Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
File:                     XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json)
Hash identifier:          8vd6xbjlfcUNFqR65hkWP4L3ihD1NjPzMT/YwPy7+Cc=
Subject key identifier:   09:57:4D:DE:D0:C6:E6:6C:E8:69:2D:20:CF:E9:0C:01:CC:EC:C6:F7
Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A
Certificate issuer:       /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
Certificate serial:       019D3941234CE29EF00A5522A776975CE4A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
Manifest number:          0E64
Signing time:             Sun 29 Mar 2026 11:01:03 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:03 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:03 +0000
Files and hashes:         1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: 3ocM7F6bLwtluJzIvFxSPTDasHt7wQLa2He1Uxws4bI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:23:4c:e2:9e:f0:0a:55:22:a7:76:97:5c:e4:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
        Validity
            Not Before: Mar 29 11:01:03 2026 GMT
            Not After : Mar 30 11:01:03 2026 GMT
        Subject: CN=09574dded0c6e66ce8692d20cfe90c01ccecc6f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:37:ab:07:1d:f4:a4:30:82:25:44:9a:dc:25:
                    0a:97:47:3b:98:d0:6e:e9:b7:12:5d:df:52:66:aa:
                    b0:25:1b:8f:97:c0:46:9a:cd:ba:61:7c:ee:c5:b9:
                    b5:72:55:77:99:8c:f7:85:ca:34:8f:aa:0c:11:4f:
                    f8:4c:4d:32:4d:0f:d4:8c:24:76:24:5a:cf:99:bb:
                    d7:be:51:a1:3b:3c:a6:62:34:11:34:e0:01:b8:98:
                    ab:7b:fd:03:47:92:54:bb:34:c6:cf:df:95:37:54:
                    e6:05:92:ef:b2:a5:02:e8:29:49:61:6c:5d:90:27:
                    9e:0d:1b:13:9a:af:c5:f1:97:2d:15:85:52:5a:f6:
                    4e:62:df:21:94:62:21:e5:40:d0:1d:05:87:83:3d:
                    77:28:54:e5:06:d0:d9:25:7d:05:c4:18:5e:3e:ad:
                    1e:60:56:12:0f:d7:cd:62:e7:f9:c6:af:1c:c2:23:
                    16:6f:c6:5d:a6:6b:63:9e:ac:cb:1d:96:a8:94:62:
                    84:80:9c:c9:45:03:3b:5d:51:43:e2:16:01:b8:fd:
                    70:ff:d8:69:2a:93:86:21:d2:c9:1c:17:7b:33:86:
                    91:c9:2f:31:4d:d8:14:1f:52:54:7b:13:98:9a:e2:
                    b9:f2:5d:1d:e1:7b:28:3c:3b:f3:29:6c:11:92:f7:
                    be:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:57:4D:DE:D0:C6:E6:6C:E8:69:2D:20:CF:E9:0C:01:CC:EC:C6:F7
            X509v3 Authority Key Identifier:
                keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:85:94:0d:18:6a:f3:0a:7f:44:a3:27:a8:a8:3b:de:c9:a2:
         4d:38:9b:dd:a2:5e:6e:9f:2c:e4:9b:51:b3:86:57:83:74:f1:
         ad:f0:d9:d6:4f:44:a1:26:db:00:6d:70:80:89:61:90:d0:99:
         a8:26:cf:2b:63:2e:d5:1a:03:ef:4b:7e:47:d4:ae:8a:dd:cc:
         c5:1c:cb:e9:4b:1c:cf:64:c8:e7:ee:ed:aa:ee:a9:33:51:ac:
         77:f7:f2:5e:93:28:22:8f:a7:f5:7b:85:97:27:25:14:4a:15:
         3b:f3:74:68:7e:a7:f9:e9:7d:bb:0f:8b:2a:2a:4c:60:f9:ac:
         0e:61:fe:c7:72:b0:b7:90:de:9b:c6:80:e7:19:e8:c0:0e:56:
         7d:22:e8:aa:fe:c8:4b:02:da:a1:54:73:ca:cb:db:74:16:75:
         7e:5a:05:41:6e:c1:c3:15:64:7d:87:87:9c:dd:b4:f1:4a:8e:
         8b:33:1e:e9:cd:94:aa:d4:ce:5d:cb:87:63:a4:82:06:43:e5:
         19:0f:c6:15:83:67:61:72:a3:aa:9f:ee:68:0a:fc:78:ba:41:
         f3:00:6b:ba:3a:2f:ca:f6:62:35:26:c1:f1:0e:ad:ea:29:3f:
         33:06:7f:3b:70:e2:9b:8a:67:56:2c:a8:c7:6a:3a:3a:98:00:
         59:69:59:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QSNM4p7wClUip3aXXOSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky
Njg2NGEwHhcNMjYwMzI5MTEwMTAzWhcNMjYwMzMwMTEwMTAzWjAzMTEwLwYDVQQD
EygwOTU3NGRkZWQwYzZlNjZjZTg2OTJkMjBjZmU5MGMwMWNjZWNjNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjerBx30pDCCJUSa3CUKl0c7mNBu
6bcSXd9SZqqwJRuPl8BGms26YXzuxbm1clV3mYz3hco0j6oMEU/4TE0yTQ/UjCR2
JFrPmbvXvlGhOzymYjQRNOABuJire/0DR5JUuzTGz9+VN1TmBZLvsqUC6ClJYWxd
kCeeDRsTmq/F8ZctFYVSWvZOYt8hlGIh5UDQHQWHgz13KFTlBtDZJX0FxBhePq0e
YFYSD9fNYuf5xq8cwiMWb8ZdpmtjnqzLHZaolGKEgJzJRQM7XVFD4hYBuP1w/9hp
KpOGIdLJHBd7M4aRyS8xTdgUH1JUexOYmuK58l0d4XsoPDvzKWwRkve+owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAlXTd7QxuZs6GktIM/pDAHM7Mb3MB8GA1UdIwQY
MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt
ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj
LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvYWUDRhq
8wp/RKMnqKg73smiTTib3aJebp8s5JtRs4ZXg3TxrfDZ1k9EoSbbAG1wgIlhkNCZ
qCbPK2Mu1RoD70t+R9Suit3MxRzL6Uscz2TI5+7tqu6pM1Gsd/fyXpMoIo+n9XuF
lyclFEoVO/N0aH6n+el9uw+LKipMYPmsDmH+x3Kwt5Dem8aA5xnowA5WfSLoqv7I
SwLaoVRzysvbdBZ1floFQW7BwxVkfYeHnN208UqOizMe6c2UqtTOXcuHY6SCBkPl
GQ/GFYNnYXKjqp/uaAr8eLpB8wBrujovyvZiNSbB8Q6t6ik/MwZ/O3Dim4pnViyo
x2o6OpgAWWlZGA==
-----END CERTIFICATE-----