Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
File:                     XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft (raw, json)
Hash identifier:          atjUU+WEuf05XiQVLSLI7btLMxYxHY3NJoDQckIhpMA=
Subject key identifier:   E8:43:40:F8:8A:0C:7B:F6:9D:1E:CF:92:7A:6E:D5:99:05:8A:0E:94
Authority key identifier: 5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A
Certificate issuer:       /CN=5e5214158af310ffa9c315298343f4c3e66aec9a
Certificate serial:       019CADC7EBDEFDE225A12E399A8FED2C8CEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
Manifest number:          0893
Signing time:             Mon 02 Mar 2026 09:01:26 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:26 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:26 +0000
Files and hashes:         1: XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl (hash: 32nf4FCHCIslxJExtn8zR4WX4sBSKFl+LFlYpGv+DuY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:eb:de:fd:e2:25:a1:2e:39:9a:8f:ed:2c:8c:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5214158af310ffa9c315298343f4c3e66aec9a
        Validity
            Not Before: Mar  2 09:01:26 2026 GMT
            Not After : Mar  3 09:01:26 2026 GMT
        Subject: CN=e84340f88a0c7bf69d1ecf927a6ed599058a0e94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:da:e4:32:c3:ca:90:c2:e2:5d:7b:8d:56:e6:
                    3c:6a:cc:11:15:dd:df:e9:a7:d9:76:98:63:e9:26:
                    3c:1d:9e:4a:55:e0:59:44:bc:7f:1c:f6:3a:4b:82:
                    58:6b:8a:7e:5b:58:da:a4:eb:74:bc:45:9e:2f:9f:
                    c1:c4:cb:f3:f5:2d:c1:09:da:3f:7a:4c:5b:70:2e:
                    5b:8a:04:47:10:86:d7:8d:5a:fa:5e:46:ec:c5:73:
                    78:4e:d0:38:fb:4f:dd:c4:b9:2e:c5:ac:87:2d:28:
                    bd:e4:8e:cc:d7:29:72:d6:87:eb:a6:1e:c6:bf:5e:
                    0c:39:15:77:7c:63:b1:fd:b9:45:b1:01:40:d2:7b:
                    60:51:a8:f5:08:d2:91:d7:5b:a1:7f:a7:f6:f8:e4:
                    35:d2:f1:d9:70:b2:1f:bf:29:f3:03:10:75:a9:57:
                    db:1e:5d:2a:e0:e1:10:1f:db:f9:87:0b:d0:4e:e7:
                    07:24:50:6b:36:02:f4:65:cf:03:ce:d3:d2:e6:74:
                    ed:4c:16:92:35:9d:de:4d:e8:ab:2b:d2:88:61:49:
                    b1:ad:71:3e:2d:3e:48:fa:49:3f:59:55:cb:e7:4e:
                    ad:d3:b2:61:90:c7:78:f9:df:79:26:79:4b:b2:6a:
                    ed:5b:25:df:23:f1:80:9d:61:6f:a6:73:4c:0f:d5:
                    ce:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:43:40:F8:8A:0C:7B:F6:9D:1E:CF:92:7A:6E:D5:99:05:8A:0E:94
            X509v3 Authority Key Identifier:
                keyid:5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:71:01:ae:47:db:06:c3:a5:9c:7c:ad:0e:e7:e1:5d:22:f1:
         ed:42:f1:7e:e7:7c:3a:72:97:20:b3:26:c6:86:37:a8:0a:29:
         e7:ea:fa:a4:e2:58:09:2c:23:46:e2:51:a0:9b:5e:08:f4:0c:
         e1:8b:8f:d2:9e:d3:5b:07:b8:fb:a6:9e:21:27:ba:3e:17:fd:
         4d:7e:ba:2c:c4:11:01:ae:35:21:69:bf:fa:73:cd:33:0e:7c:
         97:33:45:33:70:61:ea:7d:64:a3:4c:cf:44:65:69:4d:51:5c:
         98:c0:bf:b5:d2:93:11:ec:80:16:b1:52:52:22:e0:b5:06:a6:
         b6:6d:64:76:f3:12:e8:ba:12:55:ba:bd:1d:29:03:1b:83:13:
         2f:c1:86:1e:bf:00:b3:49:a5:15:d0:33:14:a2:11:d4:02:40:
         d2:b0:5a:cd:cd:1d:3c:6c:26:08:a6:6d:13:c2:30:28:6a:56:
         d4:b6:a5:93:13:6c:e1:f3:20:3b:62:e7:7d:29:74:c6:b3:f3:
         0f:2d:a8:10:d8:88:c0:52:67:3f:48:cb:fa:2f:cf:28:b2:48:
         67:20:d3:61:fb:16:03:cd:7d:eb:5a:1f:80:94:17:4e:83:a9:
         f5:ef:09:b5:8b:18:91:a3:0b:f7:49:7e:8e:a6:72:56:22:89:
         b9:78:72:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx+ve/eIloS45mo/tLIzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTIxNDE1OGFmMzEwZmZhOWMzMTUyOTgzNDNmNGMzZTY2
YWVjOWEwHhcNMjYwMzAyMDkwMTI2WhcNMjYwMzAzMDkwMTI2WjAzMTEwLwYDVQQD
EyhlODQzNDBmODhhMGM3YmY2OWQxZWNmOTI3YTZlZDU5OTA1OGEwZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4drkMsPKkMLiXXuNVuY8aswRFd3f
6afZdphj6SY8HZ5KVeBZRLx/HPY6S4JYa4p+W1japOt0vEWeL5/BxMvz9S3BCdo/
ekxbcC5bigRHEIbXjVr6XkbsxXN4TtA4+0/dxLkuxayHLSi95I7M1yly1ofrph7G
v14MORV3fGOx/blFsQFA0ntgUaj1CNKR11uhf6f2+OQ10vHZcLIfvynzAxB1qVfb
Hl0q4OEQH9v5hwvQTucHJFBrNgL0Zc8DztPS5nTtTBaSNZ3eTeirK9KIYUmxrXE+
LT5I+kk/WVXL506t07JhkMd4+d95JnlLsmrtWyXfI/GAnWFvpnNMD9XOMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOhDQPiKDHv2nR7Pknpu1ZkFig6UMB8GA1UdIwQY
MBaAFF5SFBWK8xD/qcMVKYND9MPmauyaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAt
Zjk2ZjZmNzY5ODM4LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAtZjk2ZjZmNzY5ODM4
LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI3EBrkfb
BsOlnHytDufhXSLx7ULxfud8OnKXILMmxoY3qAop5+r6pOJYCSwjRuJRoJteCPQM
4YuP0p7TWwe4+6aeISe6Phf9TX66LMQRAa41IWm/+nPNMw58lzNFM3Bh6n1ko0zP
RGVpTVFcmMC/tdKTEeyAFrFSUiLgtQamtm1kdvMS6LoSVbq9HSkDG4MTL8GGHr8A
s0mlFdAzFKIR1AJA0rBazc0dPGwmCKZtE8IwKGpW1LalkxNs4fMgO2LnfSl0xrPz
Dy2oENiIwFJnP0jL+i/PKLJIZyDTYfsWA81961ofgJQXToOp9e8JtYsYkaML90l+
jqZyViKJuXhyEg==
-----END CERTIFICATE-----