Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          A6/zjF/aH7YDQMJGcrL7qr3EF8ZoZaOs8QZmvUD0Guk=
Subject key identifier:   77:5F:9A:21:53:E4:38:C4:04:02:E8:5E:33:77:2F:8B:E1:12:C3:DC
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       019D3752517B2D4A3881F6DB6CF427AC2B2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          0929
Signing time:             Sun 29 Mar 2026 02:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:34 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: Iz36cyy9hNMl6H2C66Fq1XtEiB4huVU3w5Ukd/uisBk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:51:7b:2d:4a:38:81:f6:db:6c:f4:27:ac:2b:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Mar 29 02:00:34 2026 GMT
            Not After : Mar 30 02:00:34 2026 GMT
        Subject: CN=775f9a2153e438c40402e85e33772f8be112c3dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:80:fa:e8:2d:f6:33:03:1b:1a:bd:b9:7b:8f:
                    81:e8:e7:8c:16:9a:67:db:90:7e:77:9c:81:c3:70:
                    9a:28:bf:08:d4:0e:52:4d:7f:92:ee:22:88:a0:aa:
                    15:6a:a1:b0:da:90:eb:29:c3:88:83:75:40:92:a2:
                    fc:0b:9b:c9:b0:8f:9a:3b:19:37:30:94:23:9a:90:
                    ff:77:d7:df:09:69:ea:34:c4:66:9b:7d:f0:ff:9b:
                    3f:8b:b5:1f:8a:c8:08:2f:e9:36:20:66:90:b8:aa:
                    b4:ba:6e:a4:3d:06:a9:2f:51:25:ec:45:13:a7:32:
                    16:c2:6b:ee:d5:d3:a1:17:48:c5:08:3b:22:84:aa:
                    8f:28:ed:04:ab:b7:e8:2e:ac:ca:f0:7f:df:63:ac:
                    53:05:fa:ab:3f:73:f0:9b:61:0f:ce:6f:72:30:9e:
                    a2:ed:03:b9:57:f6:6a:ed:01:ec:01:e2:4a:f2:7d:
                    8b:12:85:f2:71:dd:9a:f6:b7:21:48:f2:b4:35:59:
                    a6:d8:82:7f:3f:54:15:85:59:9b:4b:94:71:fd:df:
                    19:78:a2:1c:df:00:37:f0:86:20:7a:2f:0b:0d:b3:
                    22:c6:44:c4:5d:24:fd:f3:d9:cb:1c:e3:2d:a2:c0:
                    91:e1:ab:e3:07:90:f4:1b:6a:71:6b:e4:45:29:1b:
                    16:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:5F:9A:21:53:E4:38:C4:04:02:E8:5E:33:77:2F:8B:E1:12:C3:DC
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:0c:6c:38:bf:05:df:03:8c:83:5a:44:83:d1:4b:83:7e:82:
         ce:42:21:87:7c:60:92:a4:87:4f:1b:31:7d:0a:90:17:91:6c:
         2e:c6:ff:37:2c:87:11:a8:20:94:f0:d2:2b:29:79:89:b0:ae:
         ba:2a:1d:b2:6f:4c:9f:59:69:b3:7e:82:57:d0:7e:b1:8a:04:
         a7:dc:62:7c:a2:db:bd:04:32:82:06:8e:b0:ab:39:05:db:5b:
         7c:a0:84:0b:77:06:c8:cf:49:bc:b9:e4:02:11:5c:56:04:5b:
         96:1b:f3:ad:d5:16:0a:c5:eb:ed:2e:58:02:ae:86:d3:5e:ff:
         b8:d7:aa:aa:49:b0:45:f5:49:e4:67:83:9e:ce:ce:99:8b:4f:
         03:42:0e:87:b1:a2:44:07:3c:3c:94:33:c3:f5:61:19:61:78:
         40:f1:ec:48:a5:59:80:62:e9:33:ff:b2:16:49:f3:37:14:71:
         85:c3:cd:a1:b8:90:fa:a5:49:fd:25:78:dd:56:e4:89:9b:0b:
         72:37:5d:86:8e:a5:3d:bc:5d:c7:d5:7f:fa:53:8e:98:4e:52:
         1b:64:af:83:49:db:3e:bb:9a:8b:bb:ab:34:91:5d:28:28:79:
         1b:2b:5f:a0:de:e1:07:13:6b:dd:e8:c2:df:d3:e6:74:a4:80:
         6c:df:e9:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UlF7LUo4gfbbbPQnrCsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjYwMzI5MDIwMDM0WhcNMjYwMzMwMDIwMDM0WjAzMTEwLwYDVQQD
Eyg3NzVmOWEyMTUzZTQzOGM0MDQwMmU4NWUzMzc3MmY4YmUxMTJjM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4D66C32MwMbGr25e4+B6OeMFppn
25B+d5yBw3CaKL8I1A5STX+S7iKIoKoVaqGw2pDrKcOIg3VAkqL8C5vJsI+aOxk3
MJQjmpD/d9ffCWnqNMRmm33w/5s/i7UfisgIL+k2IGaQuKq0um6kPQapL1El7EUT
pzIWwmvu1dOhF0jFCDsihKqPKO0Eq7foLqzK8H/fY6xTBfqrP3Pwm2EPzm9yMJ6i
7QO5V/Zq7QHsAeJK8n2LEoXycd2a9rchSPK0NVmm2IJ/P1QVhVmbS5Rx/d8ZeKIc
3wA38IYgei8LDbMixkTEXST989nLHOMtosCR4avjB5D0G2pxa+RFKRsWQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdfmiFT5DjEBALoXjN3L4vhEsPcMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqQxsOL8F
3wOMg1pEg9FLg36CzkIhh3xgkqSHTxsxfQqQF5FsLsb/NyyHEagglPDSKyl5ibCu
uiodsm9Mn1lps36CV9B+sYoEp9xifKLbvQQyggaOsKs5BdtbfKCEC3cGyM9JvLnk
AhFcVgRblhvzrdUWCsXr7S5YAq6G017/uNeqqkmwRfVJ5GeDns7OmYtPA0IOh7Gi
RAc8PJQzw/VhGWF4QPHsSKVZgGLpM/+yFknzNxRxhcPNobiQ+qVJ/SV43VbkiZsL
cjddho6lPbxdx9V/+lOOmE5SG2Svg0nbPruai7urNJFdKCh5GytfoN7hBxNr3ejC
39PmdKSAbN/p5g==
-----END CERTIFICATE-----