Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
File:                     Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json)
Hash identifier:          bznqG4jbstorcWUjmmLnUQyrvq89vVVdUnIgP9mfs0c=
Subject key identifier:   A9:6E:82:91:9E:F6:7E:C2:11:D4:60:C6:50:D3:31:75:D1:82:14:79
Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B
Certificate issuer:       /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
Certificate serial:       019D386566F79E18D3F4E9E25B9832102960
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
Manifest number:          0328
Signing time:             Sun 29 Mar 2026 07:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:02 +0000
Files and hashes:         1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: inrT9lSGHYJsR+QYmBhrXapwkj8F0fQf0/3vCSBDZgI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:66:f7:9e:18:d3:f4:e9:e2:5b:98:32:10:29:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
        Validity
            Not Before: Mar 29 07:01:02 2026 GMT
            Not After : Mar 30 07:01:02 2026 GMT
        Subject: CN=a96e82919ef67ec211d460c650d33175d1821479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:19:44:ba:75:51:18:f7:ff:68:f9:0d:1e:8c:
                    1f:30:36:07:e7:e1:76:f3:d6:d3:bd:ff:f6:03:42:
                    d9:f3:0e:10:a0:2c:6c:c4:26:c8:24:51:a1:a7:cd:
                    1c:61:ed:e4:66:1a:d4:71:21:81:62:49:7b:fa:85:
                    3c:f5:6c:49:5c:62:14:52:08:55:72:0a:cc:89:09:
                    32:e8:1b:4f:17:8f:a1:4e:2a:33:ba:ff:d1:95:e5:
                    20:cd:16:bb:ff:c0:08:a2:b5:19:d8:30:ae:f8:5b:
                    80:26:f3:55:2c:32:38:72:8f:54:1c:7b:87:70:f7:
                    a1:8f:fb:40:14:ee:01:54:a8:e1:24:52:9e:83:8c:
                    28:0a:92:4d:f0:bc:aa:d8:12:08:35:4e:e0:a5:8e:
                    6a:14:f2:a7:6f:11:22:35:bd:9f:15:b7:36:94:91:
                    fa:73:f3:19:17:4a:bf:24:74:eb:86:40:8d:8a:0e:
                    68:a0:10:e3:f4:61:6e:2e:6b:86:f1:ee:bc:a5:ff:
                    95:6e:1a:ef:62:40:99:a6:13:61:9f:8e:07:4d:c5:
                    5d:05:82:cf:09:d7:94:05:1e:30:6e:0e:1f:7b:d8:
                    98:ae:53:75:62:37:d6:68:e6:a4:10:41:d6:bc:11:
                    ab:16:1f:f7:87:ca:44:b7:af:3c:93:b1:b4:98:00:
                    d2:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:6E:82:91:9E:F6:7E:C2:11:D4:60:C6:50:D3:31:75:D1:82:14:79
            X509v3 Authority Key Identifier:
                keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:a1:fb:cd:be:77:3f:2b:b6:49:90:07:79:c2:80:b1:b7:48:
         b4:54:56:f3:02:08:7f:c2:e4:0c:fd:37:e2:a5:d3:58:0d:28:
         38:ab:88:7f:20:64:e7:cb:cd:b4:9e:a1:b7:28:52:d7:29:d3:
         48:d8:a1:26:3f:5b:40:3d:db:c0:d5:bb:8a:3c:1c:18:93:00:
         21:a6:c9:88:49:8e:4c:79:5f:2d:e9:85:e0:95:94:fe:34:80:
         00:e0:78:eb:8a:b6:fd:9f:92:90:9c:87:ea:91:68:ed:60:8a:
         3a:aa:71:b7:82:5e:cf:78:9e:80:38:6b:63:2d:d0:63:4d:ac:
         ff:38:3a:77:3b:f2:83:52:93:39:30:18:23:a1:27:e4:2d:36:
         3a:a1:b7:11:73:ce:4f:5b:04:71:3f:28:30:4e:2a:ca:c5:77:
         34:4c:f8:56:c6:89:ac:03:50:f6:d0:38:c5:de:4e:26:a2:08:
         43:84:b9:93:39:2f:0e:94:24:60:54:c6:84:07:a1:cf:e3:a9:
         81:e3:32:d1:ec:1c:d2:d7:18:dd:c6:f0:33:ee:9f:54:91:d4:
         eb:23:ba:16:ef:42:a9:a2:c2:4b:45:ef:69:9f:8a:ff:36:ee:
         44:21:76:f8:67:58:53:80:e9:be:95:31:88:e3:d9:3a:7e:fa:
         6f:f6:30:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZWb3nhjT9OniW5gyEClgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl
YzNiNWIwHhcNMjYwMzI5MDcwMTAyWhcNMjYwMzMwMDcwMTAyWjAzMTEwLwYDVQQD
EyhhOTZlODI5MTllZjY3ZWMyMTFkNDYwYzY1MGQzMzE3NWQxODIxNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BlEunVRGPf/aPkNHowfMDYH5+F2
89bTvf/2A0LZ8w4QoCxsxCbIJFGhp80cYe3kZhrUcSGBYkl7+oU89WxJXGIUUghV
cgrMiQky6BtPF4+hTiozuv/RleUgzRa7/8AIorUZ2DCu+FuAJvNVLDI4co9UHHuH
cPehj/tAFO4BVKjhJFKeg4woCpJN8Lyq2BIINU7gpY5qFPKnbxEiNb2fFbc2lJH6
c/MZF0q/JHTrhkCNig5ooBDj9GFuLmuG8e68pf+VbhrvYkCZphNhn44HTcVdBYLP
CdeUBR4wbg4fe9iYrlN1YjfWaOakEEHWvBGrFh/3h8pEt688k7G0mADSbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlugpGe9n7CEdRgxlDTMXXRghR5MB8GA1UdIwQY
MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt
MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz
LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADqH7zb53
Pyu2SZAHecKAsbdItFRW8wIIf8LkDP034qXTWA0oOKuIfyBk58vNtJ6htyhS1ynT
SNihJj9bQD3bwNW7ijwcGJMAIabJiEmOTHlfLemF4JWU/jSAAOB464q2/Z+SkJyH
6pFo7WCKOqpxt4Jez3iegDhrYy3QY02s/zg6dzvyg1KTOTAYI6En5C02OqG3EXPO
T1sEcT8oME4qysV3NEz4VsaJrANQ9tA4xd5OJqIIQ4S5kzkvDpQkYFTGhAehz+Op
geMy0ewc0tcY3cbwM+6fVJHU6yO6Fu9CqaLCS0XvaZ+K/zbuRCF2+GdYU4DpvpUx
iOPZOn76b/Ywiw==
-----END CERTIFICATE-----