Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          D0ahK9FZUwS1LcsWERHmEq3EVHERGDuAHW/ogjNZIQ4=
Subject key identifier:   74:CB:5A:36:68:1E:6E:16:CA:B9:62:E4:56:06:02:27:03:DA:43:F7
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       019D378978AB68B23980875FF958C823A4A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          04D6
Signing time:             Sun 29 Mar 2026 03:00:49 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:49 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:49 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: t7kecq24snm68Prv+mQh3w27lb2xAGDJRWccZfQVaCg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:78:ab:68:b2:39:80:87:5f:f9:58:c8:23:a4:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: Mar 29 03:00:49 2026 GMT
            Not After : Mar 30 03:00:49 2026 GMT
        Subject: CN=74cb5a36681e6e16cab962e45606022703da43f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:00:a2:25:4b:97:fd:ff:8f:0e:99:19:c1:d3:
                    41:52:2f:66:e4:28:fb:2c:eb:ec:ca:8c:96:c6:5c:
                    d4:b0:e4:44:73:3f:91:03:a4:22:e6:6f:86:f5:e0:
                    b2:0a:f3:60:42:d2:d2:3e:a3:ce:ea:50:c9:29:df:
                    3f:05:71:5c:2f:2b:a1:70:6e:98:8f:2e:56:79:83:
                    39:22:c6:7e:81:b2:74:d1:30:e5:6e:50:c2:40:92:
                    3d:13:39:5a:03:e9:50:87:59:ef:fb:d3:e5:04:cd:
                    53:92:68:e1:58:34:ef:17:b1:1e:2a:64:de:1f:41:
                    ae:f9:70:fb:9d:2a:65:45:d2:a0:e1:30:a5:95:b1:
                    85:c2:7e:e5:37:23:a7:a4:fa:90:be:b3:2d:76:28:
                    4e:a1:ca:1a:cd:e7:e1:d7:ac:b5:bf:9b:78:bc:21:
                    64:5f:d7:c2:ec:de:d1:f6:6f:90:3f:8f:8b:2c:7c:
                    ed:dc:9d:9a:bd:07:c8:63:a2:a7:41:86:82:de:27:
                    a6:71:10:49:ce:27:1c:1b:a4:43:e0:40:1e:87:9c:
                    bd:4e:1e:37:87:4b:7d:d6:9c:b2:5a:ad:e5:63:c7:
                    55:e2:2f:ef:c8:0f:e9:18:49:94:c4:45:82:f3:c4:
                    e6:9a:45:28:a6:71:04:cf:7a:cd:ce:e9:55:64:13:
                    da:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:CB:5A:36:68:1E:6E:16:CA:B9:62:E4:56:06:02:27:03:DA:43:F7
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:7f:c0:19:a0:67:5b:96:61:1a:52:c4:a0:4b:a0:f4:53:65:
         13:4a:a6:31:8e:d0:46:83:19:77:ef:ff:52:d4:d2:86:0b:e6:
         70:cd:f5:9f:96:da:8b:4f:7e:3b:24:ea:7d:c9:25:68:11:93:
         cf:28:cd:96:bb:68:88:50:b3:bd:5e:f5:f8:1e:f2:26:0e:2f:
         ff:32:c2:45:7a:8a:36:57:fd:c0:a0:94:13:b2:b5:65:c9:44:
         f4:bd:06:9d:87:dd:01:75:94:e1:ed:a0:8a:b4:d0:de:30:14:
         cf:f2:66:ea:1f:1a:50:ee:4f:81:6e:01:48:78:00:69:86:d4:
         9d:97:96:df:b7:c9:4a:83:e9:3e:4e:bc:5a:b8:d0:c9:97:c7:
         b6:89:35:b9:35:47:40:e6:91:e5:ea:5a:9d:03:63:85:8e:82:
         6a:6b:93:b2:0d:06:e5:2d:06:00:24:0e:db:34:0e:f0:56:a1:
         d5:1a:ac:57:0c:4d:83:4f:82:6d:ed:1f:0a:fd:cf:98:2e:ac:
         b6:94:20:93:1b:fa:6b:be:e1:1a:c1:1d:6b:ae:db:1c:e3:3c:
         ec:8e:ff:b4:a4:87:cc:b5:2c:13:84:dc:04:1a:cc:e0:76:2d:
         d2:d5:92:38:e6:2d:77:9d:9f:4f:ef:91:5d:9c:c1:da:0f:43:
         78:97:19:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iXiraLI5gIdf+VjII6ShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjYwMzI5MDMwMDQ5WhcNMjYwMzMwMDMwMDQ5WjAzMTEwLwYDVQQD
Eyg3NGNiNWEzNjY4MWU2ZTE2Y2FiOTYyZTQ1NjA2MDIyNzAzZGE0M2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wCiJUuX/f+PDpkZwdNBUi9m5Cj7
LOvsyoyWxlzUsOREcz+RA6Qi5m+G9eCyCvNgQtLSPqPO6lDJKd8/BXFcLyuhcG6Y
jy5WeYM5IsZ+gbJ00TDlblDCQJI9EzlaA+lQh1nv+9PlBM1TkmjhWDTvF7EeKmTe
H0Gu+XD7nSplRdKg4TCllbGFwn7lNyOnpPqQvrMtdihOocoazefh16y1v5t4vCFk
X9fC7N7R9m+QP4+LLHzt3J2avQfIY6KnQYaC3iemcRBJziccG6RD4EAeh5y9Th43
h0t91pyyWq3lY8dV4i/vyA/pGEmUxEWC88TmmkUopnEEz3rNzulVZBPagwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTLWjZoHm4Wyrli5FYGAicD2kP3MB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnH/AGaBn
W5ZhGlLEoEug9FNlE0qmMY7QRoMZd+//UtTShgvmcM31n5bai09+OyTqfcklaBGT
zyjNlrtoiFCzvV71+B7yJg4v/zLCRXqKNlf9wKCUE7K1ZclE9L0GnYfdAXWU4e2g
irTQ3jAUz/Jm6h8aUO5PgW4BSHgAaYbUnZeW37fJSoPpPk68WrjQyZfHtok1uTVH
QOaR5epanQNjhY6CamuTsg0G5S0GACQO2zQO8Fah1RqsVwxNg0+Cbe0fCv3PmC6s
tpQgkxv6a77hGsEda67bHOM87I7/tKSHzLUsE4TcBBrM4HYt0tWSOOYtd52fT++R
XZzB2g9DeJcZHQ==
-----END CERTIFICATE-----