Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          wCysPhBUnqJD4AStSDMNl6REeWE6Vnl96idCsGcUVTw=
Subject key identifier:   BB:C4:08:7B:DD:0D:80:76:DF:D9:2C:21:A0:5A:D9:01:36:A0:E0:97
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       019D3909AF3FD252AB9A9AE43D73476811A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          169E
Signing time:             Sun 29 Mar 2026 10:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:29 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: 8C/c8sbxeDkvB11pIH6wrxeLRbXtlpZdHFAyzUgih1o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:af:3f:d2:52:ab:9a:9a:e4:3d:73:47:68:11:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: Mar 29 10:00:29 2026 GMT
            Not After : Mar 30 10:00:29 2026 GMT
        Subject: CN=bbc4087bdd0d8076dfd92c21a05ad90136a0e097
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b7:8c:5b:e1:c4:10:5d:ea:2f:1c:fd:69:99:
                    31:85:62:1f:ce:3d:df:dd:4d:f7:98:c5:4a:17:44:
                    01:25:6b:73:f7:14:cc:81:ea:31:80:6d:f4:79:bd:
                    b7:3c:79:4c:b6:3f:ba:e0:26:bf:59:84:50:55:5c:
                    48:9a:f6:e3:67:5d:9d:ab:de:cb:25:f7:90:44:57:
                    7c:9f:09:82:63:6d:4c:ca:be:a1:c3:19:13:c7:ad:
                    3d:8f:f9:71:86:6e:8a:33:05:ad:63:15:3f:fa:db:
                    3e:be:a5:67:f5:fd:2f:7b:c3:37:3c:95:02:7e:9a:
                    56:a7:15:1d:33:e8:f9:2c:c7:e7:e6:c9:61:69:34:
                    a8:7f:37:45:69:28:8d:1a:b2:d6:dc:6d:46:e6:a9:
                    cb:e5:20:40:3b:c9:5b:9e:e1:27:c6:0d:7c:c9:64:
                    34:65:8f:4c:6a:c5:5f:92:6b:2d:b4:c4:22:34:08:
                    bf:84:aa:ff:3f:3e:67:51:6a:fa:a6:d8:91:9b:c9:
                    6f:c1:c9:f3:01:09:95:b3:81:3a:41:c0:52:f3:ab:
                    8c:35:04:df:2f:e0:1b:54:0b:26:34:77:07:5d:ef:
                    71:79:05:39:2e:39:c9:b7:27:c0:7c:2a:c2:b2:60:
                    d7:88:6b:74:18:04:2c:c7:d9:1e:63:34:11:b9:2b:
                    d6:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:C4:08:7B:DD:0D:80:76:DF:D9:2C:21:A0:5A:D9:01:36:A0:E0:97
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:d2:7f:30:2b:46:ef:7f:be:f7:0e:4f:c3:c0:31:95:1a:3c:
         9f:4e:d6:b3:ba:47:8e:ee:f8:33:77:96:6c:3d:0c:74:0e:ba:
         3d:03:72:09:5e:61:a2:a5:12:0e:02:9e:63:6e:37:ea:cb:fb:
         db:74:95:1d:27:f8:fc:59:1f:80:dd:05:53:c5:0a:8f:6b:fa:
         0c:16:3d:19:4c:23:15:61:f0:dc:df:91:bb:bc:0e:6d:f8:cc:
         87:b2:a7:0c:23:6a:f4:05:00:24:53:93:6e:ed:22:07:25:6d:
         6e:c0:71:47:f6:9b:b2:92:3c:93:72:43:ae:83:30:d4:ab:69:
         bc:fb:49:bd:7b:aa:23:f2:6d:55:ae:01:17:2d:bd:c6:cf:26:
         47:12:0d:d9:f1:e8:76:3c:a5:46:9d:d6:f3:e9:29:19:27:f2:
         7f:d8:3c:1a:0c:b0:2b:a7:1c:5b:b0:3a:e7:2a:66:44:c9:45:
         9b:28:7f:18:3c:f7:a3:ec:bf:7c:59:6d:68:09:ac:47:d2:c9:
         07:5a:08:61:59:46:b2:59:fb:06:58:ba:26:03:81:87:38:9b:
         3c:6f:77:db:42:99:c0:94:68:a7:0a:82:96:42:c0:5d:22:82:
         fd:c9:f9:33:9c:e8:a6:d3:5c:4a:16:d1:8c:3a:e1:f6:9c:6c:
         18:ed:62:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ca8/0lKrmprkPXNHaBGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjYwMzI5MTAwMDI5WhcNMjYwMzMwMTAwMDI5WjAzMTEwLwYDVQQD
EyhiYmM0MDg3YmRkMGQ4MDc2ZGZkOTJjMjFhMDVhZDkwMTM2YTBlMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLeMW+HEEF3qLxz9aZkxhWIfzj3f
3U33mMVKF0QBJWtz9xTMgeoxgG30eb23PHlMtj+64Ca/WYRQVVxImvbjZ12dq97L
JfeQRFd8nwmCY21Myr6hwxkTx609j/lxhm6KMwWtYxU/+ts+vqVn9f0ve8M3PJUC
fppWpxUdM+j5LMfn5slhaTSofzdFaSiNGrLW3G1G5qnL5SBAO8lbnuEnxg18yWQ0
ZY9MasVfkmsttMQiNAi/hKr/Pz5nUWr6ptiRm8lvwcnzAQmVs4E6QcBS86uMNQTf
L+AbVAsmNHcHXe9xeQU5LjnJtyfAfCrCsmDXiGt0GAQsx9keYzQRuSvW9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvECHvdDYB239ksIaBa2QE2oOCXMB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC9J/MCtG
73++9w5Pw8AxlRo8n07Ws7pHju74M3eWbD0MdA66PQNyCV5hoqUSDgKeY2436sv7
23SVHSf4/FkfgN0FU8UKj2v6DBY9GUwjFWHw3N+Ru7wObfjMh7KnDCNq9AUAJFOT
bu0iByVtbsBxR/abspI8k3JDroMw1KtpvPtJvXuqI/JtVa4BFy29xs8mRxIN2fHo
djylRp3W8+kpGSfyf9g8GgywK6ccW7A65ypmRMlFmyh/GDz3o+y/fFltaAmsR9LJ
B1oIYVlGsln7Bli6JgOBhzibPG9320KZwJRopwqClkLAXSKC/cn5M5zoptNcShbR
jDrh9pxsGO1iSw==
-----END CERTIFICATE-----