Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
File:                     XZOOJrKYSy-hYarAewS9uFCq3RY.mft (raw, json)
Hash identifier:          byl3S6cDAUFx/gkiB3/fckkO0QbBYCDjmr7Ad81F2jw=
Subject key identifier:   B4:4A:99:16:8C:8E:71:50:43:29:7B:AB:B3:74:B0:CD:3B:E2:CF:B1
Authority key identifier: 5D:93:8E:26:B2:98:4B:2F:A1:61:AA:C0:7B:04:BD:B8:50:AA:DD:16
Certificate issuer:       /CN=5d938e26b2984b2fa161aac07b04bdb850aadd16
Certificate serial:       019D97E1BEB092D59C6C5C5B79658163C02A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
Manifest number:          0CA6
Signing time:             Thu 16 Apr 2026 20:00:46 +0000
Manifest this update:     Thu 16 Apr 2026 20:00:46 +0000
Manifest next update:     Fri 17 Apr 2026 20:00:46 +0000
Files and hashes:         1: XZOOJrKYSy-hYarAewS9uFCq3RY.crl (hash: padxokvnnJTczqFQe3vkcYdEXBhFYiMfQCQKCQKUx6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 20:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:e1:be:b0:92:d5:9c:6c:5c:5b:79:65:81:63:c0:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d938e26b2984b2fa161aac07b04bdb850aadd16
        Validity
            Not Before: Apr 16 20:00:46 2026 GMT
            Not After : Apr 17 20:00:46 2026 GMT
        Subject: CN=b44a99168c8e715043297babb374b0cd3be2cfb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:54:97:fe:89:fe:53:14:38:57:4f:0b:9b:48:
                    f4:8b:03:58:59:3c:82:4d:8d:a3:57:91:5a:21:5b:
                    ee:1c:fd:22:b9:46:85:44:3d:d5:11:48:c8:66:37:
                    67:ea:96:c8:2b:e1:65:83:54:d6:ab:f3:b5:65:b9:
                    96:0f:bf:c8:2f:79:2c:51:0e:ab:af:b0:c9:e0:df:
                    fa:0d:7e:04:93:a1:bc:50:bd:3b:65:e3:82:ec:15:
                    47:ea:9f:56:4c:f0:71:bd:64:19:0e:4b:3c:32:22:
                    66:2c:19:5b:8b:91:26:f4:86:d9:10:00:04:84:c6:
                    1e:6a:e5:81:9f:2b:44:52:9c:39:34:54:ba:b3:83:
                    19:2c:57:66:b4:0d:fc:85:89:61:8c:cc:34:0f:16:
                    c2:2a:05:50:0d:fd:3e:3c:92:cb:4d:ff:fb:38:ed:
                    07:17:67:a4:4f:17:90:31:0d:7a:1f:c4:a6:89:f7:
                    74:b6:77:42:22:ee:82:2b:ef:ce:34:bc:c4:8e:65:
                    6e:26:90:90:38:c8:18:a4:9d:0e:56:6b:99:95:12:
                    a5:72:03:91:ff:b8:d4:50:6d:c0:fc:7a:a9:de:9e:
                    be:51:bd:4b:fd:99:a8:dc:93:17:9f:1e:02:69:af:
                    22:34:28:08:7d:ab:b0:84:1a:ed:e6:bd:c4:78:7b:
                    24:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:4A:99:16:8C:8E:71:50:43:29:7B:AB:B3:74:B0:CD:3B:E2:CF:B1
            X509v3 Authority Key Identifier:
                keyid:5D:93:8E:26:B2:98:4B:2F:A1:61:AA:C0:7B:04:BD:B8:50:AA:DD:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:9e:41:40:e4:0c:e6:09:86:5d:85:8a:9b:23:47:21:c6:67:
         91:42:6a:c3:ae:36:09:a4:98:a7:07:2e:29:dd:81:b3:b4:b8:
         c8:76:cb:3c:39:c1:0a:f0:fb:e0:06:02:53:6a:5f:f3:35:7a:
         57:56:10:a6:d5:3b:1c:c1:a4:82:69:5a:16:39:d2:93:ac:31:
         7c:65:49:f3:c6:a0:64:f0:b5:a6:b6:cc:af:3c:fb:77:72:63:
         8e:4c:c0:46:ef:51:b8:fb:56:98:bd:39:ab:50:99:4b:6c:72:
         f2:36:9e:40:a5:30:21:4c:96:de:c5:8d:46:f1:70:24:ea:4d:
         1e:60:54:1c:92:5f:87:05:39:8a:dd:95:df:bf:22:98:f6:32:
         3e:c1:8a:94:59:6a:a3:7e:ce:a1:10:c4:3d:6f:c8:2e:16:6c:
         4d:6e:1d:eb:1b:aa:d5:27:e8:b6:17:8d:e3:f2:47:62:d8:bd:
         cf:c7:c0:b0:d1:da:f5:cb:fd:3c:b9:c0:b8:1d:f4:a1:bf:56:
         09:51:d7:aa:3b:fb:ca:38:16:0b:89:34:14:4f:a7:ed:10:77:
         07:08:e2:1f:3e:3b:8e:62:1f:e7:f0:39:d9:b3:dd:da:dc:11:
         6c:81:c9:5b:f8:b8:2a:f0:44:78:ec:f1:f0:df:24:9f:f8:c3:
         24:cc:b2:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4b6wktWcbFxbeWWBY8AqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOTM4ZTI2YjI5ODRiMmZhMTYxYWFjMDdiMDRiZGI4NTBh
YWRkMTYwHhcNMjYwNDE2MjAwMDQ2WhcNMjYwNDE3MjAwMDQ2WjAzMTEwLwYDVQQD
EyhiNDRhOTkxNjhjOGU3MTUwNDMyOTdiYWJiMzc0YjBjZDNiZTJjZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lSX/on+UxQ4V08Lm0j0iwNYWTyC
TY2jV5FaIVvuHP0iuUaFRD3VEUjIZjdn6pbIK+Flg1TWq/O1ZbmWD7/IL3ksUQ6r
r7DJ4N/6DX4Ek6G8UL07ZeOC7BVH6p9WTPBxvWQZDks8MiJmLBlbi5Em9IbZEAAE
hMYeauWBnytEUpw5NFS6s4MZLFdmtA38hYlhjMw0DxbCKgVQDf0+PJLLTf/7OO0H
F2ekTxeQMQ16H8Smifd0tndCIu6CK+/ONLzEjmVuJpCQOMgYpJ0OVmuZlRKlcgOR
/7jUUG3A/Hqp3p6+Ub1L/Zmo3JMXnx4Caa8iNCgIfauwhBrt5r3EeHskBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRKmRaMjnFQQyl7q7N0sM074s+xMB8GA1UdIwQY
MBaAFF2TjiaymEsvoWGqwHsEvbhQqt0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xYmU5ZjEtNWM0OC00NDI3LWEyYjEt
NmVjN2RiZTI3YmIzLzEvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xYmU5ZjEtNWM0OC00NDI3LWEyYjEtNmVjN2RiZTI3YmIz
LzEvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFJ5BQOQM
5gmGXYWKmyNHIcZnkUJqw642CaSYpwcuKd2Bs7S4yHbLPDnBCvD74AYCU2pf8zV6
V1YQptU7HMGkgmlaFjnSk6wxfGVJ88agZPC1prbMrzz7d3JjjkzARu9RuPtWmL05
q1CZS2xy8jaeQKUwIUyW3sWNRvFwJOpNHmBUHJJfhwU5it2V378imPYyPsGKlFlq
o37OoRDEPW/ILhZsTW4d6xuq1SfotheN4/JHYti9z8fAsNHa9cv9PLnAuB30ob9W
CVHXqjv7yjgWC4k0FE+n7RB3BwjiHz47jmIf5/A52bPd2twRbIHJW/i4KvBEeOzx
8N8kn/jDJMyyig==
-----END CERTIFICATE-----