Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft
File:                     xGtE1wczJKsoQWNn3gQPDkYzSNE.mft (raw, json)
Hash identifier:          KLQDy63MyFK2Kjn49UnS3Lmb1XkvgxUUxQCVl5hFg9E=
Subject key identifier:   17:B4:E8:77:7B:B1:32:83:68:06:2E:14:4D:27:EC:6F:EB:78:2A:45
Authority key identifier: C4:6B:44:D7:07:33:24:AB:28:41:63:67:DE:04:0F:0E:46:33:48:D1
Certificate issuer:       /CN=c46b44d7073324ab28416367de040f0e463348d1
Certificate serial:       019CADC7E6C0169D031EE136327AB81F1575
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft
Manifest number:          1071
Signing time:             Mon 02 Mar 2026 09:01:24 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:24 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:24 +0000
Files and hashes:         1: xGtE1wczJKsoQWNn3gQPDkYzSNE.crl (hash: YmqOhnqUUfmLfjPG8smHSTBlH98XG2lE8XSYvZvSe7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:e6:c0:16:9d:03:1e:e1:36:32:7a:b8:1f:15:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c46b44d7073324ab28416367de040f0e463348d1
        Validity
            Not Before: Mar  2 09:01:24 2026 GMT
            Not After : Mar  3 09:01:24 2026 GMT
        Subject: CN=17b4e8777bb1328368062e144d27ec6feb782a45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b6:cc:02:9d:b4:ab:80:d2:50:e7:0f:a4:74:
                    70:1d:17:cf:db:af:f3:67:f1:1f:35:82:2c:1a:0f:
                    6a:19:ef:6f:f7:ba:8d:a6:98:4b:6a:3f:c3:45:eb:
                    89:10:2f:9d:e8:8c:aa:0a:26:d0:15:50:d2:2a:71:
                    c0:f8:8a:db:13:26:a5:8d:74:5f:97:d2:c7:a3:73:
                    59:51:63:78:08:b3:c6:33:fb:97:9f:a8:5b:08:96:
                    69:f5:14:9c:a6:99:39:d0:28:1c:be:70:7a:64:20:
                    23:33:27:eb:66:25:e8:cc:30:18:cf:73:61:cd:4c:
                    41:55:4f:db:83:c0:26:79:2b:45:76:30:1d:ad:c9:
                    63:bd:6a:9e:74:92:fc:48:75:df:fc:89:74:4f:86:
                    99:b6:cf:64:92:1b:55:51:69:ae:86:21:56:7e:cb:
                    f2:d1:1f:0d:83:d2:d8:28:d7:e5:0f:10:76:23:38:
                    34:af:3a:6f:67:4a:20:d8:c1:11:58:03:62:25:d4:
                    3c:01:6f:b0:68:07:45:1a:7e:e8:2c:22:67:96:1d:
                    47:0d:67:3b:8e:cf:f9:15:c4:fd:17:fc:19:b1:73:
                    d2:67:45:fb:8e:21:9c:87:f8:df:4d:69:e3:df:97:
                    57:4e:d8:7d:e7:2f:b3:6a:cf:4d:73:88:07:e6:73:
                    64:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:B4:E8:77:7B:B1:32:83:68:06:2E:14:4D:27:EC:6F:EB:78:2A:45
            X509v3 Authority Key Identifier:
                keyid:C4:6B:44:D7:07:33:24:AB:28:41:63:67:DE:04:0F:0E:46:33:48:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:3b:c5:48:36:34:4d:c9:f9:57:57:08:b3:05:08:9f:0f:af:
         b3:b6:f4:86:a2:83:6b:42:24:c6:27:38:89:d4:b6:0f:a7:9d:
         26:48:a2:1a:8e:4b:cf:9d:f8:ed:61:b2:eb:eb:be:11:54:e0:
         32:2a:17:88:8a:f3:02:5c:04:fa:fd:ef:e1:09:0d:98:2e:37:
         89:35:de:cc:a0:16:3e:3c:22:4a:ee:01:77:c9:d7:e8:d2:7a:
         46:26:e3:05:2e:14:9c:75:89:ce:87:8f:0b:fe:53:df:0c:db:
         7c:a0:04:40:51:7a:68:94:0b:20:f3:ee:48:84:33:75:88:dc:
         17:34:60:9d:ff:10:2b:f6:5d:8b:a6:01:77:d9:49:4d:04:74:
         2a:5d:d2:71:6d:74:8e:3d:f8:99:70:21:be:40:69:77:c1:d2:
         f4:6b:6d:02:1c:40:ed:c0:9b:62:dc:6a:05:52:60:4e:90:3a:
         0c:a0:da:03:9b:20:51:2f:6c:71:2b:25:8c:6c:37:97:be:1b:
         c7:fb:d0:11:28:e8:58:e8:3e:0b:da:e1:2f:2d:49:0e:cb:e7:
         99:50:12:aa:48:51:70:a7:7d:39:04:6e:33:cd:f6:22:af:cf:
         00:f4:4d:30:2a:0d:64:50:1c:2b:6a:a5:48:c2:93:37:bc:d4:
         1d:8b:12:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx+bAFp0DHuE2Mnq4HxV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NmI0NGQ3MDczMzI0YWIyODQxNjM2N2RlMDQwZjBlNDYz
MzQ4ZDEwHhcNMjYwMzAyMDkwMTI0WhcNMjYwMzAzMDkwMTI0WjAzMTEwLwYDVQQD
EygxN2I0ZTg3NzdiYjEzMjgzNjgwNjJlMTQ0ZDI3ZWM2ZmViNzgyYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbbMAp20q4DSUOcPpHRwHRfP26/z
Z/EfNYIsGg9qGe9v97qNpphLaj/DReuJEC+d6IyqCibQFVDSKnHA+IrbEyaljXRf
l9LHo3NZUWN4CLPGM/uXn6hbCJZp9RScppk50CgcvnB6ZCAjMyfrZiXozDAYz3Nh
zUxBVU/bg8AmeStFdjAdrcljvWqedJL8SHXf/Il0T4aZts9kkhtVUWmuhiFWfsvy
0R8Ng9LYKNflDxB2Izg0rzpvZ0og2MERWANiJdQ8AW+waAdFGn7oLCJnlh1HDWc7
js/5FcT9F/wZsXPSZ0X7jiGch/jfTWnj35dXTth95y+zas9Nc4gH5nNk/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBe06Hd7sTKDaAYuFE0n7G/reCpFMB8GA1UdIwQY
MBaAFMRrRNcHMySrKEFjZ94EDw5GM0jRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81NDk3NzQtMGI3ZS00Yjg4LTg5ODEt
MWYwYWFjMTQ5NWFjLzEveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81NDk3NzQtMGI3ZS00Yjg4LTg5ODEtMWYwYWFjMTQ5NWFj
LzEveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxTvFSDY0
Tcn5V1cIswUInw+vs7b0hqKDa0Ikxic4idS2D6edJkiiGo5Lz5347WGy6+u+EVTg
MioXiIrzAlwE+v3v4QkNmC43iTXezKAWPjwiSu4Bd8nX6NJ6RibjBS4UnHWJzoeP
C/5T3wzbfKAEQFF6aJQLIPPuSIQzdYjcFzRgnf8QK/Zdi6YBd9lJTQR0Kl3ScW10
jj34mXAhvkBpd8HS9GttAhxA7cCbYtxqBVJgTpA6DKDaA5sgUS9scSsljGw3l74b
x/vQESjoWOg+C9rhLy1JDsvnmVASqkhRcKd9OQRuM832Iq/PAPRNMCoNZFAcK2ql
SMKTN7zUHYsSHA==
-----END CERTIFICATE-----