Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
File:                     XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft (raw, json)
Hash identifier:          0OheDgpnykjDpsMPa8OzRyKlVdsPcccbaX5/NAJb4v4=
Subject key identifier:   24:88:A0:22:BB:FD:5F:E3:28:60:79:D3:E1:E7:41:B4:8E:FF:FC:C4
Authority key identifier: 5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95
Certificate issuer:       /CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
Certificate serial:       019D38D353721830F31B5B7D2DA9C60A4E18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
Manifest number:          08A1
Signing time:             Sun 29 Mar 2026 09:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:06 +0000
Files and hashes:         1: XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl (hash: KYrEkvT88+OYraqF8bnviIMVMGkhSp9imynk/CRC548=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:53:72:18:30:f3:1b:5b:7d:2d:a9:c6:0a:4e:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
        Validity
            Not Before: Mar 29 09:01:06 2026 GMT
            Not After : Mar 30 09:01:06 2026 GMT
        Subject: CN=2488a022bbfd5fe3286079d3e1e741b48efffcc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:1e:53:28:34:39:3e:e6:c4:ab:36:31:64:db:
                    a2:a5:46:bb:21:81:55:29:98:8e:7a:72:ba:f7:a6:
                    83:3b:26:fb:a4:b7:e7:51:e7:b1:8a:9e:f7:92:ed:
                    25:c5:73:46:0c:47:fd:27:55:58:74:34:d4:21:32:
                    4f:a1:f3:ee:fc:6d:c1:13:cf:c9:d0:e9:7a:09:2d:
                    0d:3f:d9:b3:51:60:f3:ef:17:f4:71:6e:e4:28:f2:
                    ab:59:cc:43:8b:65:73:6e:f2:4c:e6:b5:8e:2d:ee:
                    75:f9:47:45:20:62:03:70:75:9b:56:76:4a:84:1a:
                    73:a1:ce:78:1c:b5:20:e8:dd:56:c0:e8:5a:89:d1:
                    b4:ad:05:b3:66:44:2d:9a:72:bf:c3:0e:9a:c9:de:
                    15:36:32:ad:0a:49:82:84:9d:97:38:17:79:d7:b2:
                    87:c9:a8:6f:ee:62:a3:06:e5:65:7a:b0:71:4d:8c:
                    43:c5:d1:42:3e:26:a8:77:42:25:f3:b2:76:80:54:
                    83:3c:b1:1a:5c:ee:b8:ab:ba:f1:28:be:03:4d:c6:
                    a1:ac:39:32:58:85:04:ef:18:8d:24:ed:6b:77:84:
                    0b:3d:b4:91:2d:56:9e:9e:02:c8:3c:46:da:a7:4f:
                    a4:fd:d2:cf:5d:0b:bc:f4:52:82:f2:63:fc:a4:f6:
                    cb:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:88:A0:22:BB:FD:5F:E3:28:60:79:D3:E1:E7:41:B4:8E:FF:FC:C4
            X509v3 Authority Key Identifier:
                keyid:5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:3c:2e:13:6b:dd:f9:d1:3d:43:d4:b1:a7:7e:28:98:fc:86:
         5b:d4:73:a6:fd:38:01:e6:8e:5a:1f:12:9f:61:59:13:27:75:
         5f:d4:6d:45:67:7c:a2:d8:2a:69:af:1c:ef:59:85:8c:9a:fd:
         58:fe:1f:20:1f:7a:1c:b9:6f:8c:52:ce:4d:bd:f9:91:c1:82:
         c6:52:05:9a:0e:90:60:b7:9f:65:66:9c:5e:b7:a0:58:5e:e2:
         7d:61:e8:f3:5f:09:af:af:8e:61:c5:ad:d5:f7:9b:68:01:9f:
         02:de:68:43:37:1d:60:4c:a6:45:00:76:ca:11:1b:5d:91:49:
         24:39:45:83:b5:c8:08:f1:1b:37:ba:a9:ca:70:dd:50:c9:89:
         b4:59:9d:de:c5:07:65:89:08:9f:69:a2:34:21:1d:f3:d6:88:
         0d:94:b6:d9:79:fa:2a:1d:ea:72:f9:46:36:64:b4:aa:63:d2:
         c9:18:74:7f:e2:fe:9a:cb:2d:c9:9d:08:bf:1b:7e:d1:45:3f:
         1a:34:4a:c0:62:e0:7e:3e:c8:a7:b9:bc:49:ab:d8:6f:7f:fc:
         15:a3:6d:29:84:53:e1:84:61:56:b4:01:33:83:6d:71:fe:5c:
         02:f2:2f:86:ac:46:d8:eb:f6:54:f8:a7:a6:14:97:39:a2:ab:
         ac:e8:f3:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0401NyGDDzG1t9LanGCk4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMjE5NjhlOTFjMmY0N2YxYjA3YzFmMzVmZTdkMjYzYzU2
ZDA0OTUwHhcNMjYwMzI5MDkwMTA2WhcNMjYwMzMwMDkwMTA2WjAzMTEwLwYDVQQD
EygyNDg4YTAyMmJiZmQ1ZmUzMjg2MDc5ZDNlMWU3NDFiNDhlZmZmY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh5TKDQ5PubEqzYxZNuipUa7IYFV
KZiOenK696aDOyb7pLfnUeexip73ku0lxXNGDEf9J1VYdDTUITJPofPu/G3BE8/J
0Ol6CS0NP9mzUWDz7xf0cW7kKPKrWcxDi2VzbvJM5rWOLe51+UdFIGIDcHWbVnZK
hBpzoc54HLUg6N1WwOhaidG0rQWzZkQtmnK/ww6ayd4VNjKtCkmChJ2XOBd517KH
yahv7mKjBuVlerBxTYxDxdFCPiaod0Il87J2gFSDPLEaXO64q7rxKL4DTcahrDky
WIUE7xiNJO1rd4QLPbSRLVaengLIPEbap0+k/dLPXQu89FKC8mP8pPbLsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSIoCK7/V/jKGB50+HnQbSO//zEMB8GA1UdIwQY
MBaAFF0hlo6RwvR/GwfB81/n0mPFbQSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUt
MWVjMzc0NjVkM2FmLzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUtMWVjMzc0NjVkM2Fm
LzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATDwuE2vd
+dE9Q9Sxp34omPyGW9Rzpv04AeaOWh8Sn2FZEyd1X9RtRWd8otgqaa8c71mFjJr9
WP4fIB96HLlvjFLOTb35kcGCxlIFmg6QYLefZWacXregWF7ifWHo818Jr6+OYcWt
1febaAGfAt5oQzcdYEymRQB2yhEbXZFJJDlFg7XICPEbN7qpynDdUMmJtFmd3sUH
ZYkIn2miNCEd89aIDZS22Xn6Kh3qcvlGNmS0qmPSyRh0f+L+msstyZ0Ivxt+0UU/
GjRKwGLgfj7Ip7m8SavYb3/8FaNtKYRT4YRhVrQBM4Ntcf5cAvIvhqxG2Ov2VPin
phSXOaKrrOjzHg==
-----END CERTIFICATE-----