Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          8h6/C7j1pBMCGCbwrMDRR5L7RM85krnYHpJbjWiwlI8=
Subject key identifier:   F7:EA:10:77:50:B0:5C:33:27:BE:DC:4C:26:D7:5F:43:26:F0:CC:C0
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       019D3A5431A39ADB3D98ED2617DA5FF47DDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0ECD
Signing time:             Sun 29 Mar 2026 16:01:29 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:29 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:29 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: coEXR0su/DBRmsQMEUCtCT0mZjU9T5FcD9OggO102Us=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:31:a3:9a:db:3d:98:ed:26:17:da:5f:f4:7d:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Mar 29 16:01:29 2026 GMT
            Not After : Mar 30 16:01:29 2026 GMT
        Subject: CN=f7ea107750b05c3327bedc4c26d75f4326f0ccc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5c:dc:49:db:cf:60:ca:32:75:0d:3f:96:1a:
                    95:01:bf:aa:a8:50:30:af:94:db:f7:29:5f:49:2a:
                    1d:2d:7f:a5:d2:26:70:0d:0b:3f:99:e4:88:cc:86:
                    11:a0:03:3f:2a:23:ec:b9:67:a1:fa:b9:73:a4:a2:
                    cd:44:f7:58:15:a0:f4:92:01:92:67:e4:8f:55:62:
                    f8:0a:66:b6:2e:f9:a9:f4:74:bd:6d:6b:f4:52:22:
                    16:cd:a6:d2:18:66:ef:6b:3c:8d:16:57:d0:d4:52:
                    fa:be:90:46:87:9f:91:63:f9:7e:18:6c:53:45:ba:
                    ff:13:f7:f0:cd:ce:c4:57:f1:99:f8:3c:eb:0c:5a:
                    cc:90:1e:e1:42:c0:98:62:ea:66:1e:44:e2:35:fe:
                    38:74:fd:c3:20:7b:8e:44:2b:0d:29:9b:6d:e0:43:
                    67:79:8f:6e:5e:49:ca:b5:5d:1c:62:64:c2:40:66:
                    d6:3d:dc:8e:16:b2:e5:f1:98:34:a4:51:ef:fc:5a:
                    4f:76:62:2e:5f:79:11:55:5a:02:7d:dc:31:a4:3b:
                    a6:44:72:3b:1a:0f:f9:6b:c5:7b:f7:56:ff:ba:b7:
                    c8:cd:62:6f:59:65:96:91:5f:4a:b5:f2:f1:22:dc:
                    1b:c3:83:f4:bd:d3:78:70:d2:55:55:d4:86:cc:70:
                    20:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:EA:10:77:50:B0:5C:33:27:BE:DC:4C:26:D7:5F:43:26:F0:CC:C0
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:2d:d5:aa:88:c3:53:df:52:d1:1c:c3:dc:a3:4d:06:0d:ac:
         b3:a5:68:b6:44:a1:a8:d1:cf:ac:4e:c4:3c:7a:08:49:ca:25:
         40:d4:20:d3:47:de:b1:c3:62:dc:fd:b4:ff:9a:95:fb:40:91:
         09:9e:9f:6e:b8:ae:ee:d0:77:4e:5e:f7:67:87:cc:df:f8:07:
         9c:74:f2:86:a5:96:0b:64:9b:35:7f:cf:77:62:db:c9:65:9b:
         d0:16:5a:cf:9b:be:ce:18:28:91:ad:bd:79:d4:14:92:03:68:
         14:91:d9:3e:d8:ba:80:45:cd:f3:c0:8c:29:22:be:33:b6:31:
         27:5f:30:3e:df:ca:05:6a:43:75:ba:d4:59:8c:a1:7a:ba:8e:
         17:c7:99:b8:12:86:2e:63:dc:dd:46:d2:4a:b4:8c:70:5b:1e:
         54:da:f8:1c:53:f8:3d:fa:b6:68:d3:25:cc:75:67:d0:5c:25:
         fa:d7:fb:48:59:d7:4d:9a:86:c9:7a:1a:cb:2b:5c:b9:7a:ad:
         36:ec:39:e3:a9:63:1b:17:9f:46:26:bc:a0:60:6a:37:84:dc:
         b4:20:2c:00:6f:db:14:7c:01:2d:d6:a5:44:ca:12:82:13:cb:
         0a:2f:e4:1f:79:96:b8:e0:13:b9:e8:9b:d8:26:a4:77:63:f2:
         00:95:78:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VDGjmts9mO0mF9pf9H3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjYwMzI5MTYwMTI5WhcNMjYwMzMwMTYwMTI5WjAzMTEwLwYDVQQD
EyhmN2VhMTA3NzUwYjA1YzMzMjdiZWRjNGMyNmQ3NWY0MzI2ZjBjY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1zcSdvPYMoydQ0/lhqVAb+qqFAw
r5Tb9ylfSSodLX+l0iZwDQs/meSIzIYRoAM/KiPsuWeh+rlzpKLNRPdYFaD0kgGS
Z+SPVWL4Cma2Lvmp9HS9bWv0UiIWzabSGGbvazyNFlfQ1FL6vpBGh5+RY/l+GGxT
Rbr/E/fwzc7EV/GZ+DzrDFrMkB7hQsCYYupmHkTiNf44dP3DIHuORCsNKZtt4ENn
eY9uXknKtV0cYmTCQGbWPdyOFrLl8Zg0pFHv/FpPdmIuX3kRVVoCfdwxpDumRHI7
Gg/5a8V791b/urfIzWJvWWWWkV9KtfLxItwbw4P0vdN4cNJVVdSGzHAgfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfqEHdQsFwzJ77cTCbXX0Mm8MzAMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnS3VqojD
U99S0RzD3KNNBg2ss6VotkShqNHPrE7EPHoIScolQNQg00fescNi3P20/5qV+0CR
CZ6fbriu7tB3Tl73Z4fM3/gHnHTyhqWWC2SbNX/Pd2LbyWWb0BZaz5u+zhgoka29
edQUkgNoFJHZPti6gEXN88CMKSK+M7YxJ18wPt/KBWpDdbrUWYyherqOF8eZuBKG
LmPc3UbSSrSMcFseVNr4HFP4Pfq2aNMlzHVn0Fwl+tf7SFnXTZqGyXoayytcuXqt
Nuw546ljGxefRia8oGBqN4TctCAsAG/bFHwBLdalRMoSghPLCi/kH3mWuOATueib
2Cakd2PyAJV4RA==
-----END CERTIFICATE-----