Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
File:                     XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft (raw, json)
Hash identifier:          Zlg78aBN3IDxs6z0sDVtZNrehhtdkunYdAjMUf994xc=
Subject key identifier:   26:25:86:AC:03:2F:32:35:22:B1:1F:08:CF:30:9C:6F:2C:14:0E:58
Authority key identifier: 5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A
Certificate issuer:       /CN=5e5214158af310ffa9c315298343f4c3e66aec9a
Certificate serial:       019DA309ED7C628087BC134F809D2A4BE0CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
Manifest number:          0912
Signing time:             Sun 19 Apr 2026 00:00:29 +0000
Manifest this update:     Sun 19 Apr 2026 00:00:29 +0000
Manifest next update:     Mon 20 Apr 2026 00:00:29 +0000
Files and hashes:         1: XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl (hash: hXyn+rjEVXTZxhCRCcSIQuj624qfLCziJW11KYUCKII=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:09:ed:7c:62:80:87:bc:13:4f:80:9d:2a:4b:e0:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5214158af310ffa9c315298343f4c3e66aec9a
        Validity
            Not Before: Apr 19 00:00:29 2026 GMT
            Not After : Apr 20 00:00:29 2026 GMT
        Subject: CN=262586ac032f323522b11f08cf309c6f2c140e58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:fb:4a:ad:26:bb:78:5c:d3:34:6c:9e:dd:f0:
                    05:6f:07:fe:48:54:0b:93:f5:e3:19:78:92:53:d3:
                    74:06:0d:8a:e6:7b:3c:c1:55:96:76:0b:8d:16:06:
                    f5:22:30:b0:e0:51:72:6f:60:5e:50:3a:a3:da:03:
                    8a:ad:a0:fb:d1:21:7d:70:2b:7e:a4:2b:49:f0:87:
                    3d:59:18:11:0e:22:01:bc:1a:71:96:df:6a:01:19:
                    0c:45:bd:88:4b:52:bf:c3:a0:0b:e0:1d:df:7d:71:
                    90:64:14:3b:e0:f8:13:ec:e5:06:95:5a:ee:82:0a:
                    bf:a9:b0:1e:df:87:e4:8c:cf:89:02:90:cb:39:0f:
                    42:26:70:38:ee:2f:d0:66:e3:da:6f:0f:1d:2f:d4:
                    45:92:82:8b:2d:68:d9:ed:b8:e3:52:42:74:2d:7f:
                    93:bb:e8:02:a8:68:5b:ea:66:a3:41:25:ff:2a:d5:
                    32:c3:5a:d5:98:c9:f4:6f:9b:3d:3a:d1:6b:94:12:
                    7f:8f:c0:d6:c4:35:8e:c4:70:33:43:8d:56:58:17:
                    9b:8f:b8:fa:e4:35:f8:e1:b8:1d:d0:a6:0c:2e:8e:
                    1d:2e:2a:d4:47:85:cf:02:44:c5:01:aa:5a:08:c0:
                    74:b4:db:be:e8:79:b3:c9:b5:f7:80:18:68:ab:96:
                    c8:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:25:86:AC:03:2F:32:35:22:B1:1F:08:CF:30:9C:6F:2C:14:0E:58
            X509v3 Authority Key Identifier:
                keyid:5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:13:71:f7:45:ca:4c:d7:8a:31:e1:f2:c8:31:1b:51:a1:75:
         4d:27:76:23:50:11:69:56:2e:11:24:20:6b:12:21:b0:12:0e:
         ba:91:a1:77:a3:ec:7e:f0:73:16:1f:0d:b6:5e:66:e7:42:c2:
         56:71:b6:e5:14:ed:1e:9c:48:97:90:c5:64:21:90:39:15:50:
         69:a3:a8:75:00:17:33:74:8a:1a:a0:29:c2:a4:f2:8c:f0:3e:
         9a:40:5d:43:57:a3:d9:e5:37:46:92:2f:b2:a5:d8:3e:55:8c:
         28:77:3b:94:be:db:cd:62:d2:bc:5a:f0:fa:e2:18:e0:aa:ac:
         b2:99:dd:a3:2e:c2:dd:c2:4f:1a:83:43:32:75:98:51:ff:a1:
         1c:26:89:18:a1:75:59:5e:4c:f6:0a:87:d4:2d:fc:48:c7:61:
         6f:e4:e3:fd:53:0d:c0:c1:1b:f4:14:54:9e:a9:22:b7:0e:ca:
         41:d2:30:07:fe:d4:f5:9c:1e:5d:7d:c7:47:aa:be:b3:22:c6:
         59:80:dc:92:b4:a1:6b:d0:02:69:1b:ab:86:40:fc:6d:29:dd:
         ee:b3:23:4b:de:1d:4f:86:1b:cb:7f:4f:67:69:78:ae:34:f6:
         1a:7c:61:e1:ea:ec:ed:85:9c:5d:9a:25:5a:b9:6d:97:fe:57:
         1c:30:f3:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCe18YoCHvBNPgJ0qS+DKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTIxNDE1OGFmMzEwZmZhOWMzMTUyOTgzNDNmNGMzZTY2
YWVjOWEwHhcNMjYwNDE5MDAwMDI5WhcNMjYwNDIwMDAwMDI5WjAzMTEwLwYDVQQD
EygyNjI1ODZhYzAzMmYzMjM1MjJiMTFmMDhjZjMwOWM2ZjJjMTQwZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvtKrSa7eFzTNGye3fAFbwf+SFQL
k/XjGXiSU9N0Bg2K5ns8wVWWdguNFgb1IjCw4FFyb2BeUDqj2gOKraD70SF9cCt+
pCtJ8Ic9WRgRDiIBvBpxlt9qARkMRb2IS1K/w6AL4B3ffXGQZBQ74PgT7OUGlVru
ggq/qbAe34fkjM+JApDLOQ9CJnA47i/QZuPabw8dL9RFkoKLLWjZ7bjjUkJ0LX+T
u+gCqGhb6majQSX/KtUyw1rVmMn0b5s9OtFrlBJ/j8DWxDWOxHAzQ41WWBebj7j6
5DX44bgd0KYMLo4dLirUR4XPAkTFAapaCMB0tNu+6HmzybX3gBhoq5bISwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYlhqwDLzI1IrEfCM8wnG8sFA5YMB8GA1UdIwQY
MBaAFF5SFBWK8xD/qcMVKYND9MPmauyaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAt
Zjk2ZjZmNzY5ODM4LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAtZjk2ZjZmNzY5ODM4
LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRNx90XK
TNeKMeHyyDEbUaF1TSd2I1ARaVYuESQgaxIhsBIOupGhd6PsfvBzFh8Ntl5m50LC
VnG25RTtHpxIl5DFZCGQORVQaaOodQAXM3SKGqApwqTyjPA+mkBdQ1ej2eU3RpIv
sqXYPlWMKHc7lL7bzWLSvFrw+uIY4Kqsspndoy7C3cJPGoNDMnWYUf+hHCaJGKF1
WV5M9gqH1C38SMdhb+Tj/VMNwMEb9BRUnqkitw7KQdIwB/7U9ZweXX3HR6q+syLG
WYDckrSha9ACaRurhkD8bSnd7rMjS94dT4Yby39PZ2l4rjT2Gnxh4ers7YWcXZol
Wrltl/5XHDDzYQ==
-----END CERTIFICATE-----