Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
File:                     XOackdRTOWv6Fm8FG_jwbAOghcs.mft (raw, json)
Hash identifier:          pYEyz15K3KRML+EkslQTJ11phJvoJ9CIaxYQWC8EUOs=
Subject key identifier:   CD:8F:D8:E0:94:BF:5B:83:A1:FE:A2:DE:5C:EE:5B:EC:53:61:E6:7A
Authority key identifier: 5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB
Certificate issuer:       /CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
Certificate serial:       019D9AE309F0A667CF89ED1DF9A5E5775E67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
Manifest number:          0DCE
Signing time:             Fri 17 Apr 2026 10:01:03 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:03 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:03 +0000
Files and hashes:         1: XOackdRTOWv6Fm8FG_jwbAOghcs.crl (hash: Kfdz1Srh2FxJEgUVlfbcTTYMt87FXmP2geHmdiqFJds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:09:f0:a6:67:cf:89:ed:1d:f9:a5:e5:77:5e:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
        Validity
            Not Before: Apr 17 10:01:03 2026 GMT
            Not After : Apr 18 10:01:03 2026 GMT
        Subject: CN=cd8fd8e094bf5b83a1fea2de5cee5bec5361e67a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f6:8b:62:00:67:c4:f7:5e:f0:6d:dd:83:e7:
                    d4:a5:1f:17:8b:3c:47:ac:33:be:64:20:ac:fd:5a:
                    92:a2:90:25:17:18:2d:73:2d:a5:ec:d1:51:46:32:
                    b7:5f:8c:a3:78:25:7b:74:3a:60:32:bc:f1:c0:5f:
                    9a:97:c6:69:e9:36:a3:81:29:95:ad:5e:14:30:59:
                    36:9f:9a:18:5b:62:e0:e6:a5:b6:e9:c9:fe:70:f7:
                    70:d6:cf:8d:8c:e9:93:81:6e:4d:25:a2:6f:9a:71:
                    e7:ba:3b:45:27:52:95:ae:1b:bf:60:7d:bc:46:d5:
                    20:0e:58:48:57:ea:93:32:6f:0f:e2:19:6a:81:16:
                    44:01:ac:ae:b4:ac:0b:71:65:0c:3e:37:56:e5:80:
                    95:7b:cb:09:59:80:83:49:65:b7:9e:0c:b2:f4:a2:
                    cf:7e:09:7b:95:55:e0:3a:04:cb:76:3a:40:3c:4e:
                    9c:35:b0:37:1b:60:ef:67:2c:79:e3:45:32:c2:a9:
                    99:10:60:b4:95:2f:95:28:6e:2d:9a:8b:c1:2a:39:
                    99:ee:da:ee:53:de:f4:d1:45:b7:80:e9:95:f3:e2:
                    87:dc:f9:6c:62:c9:67:19:71:32:2a:36:27:11:3d:
                    cf:f8:1f:d5:1d:f7:b6:ac:26:56:b9:a5:09:af:6f:
                    c5:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:8F:D8:E0:94:BF:5B:83:A1:FE:A2:DE:5C:EE:5B:EC:53:61:E6:7A
            X509v3 Authority Key Identifier:
                keyid:5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:59:b3:97:7f:5a:fe:f8:79:aa:12:a1:9c:28:57:94:4d:10:
         2b:64:9e:95:b2:fe:4b:fa:75:e6:bb:de:08:de:08:43:45:f3:
         e3:0e:d3:8f:8e:f7:c3:d7:64:c7:04:c7:5c:58:1e:34:e9:9a:
         70:80:c5:19:99:64:34:a3:cf:dd:f2:7d:b2:bb:4d:a7:3a:02:
         fe:78:22:a7:fb:e5:ba:4f:ea:f6:2d:89:3e:6b:40:ea:09:f7:
         87:4c:6b:47:73:a1:3b:0e:6c:9a:ba:38:18:15:0f:27:9b:67:
         df:9d:77:0e:c0:91:85:20:52:6d:c8:81:c6:d1:79:aa:93:51:
         3f:68:db:bc:af:53:63:b4:32:16:cc:4f:17:ea:3b:24:85:c2:
         45:1b:d5:11:1b:0d:3c:ae:26:72:2e:df:cb:a0:30:53:9f:84:
         e8:4f:1e:5a:98:57:73:3f:3f:08:96:46:16:6a:b4:a7:48:af:
         2d:84:35:2e:de:91:f6:cf:35:8c:14:49:4e:96:88:2c:c6:87:
         6e:b2:15:ae:b1:62:d9:39:a5:ed:0b:e7:a4:64:59:57:11:a0:
         7c:d5:d6:24:51:a6:a6:c8:b6:6e:a8:57:be:1b:c2:5c:de:1a:
         2c:b8:35:5b:07:16:42:c2:85:b4:ee:d5:67:1c:1d:4b:fa:8d:
         5c:d3:94:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4wnwpmfPie0d+aXld15nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZTY5YzkxZDQ1MzM5NmJmYTE2NmYwNTFiZjhmMDZjMDNh
MDg1Y2IwHhcNMjYwNDE3MTAwMTAzWhcNMjYwNDE4MTAwMTAzWjAzMTEwLwYDVQQD
EyhjZDhmZDhlMDk0YmY1YjgzYTFmZWEyZGU1Y2VlNWJlYzUzNjFlNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvaLYgBnxPde8G3dg+fUpR8XizxH
rDO+ZCCs/VqSopAlFxgtcy2l7NFRRjK3X4yjeCV7dDpgMrzxwF+al8Zp6TajgSmV
rV4UMFk2n5oYW2Lg5qW26cn+cPdw1s+NjOmTgW5NJaJvmnHnujtFJ1KVrhu/YH28
RtUgDlhIV+qTMm8P4hlqgRZEAayutKwLcWUMPjdW5YCVe8sJWYCDSWW3ngyy9KLP
fgl7lVXgOgTLdjpAPE6cNbA3G2DvZyx540UywqmZEGC0lS+VKG4tmovBKjmZ7tru
U9700UW3gOmV8+KH3PlsYslnGXEyKjYnET3P+B/VHfe2rCZWuaUJr2/FAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2P2OCUv1uDof6i3lzuW+xTYeZ6MB8GA1UdIwQY
MBaAFFzmnJHUUzlr+hZvBRv48GwDoIXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQt
YTU5N2VlNjM3ZGI0LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQtYTU5N2VlNjM3ZGI0
LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAilmzl39a
/vh5qhKhnChXlE0QK2SelbL+S/p15rveCN4IQ0Xz4w7Tj473w9dkxwTHXFgeNOma
cIDFGZlkNKPP3fJ9srtNpzoC/ngip/vluk/q9i2JPmtA6gn3h0xrR3OhOw5smro4
GBUPJ5tn3513DsCRhSBSbciBxtF5qpNRP2jbvK9TY7QyFsxPF+o7JIXCRRvVERsN
PK4mci7fy6AwU5+E6E8eWphXcz8/CJZGFmq0p0ivLYQ1Lt6R9s81jBRJTpaILMaH
brIVrrFi2Tml7QvnpGRZVxGgfNXWJFGmpsi2bqhXvhvCXN4aLLg1WwcWQsKFtO7V
ZxwdS/qNXNOUPw==
-----END CERTIFICATE-----