Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          RGVDhC+1iVITliqdtSWB1v954EQvvR4SsXM6/37Z2oA=
Subject key identifier:   46:3B:76:9A:10:7D:7A:0E:D7:80:1E:FC:D6:3B:16:DE:7B:14:F2:F9
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       019D99CFF17BE5D24F6B7891AE0F43592997
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          095C
Signing time:             Fri 17 Apr 2026 05:00:34 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:34 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:34 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: 88wx/egIKqoeMBgomPkFpbMW95RnoQsju57B+Q25YFQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:cf:f1:7b:e5:d2:4f:6b:78:91:ae:0f:43:59:29:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Apr 17 05:00:34 2026 GMT
            Not After : Apr 18 05:00:34 2026 GMT
        Subject: CN=463b769a107d7a0ed7801efcd63b16de7b14f2f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:23:46:c6:4e:56:da:ff:3e:92:0f:f7:28:c8:
                    b2:d4:02:69:54:76:e5:0c:c3:35:ec:b7:64:29:57:
                    b9:37:ed:a8:18:13:11:5a:e8:14:85:2f:8f:58:3d:
                    68:67:5d:73:5d:4e:ad:79:e8:3a:36:0c:03:09:f5:
                    a6:d2:b4:25:1a:de:42:77:a4:b0:10:82:37:e6:54:
                    d5:c5:b4:28:c5:21:6f:80:f7:f5:0e:1b:1c:f3:8b:
                    6a:f9:d1:89:c8:0c:c7:e5:fd:6a:3a:b4:16:79:97:
                    d9:c4:3a:4a:fd:24:2a:74:14:8c:2e:1c:7f:6e:42:
                    54:f3:94:8f:91:3c:d1:6d:8d:c0:a2:28:94:92:94:
                    8a:d5:93:af:39:a1:d0:57:1e:65:fe:cf:2e:84:e6:
                    1c:78:d2:8a:8d:a7:23:4e:b7:a8:cd:c7:12:7d:c7:
                    da:8b:fa:e2:43:b0:d8:2d:01:7f:24:81:ab:12:e1:
                    dc:4c:92:95:11:da:b3:95:97:fd:8a:16:e8:27:13:
                    a9:ff:00:19:8e:77:43:df:70:38:65:5a:57:f2:43:
                    c2:96:0e:f7:22:53:99:d1:df:61:f5:01:d7:e0:52:
                    22:65:10:11:ac:ec:65:73:24:40:d6:70:38:d2:16:
                    d0:1b:d0:78:91:7d:3c:98:77:c4:d7:ae:d1:98:ac:
                    fb:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:3B:76:9A:10:7D:7A:0E:D7:80:1E:FC:D6:3B:16:DE:7B:14:F2:F9
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:2a:df:c5:77:ab:2a:42:85:94:aa:30:0b:97:9c:36:c3:3c:
         31:ea:6f:ca:58:df:0e:97:14:44:f0:2e:1a:e1:88:11:cd:91:
         9e:75:f1:6e:ba:82:51:ec:55:74:53:50:d1:a3:6a:68:75:40:
         bd:ac:82:e1:77:56:b8:2e:74:9c:e6:fb:45:d8:3a:06:dc:83:
         2c:d4:d0:1b:69:16:4e:2f:cd:9e:f3:94:da:de:0b:ad:c8:a6:
         26:60:c5:01:80:99:f5:96:3f:2c:90:65:d2:11:27:57:92:cf:
         26:c1:e3:04:29:79:4a:ed:ab:df:71:2f:ba:af:08:d0:1e:d2:
         29:74:71:59:c8:5a:cb:24:7d:a1:aa:d1:8c:56:c2:ea:ff:42:
         35:a1:49:c5:c8:67:41:2e:77:92:0c:77:1b:e6:00:c3:97:a2:
         94:0a:43:81:6a:73:27:0e:24:b8:87:c8:ae:f0:64:d3:11:04:
         86:3a:d5:f3:92:07:79:66:22:94:6a:a6:b7:fc:14:3b:dd:5f:
         5d:33:a3:f8:92:1e:50:6b:ee:28:08:b9:71:1e:c8:2c:1b:b5:
         5a:b6:b2:7a:16:96:95:96:b2:27:d6:98:f8:46:4b:96:fd:ca:
         5e:a1:28:6e:af:63:f1:c2:f2:cc:a9:a1:f4:09:f3:24:53:1f:
         61:fa:a9:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz/F75dJPa3iRrg9DWSmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjYwNDE3MDUwMDM0WhcNMjYwNDE4MDUwMDM0WjAzMTEwLwYDVQQD
Eyg0NjNiNzY5YTEwN2Q3YTBlZDc4MDFlZmNkNjNiMTZkZTdiMTRmMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iNGxk5W2v8+kg/3KMiy1AJpVHbl
DMM17LdkKVe5N+2oGBMRWugUhS+PWD1oZ11zXU6teeg6NgwDCfWm0rQlGt5Cd6Sw
EII35lTVxbQoxSFvgPf1Dhsc84tq+dGJyAzH5f1qOrQWeZfZxDpK/SQqdBSMLhx/
bkJU85SPkTzRbY3AoiiUkpSK1ZOvOaHQVx5l/s8uhOYceNKKjacjTreozccSfcfa
i/riQ7DYLQF/JIGrEuHcTJKVEdqzlZf9ihboJxOp/wAZjndD33A4ZVpX8kPClg73
IlOZ0d9h9QHX4FIiZRARrOxlcyRA1nA40hbQG9B4kX08mHfE167RmKz7pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEY7dpoQfXoO14Ae/NY7Ft57FPL5MB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPSrfxXer
KkKFlKowC5ecNsM8MepvyljfDpcURPAuGuGIEc2RnnXxbrqCUexVdFNQ0aNqaHVA
vayC4XdWuC50nOb7Rdg6BtyDLNTQG2kWTi/NnvOU2t4LrcimJmDFAYCZ9ZY/LJBl
0hEnV5LPJsHjBCl5Su2r33Evuq8I0B7SKXRxWchayyR9oarRjFbC6v9CNaFJxchn
QS53kgx3G+YAw5eilApDgWpzJw4kuIfIrvBk0xEEhjrV85IHeWYilGqmt/wUO91f
XTOj+JIeUGvuKAi5cR7ILBu1WrayehaWlZayJ9aY+EZLlv3KXqEobq9j8cLyzKmh
9AnzJFMfYfqp4g==
-----END CERTIFICATE-----