Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          ohoRZOdqK6lMBko+giwVm2U5qlXg8R7Z3FArM0zaIwE=
Subject key identifier:   67:CB:94:4A:54:AF:65:79:10:92:0D:41:EA:5B:9C:DF:B6:D2:4D:73
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       019D37C056AC3A3A1D61F980C9FE47C7203A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          0D71
Signing time:             Sun 29 Mar 2026 04:00:45 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:45 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:45 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: wYAtgXJQvU1Dr99sloP20G8gbagF1elMtsqvKPXWvhk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:56:ac:3a:3a:1d:61:f9:80:c9:fe:47:c7:20:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: Mar 29 04:00:45 2026 GMT
            Not After : Mar 30 04:00:45 2026 GMT
        Subject: CN=67cb944a54af657910920d41ea5b9cdfb6d24d73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:52:ca:79:a4:09:c1:13:91:f5:87:39:82:d0:
                    14:e3:22:d1:e5:0c:ad:bf:c0:f2:71:1d:64:b5:c7:
                    66:fd:d3:38:c9:f9:f5:c3:1b:32:0c:cd:36:10:77:
                    da:56:6b:bb:d1:21:3e:a0:93:a0:6d:48:c7:2c:76:
                    5f:1c:a9:cf:8e:2a:5f:d1:45:bf:88:c3:1d:40:d0:
                    40:ef:83:a1:0b:0d:f2:a8:d8:11:f1:cf:9f:5e:bb:
                    f4:93:8c:64:ff:d5:0c:1a:9b:bd:fb:87:56:60:bf:
                    20:49:b4:98:9d:e9:97:d8:86:92:75:f2:98:e4:37:
                    1f:b2:8e:19:9b:e7:6c:9a:d8:0b:52:2c:6b:5a:4e:
                    58:70:85:a4:68:54:98:5d:70:2d:65:c1:84:d2:4a:
                    75:ae:e3:93:08:41:28:f3:b5:06:8e:15:35:77:93:
                    ca:6d:1e:1c:c3:8c:c9:93:99:a2:20:bb:0b:f7:19:
                    58:1f:14:90:90:26:44:2b:02:1e:4c:ac:da:3d:42:
                    90:01:b1:60:af:e7:f6:80:ef:29:be:5b:89:90:9b:
                    e7:f5:ce:1b:70:94:f9:ca:52:18:36:55:66:2c:b7:
                    78:a1:24:42:d0:50:d4:dd:7e:cd:51:93:38:7c:a5:
                    0c:11:1e:ba:75:26:55:bd:e2:03:89:33:11:35:ae:
                    2f:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:CB:94:4A:54:AF:65:79:10:92:0D:41:EA:5B:9C:DF:B6:D2:4D:73
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:b5:2c:26:ee:f7:c5:90:74:d0:69:8c:6a:f0:f3:ac:ad:a7:
         9b:73:14:bb:d7:38:04:23:98:09:ec:eb:c8:fb:53:01:11:88:
         39:49:fa:a4:79:ef:fc:7f:8b:cd:12:4e:b1:21:3b:ab:93:18:
         c0:c4:1f:11:5a:04:03:03:42:52:80:ef:d2:d9:b3:ca:06:c5:
         92:80:1f:ed:47:bf:c9:ec:cd:49:d1:0d:fc:cb:53:78:a2:be:
         dc:70:46:8a:cd:06:a7:aa:10:9a:60:f2:ea:a4:07:2e:44:60:
         93:16:be:32:dd:16:0f:3f:3f:8a:8e:bf:f1:53:86:9f:94:1c:
         ba:88:e1:6f:8f:1a:48:8a:89:e0:74:09:2c:f3:f4:15:ab:9d:
         40:74:f9:77:b2:db:6a:72:69:4b:c3:3d:3d:8f:65:7c:ab:84:
         a4:50:a6:b8:ab:1f:e1:6a:0e:1a:0e:89:7c:84:3a:4e:75:fb:
         87:47:ad:a4:f2:7b:29:ed:40:c9:67:d6:93:48:75:ec:8f:e5:
         15:0e:01:50:bf:2a:32:11:40:76:4d:db:29:0d:32:07:f0:c7:
         53:9b:97:c4:47:75:30:91:23:9a:2f:45:d0:d0:ec:71:99:f6:
         c5:7b:ba:37:e8:bd:18:3a:91:92:5e:19:6f:0b:a8:4d:49:ca:
         07:e0:a5:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wFasOjodYfmAyf5HxyA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjYwMzI5MDQwMDQ1WhcNMjYwMzMwMDQwMDQ1WjAzMTEwLwYDVQQD
Eyg2N2NiOTQ0YTU0YWY2NTc5MTA5MjBkNDFlYTViOWNkZmI2ZDI0ZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFLKeaQJwROR9Yc5gtAU4yLR5Qyt
v8DycR1ktcdm/dM4yfn1wxsyDM02EHfaVmu70SE+oJOgbUjHLHZfHKnPjipf0UW/
iMMdQNBA74OhCw3yqNgR8c+fXrv0k4xk/9UMGpu9+4dWYL8gSbSYnemX2IaSdfKY
5Dcfso4Zm+dsmtgLUixrWk5YcIWkaFSYXXAtZcGE0kp1ruOTCEEo87UGjhU1d5PK
bR4cw4zJk5miILsL9xlYHxSQkCZEKwIeTKzaPUKQAbFgr+f2gO8pvluJkJvn9c4b
cJT5ylIYNlVmLLd4oSRC0FDU3X7NUZM4fKUMER66dSZVveIDiTMRNa4v6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfLlEpUr2V5EJINQepbnN+20k1zMB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgrUsJu73
xZB00GmMavDzrK2nm3MUu9c4BCOYCezryPtTARGIOUn6pHnv/H+LzRJOsSE7q5MY
wMQfEVoEAwNCUoDv0tmzygbFkoAf7Ue/yezNSdEN/MtTeKK+3HBGis0Gp6oQmmDy
6qQHLkRgkxa+Mt0WDz8/io6/8VOGn5Qcuojhb48aSIqJ4HQJLPP0FaudQHT5d7Lb
anJpS8M9PY9lfKuEpFCmuKsf4WoOGg6JfIQ6TnX7h0etpPJ7Ke1AyWfWk0h17I/l
FQ4BUL8qMhFAdk3bKQ0yB/DHU5uXxEd1MJEjmi9F0NDscZn2xXu6N+i9GDqRkl4Z
bwuoTUnKB+Cl7A==
-----END CERTIFICATE-----