Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
File:                     xlkRwmkydt2NDOt_hKoqtJ79EIk.mft (raw, json)
Hash identifier:          L5vmRDxBNPO7Ip7WyTH8JitxgoKOG2s/w5q+wtTWZl0=
Subject key identifier:   A5:D3:C1:18:1A:B1:E7:47:96:7B:28:63:9E:DB:19:14:49:9F:F7:C4
Authority key identifier: C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89
Certificate issuer:       /CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
Certificate serial:       019CE4485A9633390AD9EAC18FA8951AC69E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
Manifest number:          0660
Signing time:             Thu 12 Mar 2026 23:01:12 +0000
Manifest this update:     Thu 12 Mar 2026 23:01:12 +0000
Manifest next update:     Fri 13 Mar 2026 23:01:12 +0000
Files and hashes:         1: xlkRwmkydt2NDOt_hKoqtJ79EIk.crl (hash: 5RW2wDWqOsVKW8E8KHA424lnDFznAwTSpFwrTU31A5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Mar 2026 23:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:e4:48:5a:96:33:39:0a:d9:ea:c1:8f:a8:95:1a:c6:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
        Validity
            Not Before: Mar 12 23:01:12 2026 GMT
            Not After : Mar 13 23:01:12 2026 GMT
        Subject: CN=a5d3c1181ab1e747967b28639edb1914499ff7c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:62:4c:4d:e7:6e:3f:af:a2:5f:2e:f7:67:c7:
                    3d:e6:42:de:3c:ca:eb:5a:8a:f9:3f:20:a6:75:8e:
                    56:d8:63:f3:e7:86:2c:86:4a:66:3e:5c:5b:6c:0e:
                    12:b6:72:a4:89:7c:82:a7:01:f7:67:67:49:91:82:
                    3d:c1:0c:92:d8:37:0f:14:0d:7f:b5:ca:d1:71:23:
                    73:4d:d4:23:93:fd:9f:14:63:97:fc:23:37:b9:09:
                    28:c2:82:b8:cd:83:ec:21:6b:b4:04:a1:96:3c:b5:
                    2c:2d:9e:07:fb:72:4c:f3:9a:86:fd:86:47:2a:3f:
                    24:a8:8c:6d:cc:6e:8d:11:7d:3c:59:8a:98:66:fc:
                    d2:53:40:8d:65:d7:bd:44:3b:00:9b:d1:1d:8b:a9:
                    e7:a9:f3:5f:71:01:16:74:a7:48:ec:41:9b:ba:cb:
                    10:d9:8f:47:ca:5f:52:37:79:2f:a7:af:30:73:aa:
                    29:d5:53:9c:b3:a3:f2:9d:a6:9c:65:b8:20:fc:b1:
                    cc:1f:9b:dd:7b:55:d4:ba:1c:da:8b:db:6c:be:71:
                    96:df:c3:c3:21:ed:e5:21:3a:0a:07:00:35:73:7f:
                    30:c5:d7:bd:ed:1c:54:40:b3:c0:be:52:f3:eb:65:
                    14:af:4d:bc:d7:f7:0a:3f:62:dd:33:c3:95:37:fb:
                    b6:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:D3:C1:18:1A:B1:E7:47:96:7B:28:63:9E:DB:19:14:49:9F:F7:C4
            X509v3 Authority Key Identifier:
                keyid:C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:13:f3:99:46:f8:fb:3b:9c:d9:6a:c4:e2:bf:e3:d7:b9:77:
         8f:de:f3:a7:11:46:b2:97:d4:69:f2:44:84:e7:11:38:21:33:
         08:a1:a4:03:33:a3:2e:b4:2b:00:12:0c:a5:1a:f9:d3:1f:49:
         93:f7:5a:b3:d6:0f:9e:6d:05:61:ac:2b:17:b0:27:25:d2:b7:
         4b:26:e7:59:c6:7a:4b:61:21:12:0c:cf:92:8c:af:74:86:92:
         b9:bb:5c:bd:97:aa:a2:28:c9:4b:25:9f:e9:d1:e4:7b:f7:e2:
         a4:37:e3:1a:ef:9c:33:df:c3:3b:0e:5b:4b:2b:bd:94:0d:f7:
         6c:c6:cf:52:e5:49:eb:aa:ef:53:2a:91:6d:94:a2:f6:54:37:
         92:73:eb:f2:62:83:43:5d:c8:14:bb:37:27:ae:22:60:44:96:
         98:ea:bf:9d:36:28:c4:b1:9b:1d:87:14:ab:99:a2:20:a7:98:
         a3:ed:29:32:6a:50:68:87:3e:78:9b:57:0f:35:75:58:3f:27:
         56:cb:28:e0:2e:38:f1:1c:3d:b1:fd:2f:49:49:eb:3a:5c:66:
         87:58:cc:30:e2:f6:75:74:fc:1e:6d:17:d0:ae:dc:62:71:ec:
         52:81:52:23:94:ec:f7:04:26:fe:ea:87:23:c8:0c:f2:27:b9:
         63:ad:1a:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzkSFqWMzkK2erBj6iVGsaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NTkxMWMyNjkzMjc2ZGQ4ZDBjZWI3Zjg0YWEyYWI0OWVm
ZDEwODkwHhcNMjYwMzEyMjMwMTEyWhcNMjYwMzEzMjMwMTEyWjAzMTEwLwYDVQQD
EyhhNWQzYzExODFhYjFlNzQ3OTY3YjI4NjM5ZWRiMTkxNDQ5OWZmN2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGJMTeduP6+iXy73Z8c95kLePMrr
Wor5PyCmdY5W2GPz54YshkpmPlxbbA4StnKkiXyCpwH3Z2dJkYI9wQyS2DcPFA1/
tcrRcSNzTdQjk/2fFGOX/CM3uQkowoK4zYPsIWu0BKGWPLUsLZ4H+3JM85qG/YZH
Kj8kqIxtzG6NEX08WYqYZvzSU0CNZde9RDsAm9Edi6nnqfNfcQEWdKdI7EGbussQ
2Y9Hyl9SN3kvp68wc6op1VOcs6PynaacZbgg/LHMH5vde1XUuhzai9tsvnGW38PD
Ie3lIToKBwA1c38wxde97RxUQLPAvlLz62UUr0281/cKP2LdM8OVN/u27wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXTwRgasedHlnsoY57bGRRJn/fEMB8GA1UdIwQY
MBaAFMZZEcJpMnbdjQzrf4SqKrSe/RCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYt
YTZlODA5NDlhMDI5LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYtYTZlODA5NDlhMDI5
LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAChPzmUb4
+zuc2WrE4r/j17l3j97zpxFGspfUafJEhOcROCEzCKGkAzOjLrQrABIMpRr50x9J
k/das9YPnm0FYawrF7AnJdK3SybnWcZ6S2EhEgzPkoyvdIaSubtcvZeqoijJSyWf
6dHke/fipDfjGu+cM9/DOw5bSyu9lA33bMbPUuVJ66rvUyqRbZSi9lQ3knPr8mKD
Q13IFLs3J64iYESWmOq/nTYoxLGbHYcUq5miIKeYo+0pMmpQaIc+eJtXDzV1WD8n
Vsso4C448Rw9sf0vSUnrOlxmh1jMMOL2dXT8Hm0X0K7cYnHsUoFSI5Ts9wQm/uqH
I8gM8ie5Y60aRA==
-----END CERTIFICATE-----