJrKYSy-hYarAewS9uFCq3RY.crl (hash: kentXH7Pp+jaaJXjw+7B2DRpFwlIXOGbI4o2LkBdpFs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:9c:0c:e2:24:c0:b0:96:cd:17:7a:5d:b3:16:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d938e26b2984b2fa161aac07b04bdb850aadd16
        Validity
            Not Before: Mar 29 02:00:53 2026 GMT
            Not After : Mar 30 02:00:53 2026 GMT
        Subject: CN=0552923b3c60024800119457074294e2d139b483
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:5d:ce:21:62:d0:b2:0e:6e:a8:fb:71:17:67:
                    70:d3:2f:6a:f2:50:ad:81:91:d0:62:74:ab:7f:ea:
                    a2:a5:70:9f:c8:cb:22:cb:39:52:8a:1c:8c:b6:da:
                    24:d6:4f:c6:7c:18:2f:d0:e9:15:99:b7:1e:46:a3:
                    9c:fa:34:f8:e8:fc:80:19:4e:dc:b5:19:db:21:0c:
                    37:3d:ed:a4:06:77:5c:61:01:f3:64:00:5e:ad:6b:
                    f4:bd:de:85:7d:48:d8:0b:f1:05:93:ab:1d:b3:df:
                    fa:55:f8:8d:ba:1e:9e:d6:03:c2:bf:fd:ae:e0:c2:
                    1d:71:70:d1:24:17:1b:40:06:60:4d:e1:cd:31:be:
                    8a:78:bd:30:29:31:98:a4:82:f3:4d:7a:39:68:9c:
                    9b:01:ce:a0:ec:7f:45:2c:45:1b:df:24:2b:67:2c:
                    7a:f3:c1:6c:4f:43:b5:24:77:a2:bc:45:cc:4c:a7:
                    8a:c3:d9:83:59:ea:99:8c:dc:a7:e0:74:40:73:19:
                    41:82:7c:fd:1b:fb:a0:5e:d5:ff:61:7d:b3:5e:2d:
                    11:c6:16:83:a6:0a:a8:ae:33:4b:0e:9a:88:c0:d0:
                    e5:ca:d5:ae:7d:7a:e3:db:ab:3c:c9:cd:9a:ec:22:
                    d2:0c:ab:7b:37:ec:77:92:9c:49:ea:2e:b0:11:c0:
                    12:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:52:92:3B:3C:60:02:48:00:11:94:57:07:42:94:E2:D1:39:B4:83
            X509v3 Authority Key Identifier:
                keyid:5D:93:8E:26:B2:98:4B:2F:A1:61:AA:C0:7B:04:BD:B8:50:AA:DD:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:fc:b9:34:cf:8a:ed:c3:69:76:15:83:75:b2:1a:ca:43:7c:
         db:21:98:92:a5:49:0b:49:d8:1c:a4:5e:fd:e1:31:52:60:38:
         8b:d0:3c:75:dd:16:61:94:7d:d5:8f:11:ed:c0:54:63:70:f7:
         b1:7b:62:0f:b9:73:c1:ff:70:ca:86:04:cd:ad:cc:93:f1:91:
         5f:5c:89:92:eb:61:40:92:ea:52:28:4f:ec:77:38:0c:5d:61:
         35:26:44:b5:4a:f5:fc:a0:d1:93:11:72:66:dd:67:79:97:be:
         aa:b7:16:a5:31:33:54:3e:09:ac:a2:e2:ad:0b:e7:47:c2:9e:
         1e:60:91:58:e4:87:1c:e4:b0:b6:49:9e:c4:08:a2:05:9e:61:
         9a:3e:02:04:e8:34:29:fe:68:b8:79:fd:8d:40:3d:0f:c1:f3:
         5e:ab:c6:eb:2e:18:92:a7:5a:b7:0e:c0:11:64:99:68:9f:6b:
         e4:5d:1f:59:1d:30:e9:1b:6f:6c:87:b3:7b:7e:3d:cc:59:00:
         ee:0d:e1:75:d9:10:43:7e:27:19:2b:a5:89:a9:4b:b9:ab:3d:
         5c:70:0d:41:ba:50:45:f6:ee:c9:3b:3a:0b:40:d7:2e:dd:51:
         32:67:6a:46:35:5e:f9:52:09:86:02:b6:ea:eb:9c:a5:5a:ff:
         11:48:71:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UpwM4iTAsJbNF3pdsxaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOTM4ZTI2YjI5ODRiMmZhMTYxYWFjMDdiMDRiZGI4NTBh
YWRkMTYwHhcNMjYwMzI5MDIwMDUzWhcNMjYwMzMwMDIwMDUzWjAzMTEwLwYDVQQD
EygwNTUyOTIzYjNjNjAwMjQ4MDAxMTk0NTcwNzQyOTRlMmQxMzliNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz13OIWLQsg5uqPtxF2dw0y9q8lCt
gZHQYnSrf+qipXCfyMsiyzlSihyMttok1k/GfBgv0OkVmbceRqOc+jT46PyAGU7c
tRnbIQw3Pe2kBndcYQHzZABerWv0vd6FfUjYC/EFk6sds9/6VfiNuh6e1gPCv/2u
4MIdcXDRJBcbQAZgTeHNMb6KeL0wKTGYpILzTXo5aJybAc6g7H9FLEUb3yQrZyx6
88FsT0O1JHeivEXMTKeKw9mDWeqZjNyn4HRAcxlBgnz9G/ugXtX/YX2zXi0RxhaD
pgqorjNLDpqIwNDlytWufXrj26s8yc2a7CLSDKt7N+x3kpxJ6i6wEcASTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAVSkjs8YAJIABGUVwdClOLRObSDMB8GA1UdIwQY
MBaAFF2TjiaymEsvoWGqwHsEvbhQqt0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xYmU5ZjEtNWM0OC00NDI3LWEyYjEt
NmVjN2RiZTI3YmIzLzEvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xYmU5ZjEtNWM0OC00NDI3LWEyYjEtNmVjN2RiZTI3YmIz
LzEvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgPy5NM+K
7cNpdhWDdbIaykN82yGYkqVJC0nYHKRe/eExUmA4i9A8dd0WYZR91Y8R7cBUY3D3
sXtiD7lzwf9wyoYEza3Mk/GRX1yJkuthQJLqUihP7Hc4DF1hNSZEtUr1/KDRkxFy
Zt1neZe+qrcWpTEzVD4JrKLirQvnR8KeHmCRWOSHHOSwtkmexAiiBZ5hmj4CBOg0
Kf5ouHn9jUA9D8HzXqvG6y4Ykqdatw7AEWSZaJ9r5F0fWR0w6RtvbIeze349zFkA
7g3hddkQQ34nGSulialLuas9XHANQbpQRfbuyTs6C0DXLt1RMmdqRjVe+VIJhgK2
6uucpVr/EUhxkg==
-----END CERTIFICATE-----