Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File:                     XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier:          xxtg0PzCOA6odkJLsEN9A8Scc+TPWH4KM+Qbhidkhxc=
Subject key identifier:   43:FA:7C:1F:46:DD:0B:64:5D:AC:0A:C4:DC:5F:BB:BC:2A:74:A7:45
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer:       /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial:       019D3865FF6FD2903F2DE9842CE6BA5C9A4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:01:41 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:41 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:41 +0000
Files and hashes:         1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: ynlDGKRrZlEDzug5BeJhSML9T375MNKtMvYLcNy2vmk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:ff:6f:d2:90:3f:2d:e9:84:2c:e6:ba:5c:9a:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
        Validity
            Not Before: Mar 29 07:01:41 2026 GMT
            Not After : Mar 30 07:01:41 2026 GMT
        Subject: CN=43fa7c1f46dd0b645dac0ac4dc5fbbbc2a74a745
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:fc:f2:44:7b:51:64:51:b1:d1:bd:9a:41:ad:
                    06:e0:a6:c1:c4:b3:2d:32:a1:43:ff:01:72:32:ef:
                    60:7d:a7:0d:e4:3b:c0:45:7a:48:86:82:63:0f:9e:
                    c4:d0:7c:ee:6d:3e:19:04:80:e8:d0:84:ba:85:23:
                    46:f7:83:9c:7e:32:26:40:c4:c9:00:89:12:63:7a:
                    54:94:8d:53:44:39:79:02:05:0a:78:e1:89:35:e8:
                    42:c4:6d:35:bc:ae:5f:a8:3d:37:45:f2:c6:f6:6d:
                    67:5e:67:02:22:ae:37:43:87:43:af:b0:e0:66:ce:
                    01:5a:21:fe:10:1f:e3:d8:b7:c8:02:31:66:90:d8:
                    88:e2:3f:1d:64:e7:4a:92:67:e5:23:ba:be:e4:38:
                    f5:f8:31:8a:4a:6f:2d:67:cc:15:0e:88:20:b7:08:
                    a1:5e:84:99:e2:54:8e:c9:27:65:af:a4:dc:3c:0c:
                    1e:1b:89:d6:e8:86:8b:2f:58:fa:8f:c5:b7:1a:74:
                    9c:94:04:d8:d0:06:7c:ab:82:c6:58:35:e2:f0:c7:
                    08:3e:66:ce:fd:a5:2b:e3:8b:18:d2:49:54:12:ca:
                    d3:26:f5:1a:a9:68:7d:8a:5b:f0:ff:0d:90:28:23:
                    f6:5b:1a:92:8d:8b:ce:f5:c0:87:55:8f:97:e1:e0:
                    45:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:FA:7C:1F:46:DD:0B:64:5D:AC:0A:C4:DC:5F:BB:BC:2A:74:A7:45
            X509v3 Authority Key Identifier:
                keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:a4:9d:4d:6b:e1:c3:eb:ed:f7:bf:cc:9b:df:5c:d2:ad:2d:
         e0:e7:b8:40:4b:b6:b7:3f:d4:1b:1e:c6:86:04:32:ea:2c:41:
         23:33:e6:40:77:4c:9a:d9:32:ff:29:21:e4:5a:c7:59:45:94:
         c7:fc:97:5b:bf:87:23:21:a2:10:37:b1:d7:b1:0a:5f:63:a2:
         48:e3:0e:3c:26:a1:af:f5:12:ef:da:4f:a9:aa:5e:54:af:07:
         ba:8f:78:45:97:e1:7b:d2:82:39:3f:09:7d:fc:c7:db:30:05:
         e3:96:1c:43:72:86:07:d7:67:59:bd:98:a0:8c:21:c9:77:11:
         a4:89:89:f0:74:d8:bf:d2:a3:da:ed:dc:44:4f:51:6b:5f:52:
         a9:82:5c:5a:6e:73:05:f9:91:df:6a:f6:bc:a6:6a:2e:c3:cd:
         89:12:21:6f:f9:fa:72:98:bb:88:de:36:44:ea:0d:18:f7:5e:
         11:f6:95:27:66:cc:1b:15:bf:18:27:fb:e3:2b:55:9f:50:fd:
         59:8b:9a:c1:2f:48:a3:8b:d5:fb:6d:1e:02:47:79:bb:3f:22:
         aa:df:90:99:4f:2e:d6:89:3f:a7:64:b5:49:af:34:67:8e:86:
         53:5a:88:2f:81:ab:86:ae:45:4c:68:3b:3c:97:d0:37:34:6a:
         01:23:12:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zf9v0pA/LemELOa6XJpKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjYwMzI5MDcwMTQxWhcNMjYwMzMwMDcwMTQxWjAzMTEwLwYDVQQD
Eyg0M2ZhN2MxZjQ2ZGQwYjY0NWRhYzBhYzRkYzVmYmJiYzJhNzRhNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/zyRHtRZFGx0b2aQa0G4KbBxLMt
MqFD/wFyMu9gfacN5DvARXpIhoJjD57E0HzubT4ZBIDo0IS6hSNG94OcfjImQMTJ
AIkSY3pUlI1TRDl5AgUKeOGJNehCxG01vK5fqD03RfLG9m1nXmcCIq43Q4dDr7Dg
Zs4BWiH+EB/j2LfIAjFmkNiI4j8dZOdKkmflI7q+5Dj1+DGKSm8tZ8wVDoggtwih
XoSZ4lSOySdlr6TcPAweG4nW6IaLL1j6j8W3GnSclATY0AZ8q4LGWDXi8McIPmbO
/aUr44sY0klUEsrTJvUaqWh9ilvw/w2QKCP2WxqSjYvO9cCHVY+X4eBF4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEP6fB9G3QtkXawKxNxfu7wqdKdFMB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR6SdTWvh
w+vt97/Mm99c0q0t4Oe4QEu2tz/UGx7GhgQy6ixBIzPmQHdMmtky/ykh5FrHWUWU
x/yXW7+HIyGiEDex17EKX2OiSOMOPCahr/US79pPqapeVK8Huo94RZfhe9KCOT8J
ffzH2zAF45YcQ3KGB9dnWb2YoIwhyXcRpImJ8HTYv9Kj2u3cRE9Ra19SqYJcWm5z
BfmR32r2vKZqLsPNiRIhb/n6cpi7iN42ROoNGPdeEfaVJ2bMGxW/GCf74ytVn1D9
WYuawS9Io4vV+20eAkd5uz8iqt+QmU8u1ok/p2S1Sa80Z46GU1qIL4Grhq5FTGg7
PJfQNzRqASMSDA==
-----END CERTIFICATE-----