Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
File:                     xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft (raw, json)
Hash identifier:          CVNd/DPLU+WNr9mjii9saLq5cIJVylkdQZvaOEGyD+w=
Subject key identifier:   31:4B:90:6B:D5:A8:57:EE:31:85:FB:5C:1E:B8:B8:FB:44:FE:29:9D
Authority key identifier: C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A
Certificate issuer:       /CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a
Certificate serial:       019D382E5FB9E5383299472ECF519A57DA80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
Manifest number:          0FED
Signing time:             Sun 29 Mar 2026 06:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:56 +0000
Files and hashes:         1: xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl (hash: Lh7g8eTCxdnWZmJSG5moIlnsPkYgMPpyAIBm0/JSwe8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:5f:b9:e5:38:32:99:47:2e:cf:51:9a:57:da:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a
        Validity
            Not Before: Mar 29 06:00:56 2026 GMT
            Not After : Mar 30 06:00:56 2026 GMT
        Subject: CN=314b906bd5a857ee3185fb5c1eb8b8fb44fe299d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:66:07:ec:16:94:4a:3a:d3:f2:bc:f5:22:eb:
                    9c:11:87:50:34:b0:29:a6:25:e5:05:b8:a1:b7:44:
                    78:62:65:9b:82:f7:08:6c:16:80:e0:b2:c0:db:ca:
                    7e:de:50:57:ac:63:7d:ad:45:6d:e9:63:0a:15:c7:
                    43:b9:b4:88:d3:9c:52:92:f1:eb:75:91:50:1f:ba:
                    be:2f:02:d9:92:f0:f8:76:32:46:7a:d5:f3:f4:81:
                    fa:e7:00:7b:e7:4f:27:2a:f5:3d:6e:37:8d:9b:3d:
                    0b:6b:d9:44:f7:a4:21:94:cc:79:c5:96:4b:cd:7b:
                    95:90:fe:f4:82:af:f5:f4:38:a4:36:13:7b:8f:a6:
                    3e:c6:fa:0e:d8:95:9c:76:a1:3d:5b:f7:77:52:b1:
                    9f:2e:7b:59:a9:58:b1:45:15:c9:ac:7e:15:ea:51:
                    6f:81:da:eb:84:d1:7e:41:61:27:80:88:1a:97:38:
                    4d:88:b8:fb:5d:f9:59:fe:ea:1c:2c:ba:71:a7:ca:
                    c2:12:3e:a6:aa:a0:e3:a5:3f:b4:a2:d4:9e:87:a2:
                    b1:af:60:56:66:a4:4d:17:a8:94:b7:6e:b2:5b:67:
                    60:17:b1:10:d7:66:a4:f6:37:6e:e8:a3:0d:d4:7a:
                    39:38:89:8a:13:ff:c3:88:65:a5:58:d0:22:9d:bc:
                    0e:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:4B:90:6B:D5:A8:57:EE:31:85:FB:5C:1E:B8:B8:FB:44:FE:29:9D
            X509v3 Authority Key Identifier:
                keyid:C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:aa:23:ef:19:4c:87:d8:fa:d2:60:a3:5a:65:7c:73:be:c9:
         9e:3a:77:b7:d9:12:c1:e5:c0:de:96:da:57:0e:e2:42:de:1f:
         69:4d:35:f7:fd:0c:c0:55:47:21:c9:bd:98:bc:7f:19:3e:f0:
         64:bd:5b:7a:7e:e4:c8:41:42:9e:93:70:3f:57:d5:84:8c:18:
         17:91:05:32:db:d2:1d:95:81:e9:b7:7d:86:b0:51:d6:7e:b8:
         4b:27:89:45:d1:b3:39:32:99:de:a0:2a:8e:2e:eb:7a:c2:00:
         0e:f4:07:24:af:50:92:b6:5b:df:d9:00:56:7c:6b:b4:f3:f5:
         a9:37:0d:ad:e9:19:ce:32:10:2f:6c:20:b5:d9:4f:1a:09:3a:
         bb:d7:47:9d:e9:d7:04:1f:11:49:c5:f5:28:2a:7e:27:9a:8e:
         65:81:03:8f:bd:f3:77:b4:22:a7:83:55:47:b6:c8:4f:c5:9d:
         f0:3f:02:98:7a:75:fa:a8:0b:14:0d:e4:9c:09:bc:29:dd:cc:
         b6:d0:b4:d2:5f:5b:81:82:28:dc:73:40:9a:9e:30:52:9c:00:
         51:13:b6:fa:4a:06:a5:2e:aa:fd:eb:d1:80:ae:4d:32:76:c9:
         d1:35:06:55:33:a6:2a:3f:2f:5e:79:f0:4c:85:0a:6f:cc:81:
         eb:8d:14:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Ll+55TgymUcuz1GaV9qAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Y2NmOWNlOTdkMTIzMmUwMTYyZmNjZDQzZjYwYzRlNzk4
MzFlMWEwHhcNMjYwMzI5MDYwMDU2WhcNMjYwMzMwMDYwMDU2WjAzMTEwLwYDVQQD
EygzMTRiOTA2YmQ1YTg1N2VlMzE4NWZiNWMxZWI4YjhmYjQ0ZmUyOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mYH7BaUSjrT8rz1IuucEYdQNLAp
piXlBbiht0R4YmWbgvcIbBaA4LLA28p+3lBXrGN9rUVt6WMKFcdDubSI05xSkvHr
dZFQH7q+LwLZkvD4djJGetXz9IH65wB7508nKvU9bjeNmz0La9lE96QhlMx5xZZL
zXuVkP70gq/19DikNhN7j6Y+xvoO2JWcdqE9W/d3UrGfLntZqVixRRXJrH4V6lFv
gdrrhNF+QWEngIgalzhNiLj7XflZ/uocLLpxp8rCEj6mqqDjpT+0otSeh6Kxr2BW
ZqRNF6iUt26yW2dgF7EQ12ak9jdu6KMN1Ho5OImKE//DiGWlWNAinbwOLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFLkGvVqFfuMYX7XB64uPtE/imdMB8GA1UdIwQY
MBaAFMbM+c6X0SMuAWL8zUP2DE55gx4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjct
NWExZTVmYTczZTRkLzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjctNWExZTVmYTczZTRk
LzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAqoj7xlM
h9j60mCjWmV8c77Jnjp3t9kSweXA3pbaVw7iQt4faU019/0MwFVHIcm9mLx/GT7w
ZL1ben7kyEFCnpNwP1fVhIwYF5EFMtvSHZWB6bd9hrBR1n64SyeJRdGzOTKZ3qAq
ji7resIADvQHJK9QkrZb39kAVnxrtPP1qTcNrekZzjIQL2wgtdlPGgk6u9dHnenX
BB8RScX1KCp+J5qOZYEDj73zd7Qip4NVR7bIT8Wd8D8CmHp1+qgLFA3knAm8Kd3M
ttC00l9bgYIo3HNAmp4wUpwAURO2+koGpS6q/evRgK5NMnbJ0TUGVTOmKj8vXnnw
TIUKb8yB640U5A==
-----END CERTIFICATE-----