Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          DLOgVTjTvLDYtzEoYCvvisfYO0TfsXXogOryMYfWeDk=
Subject key identifier:   A1:67:82:D1:87:79:14:69:B7:5E:13:6D:7D:D6:E3:A7:85:26:BA:04
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       019CAC4740F7D5D4554B3729A2B007AE2933
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          08E1
Signing time:             Mon 02 Mar 2026 02:01:16 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:16 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:16 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: o8DuMJZL2k7HsUpQSYFJ+g6msyldCSRlre8GkzPbnDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:40:f7:d5:d4:55:4b:37:29:a2:b0:07:ae:29:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Mar  2 02:01:16 2026 GMT
            Not After : Mar  3 02:01:16 2026 GMT
        Subject: CN=a16782d187791469b75e136d7dd6e3a78526ba04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:54:eb:d4:e6:d6:18:00:a4:de:34:ad:40:ad:
                    54:23:ce:17:60:c2:0a:bd:64:88:e6:16:4b:7c:25:
                    e2:f0:fe:b8:3c:07:4b:4b:ff:e5:35:62:84:74:e4:
                    d8:3c:25:86:61:9a:37:a9:5f:ac:c8:06:6d:48:c6:
                    8a:fc:9d:33:59:ca:6d:ae:55:59:ef:53:e4:17:9d:
                    ee:a0:9d:9e:3f:f5:54:34:23:ca:37:b8:99:c5:84:
                    9a:ee:36:5d:93:a7:80:26:bb:e1:9c:d8:71:f4:1a:
                    21:f5:8d:8b:cc:95:64:34:3a:fb:e0:f8:45:9b:27:
                    af:42:71:f3:b7:eb:39:fd:51:a4:3f:3f:87:61:d9:
                    97:e0:21:a0:17:8c:a3:f1:b4:76:49:1c:00:ea:f9:
                    dd:e9:dd:7e:b3:9a:f1:be:48:f3:11:6d:88:5a:f6:
                    bf:cf:d0:4f:cd:5a:24:27:e2:e3:16:bc:ac:59:9d:
                    a9:61:4d:42:42:f2:35:51:76:00:3c:1f:49:33:bd:
                    df:da:cf:19:1a:89:6b:c0:cb:dd:05:1b:e3:11:67:
                    91:f2:e0:12:79:00:b3:8b:fa:5c:88:2c:c3:b1:7d:
                    69:7a:a6:fb:10:ee:c8:13:a7:5f:dc:5d:e3:72:c6:
                    ba:9d:64:45:73:7c:ea:6c:5e:10:c0:dc:c8:27:f6:
                    00:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:67:82:D1:87:79:14:69:B7:5E:13:6D:7D:D6:E3:A7:85:26:BA:04
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ea:f9:b2:48:82:69:a6:df:23:58:55:55:92:01:f6:5d:5f:b2:
         32:f1:37:fc:c8:19:3f:0f:52:f1:a6:59:c4:7f:73:8a:f3:34:
         36:10:67:46:f5:ff:2f:8f:46:9b:82:99:9d:7f:52:93:06:99:
         20:9b:4b:ab:9c:47:aa:e2:c7:a0:31:7e:5d:a3:a1:0a:c5:59:
         ee:95:86:39:bd:48:2c:47:81:48:e6:15:12:11:58:fc:24:46:
         93:8a:66:81:42:5a:cd:ee:c6:68:ef:5e:7a:fb:ac:79:bb:c0:
         4d:57:f7:c9:e4:74:37:98:a9:83:57:5b:4d:7d:ee:1b:ac:63:
         8f:fa:31:4e:df:0e:f4:b7:04:a8:c8:45:7d:94:38:c4:1d:a5:
         2f:93:8c:0d:84:50:4c:4a:2f:cd:e1:64:b8:4d:3d:e9:86:61:
         37:5a:bb:c4:b4:e1:d5:82:54:c5:0c:39:ca:34:d0:55:af:de:
         05:16:3d:15:f1:59:2d:95:a7:80:90:d8:95:35:bb:2d:61:99:
         30:71:f3:82:45:e2:14:ee:60:39:55:18:7d:ac:49:d5:2e:b5:
         fb:fa:57:09:21:b0:a0:e4:2a:7e:39:7d:e7:5b:89:80:02:5d:
         e2:e1:f2:63:1b:43:32:c9:3d:ec:a7:5f:7e:68:13:c6:3c:23:
         2a:1f:0e:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR0D31dRVSzcporAHrikzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjYwMzAyMDIwMTE2WhcNMjYwMzAzMDIwMTE2WjAzMTEwLwYDVQQD
EyhhMTY3ODJkMTg3NzkxNDY5Yjc1ZTEzNmQ3ZGQ2ZTNhNzg1MjZiYTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VTr1ObWGACk3jStQK1UI84XYMIK
vWSI5hZLfCXi8P64PAdLS//lNWKEdOTYPCWGYZo3qV+syAZtSMaK/J0zWcptrlVZ
71PkF53uoJ2eP/VUNCPKN7iZxYSa7jZdk6eAJrvhnNhx9Boh9Y2LzJVkNDr74PhF
myevQnHzt+s5/VGkPz+HYdmX4CGgF4yj8bR2SRwA6vnd6d1+s5rxvkjzEW2IWva/
z9BPzVokJ+LjFrysWZ2pYU1CQvI1UXYAPB9JM73f2s8ZGolrwMvdBRvjEWeR8uAS
eQCzi/pciCzDsX1peqb7EO7IE6df3F3jcsa6nWRFc3zqbF4QwNzIJ/YAvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKFngtGHeRRpt14TbX3W46eFJroEMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA6vmySIJp
pt8jWFVVkgH2XV+yMvE3/MgZPw9S8aZZxH9zivM0NhBnRvX/L49Gm4KZnX9SkwaZ
IJtLq5xHquLHoDF+XaOhCsVZ7pWGOb1ILEeBSOYVEhFY/CRGk4pmgUJaze7GaO9e
evusebvATVf3yeR0N5ipg1dbTX3uG6xjj/oxTt8O9LcEqMhFfZQ4xB2lL5OMDYRQ
TEovzeFkuE096YZhN1q7xLTh1YJUxQw5yjTQVa/eBRY9FfFZLZWngJDYlTW7LWGZ
MHHzgkXiFO5gOVUYfaxJ1S61+/pXCSGwoOQqfjl951uJgAJd4uHyYxtDMsk97Kdf
fmgTxjwjKh8OGg==
-----END CERTIFICATE-----