Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
File:                     xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft (raw, json)
Hash identifier:          zTaZBxsC/NL71OjCMhqzPe8LCMwsun78LcQYwr6NWTQ=
Subject key identifier:   72:E4:4F:58:90:79:4C:DB:2A:8E:FA:08:41:F1:04:5F:75:8E:44:53
Authority key identifier: C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0
Certificate issuer:       /CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
Certificate serial:       019CAB6B45328CFA5B6E894D6218082FBA62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:00:59 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:59 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:59 +0000
Files and hashes:         1: xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl (hash: VKzROSMrWGV8GIMHL3scBaPDQiPHBzD+chLWFQPIj1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:45:32:8c:fa:5b:6e:89:4d:62:18:08:2f:ba:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
        Validity
            Not Before: Mar  1 22:00:59 2026 GMT
            Not After : Mar  2 22:00:59 2026 GMT
        Subject: CN=72e44f5890794cdb2a8efa0841f1045f758e4453
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:0b:01:da:fb:22:43:f3:9e:e8:d2:25:61:d2:
                    3d:7f:5d:db:f2:89:10:f2:c8:b2:e2:75:b6:c0:a1:
                    ae:38:60:0f:11:f6:e5:66:be:27:d7:d5:98:88:9a:
                    62:4f:2f:62:48:d6:95:02:5b:35:3a:15:54:4a:24:
                    fd:f0:56:53:ae:9e:e9:96:e5:a7:b2:27:70:24:ed:
                    37:ba:23:05:0a:77:6d:fa:d3:45:b2:a2:47:ec:bc:
                    0f:7b:e8:a8:e5:17:34:1b:d2:fe:39:09:36:da:55:
                    7a:a4:f7:95:45:64:57:04:bc:32:de:82:80:c3:30:
                    d2:71:be:46:d5:b7:bd:64:aa:f6:db:ba:1b:64:4a:
                    d2:03:8e:75:42:22:c0:05:7a:2f:7d:b6:78:91:cd:
                    11:91:7b:9e:8c:b3:70:e2:b7:16:73:8b:55:57:1d:
                    21:c7:7d:b7:eb:9a:e6:01:0e:94:4e:98:1b:75:6a:
                    1e:45:25:bb:b5:9e:17:c7:9a:b4:f9:c7:ec:94:4e:
                    14:83:1f:ea:c6:aa:bf:67:b5:eb:91:fc:c2:57:2d:
                    14:c5:37:56:8c:9b:ff:ea:b2:aa:74:7d:59:97:da:
                    3c:40:13:a3:49:67:d6:6c:02:70:c6:c2:68:6a:99:
                    d7:ab:d9:73:2c:2b:10:87:03:18:2a:4a:2d:9c:1a:
                    dd:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:E4:4F:58:90:79:4C:DB:2A:8E:FA:08:41:F1:04:5F:75:8E:44:53
            X509v3 Authority Key Identifier:
                keyid:C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:62:bb:8d:ae:ac:aa:aa:e1:b2:0b:4e:fc:e9:c7:25:7d:91:
         bc:dd:6d:ee:65:60:ae:7f:08:8b:3a:eb:1f:19:af:9b:d7:1a:
         8e:5c:16:e0:13:85:fd:38:de:73:bc:e0:6a:6d:24:64:9e:45:
         0d:b2:91:bc:34:04:de:d2:38:72:62:a1:c7:2d:bd:92:ca:8f:
         c8:c7:19:3f:d2:b8:e7:e9:1a:5e:ee:79:0c:bc:72:de:c8:86:
         7c:33:c5:5d:e4:16:58:46:ae:73:a8:e5:98:b6:3a:1e:9e:40:
         e6:5a:a2:24:b1:c6:d7:b2:46:e2:5b:6c:54:ca:d1:e1:c2:e5:
         b6:88:de:b9:24:e5:b8:97:aa:02:49:8f:88:3f:42:87:8e:bb:
         8a:98:6f:e7:dd:00:32:6d:47:8b:a2:f8:03:36:5e:0a:c1:b7:
         71:47:5d:6b:97:c2:cd:d5:e3:bb:50:32:fb:db:f6:30:d6:75:
         45:8f:7f:d9:e5:50:a8:5c:cc:c2:8f:4e:54:83:62:29:d1:8e:
         f8:51:07:bc:83:d8:06:f7:5c:25:d6:cd:7c:53:38:77:09:10:
         0e:3a:b6:88:0c:61:d7:35:49:39:bb:75:44:5b:81:22:45:8d:
         be:49:17:09:95:74:b6:2e:9d:8c:4f:df:2d:4f:ec:a2:65:d0:
         06:2d:da:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra0UyjPpbbolNYhgIL7piMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZDE4ZTFhMWRjNjU1OGM0ZGJhNzMxZWZhMzI3NjljNDVm
NTRiYTAwHhcNMjYwMzAxMjIwMDU5WhcNMjYwMzAyMjIwMDU5WjAzMTEwLwYDVQQD
Eyg3MmU0NGY1ODkwNzk0Y2RiMmE4ZWZhMDg0MWYxMDQ1Zjc1OGU0NDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQsB2vsiQ/Oe6NIlYdI9f13b8okQ
8siy4nW2wKGuOGAPEfblZr4n19WYiJpiTy9iSNaVAls1OhVUSiT98FZTrp7pluWn
sidwJO03uiMFCndt+tNFsqJH7LwPe+io5Rc0G9L+OQk22lV6pPeVRWRXBLwy3oKA
wzDScb5G1be9ZKr227obZErSA451QiLABXovfbZ4kc0RkXuejLNw4rcWc4tVVx0h
x32365rmAQ6UTpgbdWoeRSW7tZ4Xx5q0+cfslE4Ugx/qxqq/Z7XrkfzCVy0UxTdW
jJv/6rKqdH1Zl9o8QBOjSWfWbAJwxsJoapnXq9lzLCsQhwMYKkotnBrdzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLkT1iQeUzbKo76CEHxBF91jkRTMB8GA1UdIwQY
MBaAFMXRjhodxlWMTbpzHvoydpxF9UugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgt
MWNiZTY2MWE2M2ZmLzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgtMWNiZTY2MWE2M2Zm
LzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemK7ja6s
qqrhsgtO/OnHJX2RvN1t7mVgrn8IizrrHxmvm9cajlwW4BOF/Tjec7zgam0kZJ5F
DbKRvDQE3tI4cmKhxy29ksqPyMcZP9K45+kaXu55DLxy3siGfDPFXeQWWEauc6jl
mLY6Hp5A5lqiJLHG17JG4ltsVMrR4cLltojeuSTluJeqAkmPiD9Ch467iphv590A
Mm1Hi6L4AzZeCsG3cUdda5fCzdXju1Ay+9v2MNZ1RY9/2eVQqFzMwo9OVINiKdGO
+FEHvIPYBvdcJdbNfFM4dwkQDjq2iAxh1zVJObt1RFuBIkWNvkkXCZV0ti6djE/f
LU/somXQBi3axQ==
-----END CERTIFICATE-----