Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File:                     XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier:          uSDLpK5TwV03tg01en1gsuP3PNYDqs9/Srse/0NNLRg=
Subject key identifier:   7A:D4:FE:BA:04:21:FD:F2:99:4D:91:E3:EA:BA:34:6F:E1:D9:28:BD
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer:       /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial:       019D3909F834E5EB1E4986ED008C1E458C4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number:          0964
Signing time:             Sun 29 Mar 2026 10:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:47 +0000
Files and hashes:         1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: Spe3nSngqtiQxTNh2e50QmZDCkozegtrv4hzYMZYcpE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:f8:34:e5:eb:1e:49:86:ed:00:8c:1e:45:8c:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
        Validity
            Not Before: Mar 29 10:00:47 2026 GMT
            Not After : Mar 30 10:00:47 2026 GMT
        Subject: CN=7ad4feba0421fdf2994d91e3eaba346fe1d928bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3a:27:b9:6e:29:59:49:94:32:ba:8d:ee:f4:
                    a2:2a:fc:e1:bd:e1:b8:68:40:f1:d5:41:73:f6:ba:
                    04:1e:86:ad:d8:e8:f9:4c:a3:ef:06:bf:0e:6c:22:
                    1d:54:3e:c8:9a:a0:a2:62:88:c3:af:0d:08:35:90:
                    28:27:73:f9:0e:be:b0:31:48:25:ff:9f:7e:24:3b:
                    bc:a9:f0:b0:12:03:07:de:09:31:69:38:1c:c0:21:
                    26:44:93:e8:b0:13:78:86:7c:ff:98:b2:ee:b2:59:
                    01:c9:56:c3:7e:8b:ae:dc:da:31:07:17:98:f6:2f:
                    4b:8b:43:e4:bc:2c:e9:c8:f8:dd:c9:32:53:a5:4c:
                    fc:ec:d9:22:a0:23:d5:88:ab:b9:41:eb:0a:3b:5e:
                    de:1a:98:b4:95:e6:93:06:e1:f6:cf:1f:49:89:b3:
                    13:77:a2:a7:e1:a3:e2:fd:a5:9c:04:29:21:b5:c5:
                    0e:48:84:64:63:dd:49:bd:bc:00:0a:02:ec:59:c5:
                    cc:84:06:bb:a7:1f:d6:9f:f2:a4:50:9c:6b:f5:cd:
                    df:03:82:5a:77:f3:4e:ef:fb:95:f1:67:bb:a6:86:
                    3c:6f:dd:82:81:cf:dc:80:a6:58:cd:27:77:59:7b:
                    cd:80:46:81:c0:8a:b0:4f:e6:17:e6:e0:e4:0c:a3:
                    ec:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:D4:FE:BA:04:21:FD:F2:99:4D:91:E3:EA:BA:34:6F:E1:D9:28:BD
            X509v3 Authority Key Identifier:
                keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:c1:a8:aa:47:5f:12:76:f9:fd:77:70:42:a7:6f:5f:e0:fa:
         e8:e8:ac:1d:b7:42:7d:87:1e:5c:af:e6:19:48:d5:13:17:2b:
         a9:ed:9c:1f:e0:09:66:f0:e9:db:33:66:33:e5:89:78:54:90:
         18:5e:2f:2f:fe:23:25:68:05:6b:bd:54:9c:71:52:5d:c7:10:
         cc:7a:6e:19:16:67:fe:f8:bc:0d:e9:55:5a:f3:db:ec:eb:36:
         a8:7e:4a:33:6a:70:77:e9:17:6b:31:a3:a4:f5:ce:7a:eb:95:
         f3:55:f6:e2:97:bd:6a:e2:d6:1e:a1:58:b9:af:60:e0:44:1e:
         e1:d7:72:fe:9b:58:e5:82:bc:bf:a4:1b:8e:b2:ef:cd:b3:64:
         5a:90:8c:18:02:8b:7d:1c:93:2a:62:be:a2:02:4b:13:45:58:
         74:17:00:4e:ce:ad:cc:e8:9f:ee:68:61:07:16:91:94:3c:46:
         bb:5a:ae:b1:3c:0e:e9:7e:e3:45:d7:3c:0a:03:ec:12:30:3a:
         48:5d:7d:04:98:0d:c2:83:99:0f:5b:91:48:b9:cd:71:64:0f:
         35:ec:a5:f0:d8:5e:5c:d5:57:48:8c:c6:91:59:23:1e:e9:58:
         6f:60:4b:85:4c:bd:d9:76:31:a7:a0:df:66:60:ce:09:27:e4:
         71:96:2c:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cfg05eseSYbtAIweRYxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjYwMzI5MTAwMDQ3WhcNMjYwMzMwMTAwMDQ3WjAzMTEwLwYDVQQD
Eyg3YWQ0ZmViYTA0MjFmZGYyOTk0ZDkxZTNlYWJhMzQ2ZmUxZDkyOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDonuW4pWUmUMrqN7vSiKvzhveG4
aEDx1UFz9roEHoat2Oj5TKPvBr8ObCIdVD7ImqCiYojDrw0INZAoJ3P5Dr6wMUgl
/59+JDu8qfCwEgMH3gkxaTgcwCEmRJPosBN4hnz/mLLuslkByVbDfouu3NoxBxeY
9i9Li0PkvCzpyPjdyTJTpUz87NkioCPViKu5QesKO17eGpi0leaTBuH2zx9JibMT
d6Kn4aPi/aWcBCkhtcUOSIRkY91JvbwACgLsWcXMhAa7px/Wn/KkUJxr9c3fA4Ja
d/NO7/uV8We7poY8b92Cgc/cgKZYzSd3WXvNgEaBwIqwT+YX5uDkDKPsCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrU/roEIf3ymU2R4+q6NG/h2Si9MB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwsGoqkdf
Enb5/XdwQqdvX+D66OisHbdCfYceXK/mGUjVExcrqe2cH+AJZvDp2zNmM+WJeFSQ
GF4vL/4jJWgFa71UnHFSXccQzHpuGRZn/vi8DelVWvPb7Os2qH5KM2pwd+kXazGj
pPXOeuuV81X24pe9auLWHqFYua9g4EQe4ddy/ptY5YK8v6QbjrLvzbNkWpCMGAKL
fRyTKmK+ogJLE0VYdBcATs6tzOif7mhhBxaRlDxGu1qusTwO6X7jRdc8CgPsEjA6
SF19BJgNwoOZD1uRSLnNcWQPNeyl8NheXNVXSIzGkVkjHulYb2BLhUy92XYxp6Df
ZmDOCSfkcZYsVw==
-----END CERTIFICATE-----