Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          rHw3hOseBcF4lp+tlIlscmnf8t6dI5a9osKr29M/RSA=
Subject key identifier:   DA:DA:FD:2D:17:DC:78:28:80:4B:B4:D6:15:CD:69:85:80:A3:AA:84
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       019CAFEC706307E63A4889553FD6D2EBBBF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          1657
Signing time:             Mon 02 Mar 2026 19:00:33 +0000
Manifest this update:     Mon 02 Mar 2026 19:00:33 +0000
Manifest next update:     Tue 03 Mar 2026 19:00:33 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: WU1mxvL3X1In4VThgIA92qqmcsP7ICrNtqL0rei+hR8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:ec:70:63:07:e6:3a:48:89:55:3f:d6:d2:eb:bb:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: Mar  2 19:00:33 2026 GMT
            Not After : Mar  3 19:00:33 2026 GMT
        Subject: CN=dadafd2d17dc7828804bb4d615cd698580a3aa84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:7f:1a:92:26:fc:92:ed:f8:5c:61:53:c6:8f:
                    8e:69:60:e4:10:eb:f6:a6:e5:ad:a5:f3:c5:d3:14:
                    2a:e8:7b:46:c0:07:8b:50:d6:a0:d9:ff:59:bc:12:
                    b3:c2:ab:d3:28:6d:1e:cc:3b:e5:26:48:84:ed:5b:
                    9b:4f:a0:6a:be:03:8d:ab:99:67:81:53:c8:6b:e0:
                    d9:e1:78:1c:5b:14:c6:1f:77:7c:f1:4c:3a:f8:4d:
                    26:9f:6a:fa:2d:1e:d2:57:77:f5:08:ba:3b:96:ef:
                    a1:4b:70:59:3f:d3:23:21:1b:43:bf:0d:ec:5b:d5:
                    28:6e:e3:bc:df:bf:19:6e:92:ef:07:f4:6a:85:cb:
                    c7:ed:be:b2:10:50:96:47:3c:3e:df:d5:b9:95:e6:
                    8a:1c:ce:53:b9:68:e7:5f:02:d9:d0:69:cb:96:6e:
                    52:76:59:ef:4e:81:8e:6c:6c:8d:70:ce:9c:5b:02:
                    cb:70:fb:31:22:33:00:1b:a6:2d:04:35:e5:49:55:
                    70:4d:15:6d:27:dd:26:48:bf:ac:19:b9:37:b2:32:
                    a7:a1:7f:d3:de:6e:47:9d:48:a9:44:d6:c1:b1:b0:
                    97:26:fa:be:16:21:3f:7d:87:89:39:ed:53:a0:d2:
                    b7:34:43:88:d1:ae:38:a3:7f:83:67:05:6d:a9:ec:
                    7a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:DA:FD:2D:17:DC:78:28:80:4B:B4:D6:15:CD:69:85:80:A3:AA:84
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:17:08:0a:c5:39:66:3e:47:3f:97:f6:c9:d9:ed:f1:93:31:
         a6:d8:a2:a4:c2:df:a8:d6:3d:54:f0:c7:a4:4b:20:42:f3:20:
         f0:53:0a:6b:f1:fb:96:e9:97:ce:df:16:77:99:ed:3a:a3:0f:
         b5:bf:b9:ad:d2:4b:16:93:3c:52:72:98:73:12:8e:d8:db:88:
         40:a3:00:39:e3:60:a4:2c:ac:9b:3c:d8:f2:33:85:bb:53:9b:
         0c:c0:62:28:37:23:ef:e4:5a:98:fb:f5:a7:42:57:96:50:f9:
         04:1d:72:26:ee:2a:cb:8c:a4:8f:0f:61:c5:ab:15:05:e5:37:
         0b:55:2d:52:68:4c:bb:2d:46:d4:56:38:28:64:8e:28:57:2a:
         d2:7d:a5:48:64:a6:9e:68:39:24:53:3b:a6:3d:1d:ca:f9:26:
         4d:60:e8:e5:39:58:e0:19:a6:7b:2d:82:97:8c:b2:1b:ab:b1:
         09:59:f9:64:ef:cc:2b:d9:c3:9e:44:e2:8e:a7:72:fd:1e:33:
         31:af:83:60:98:ab:6b:fd:bf:cd:83:70:fe:9c:89:0c:dd:e1:
         08:12:4c:40:e1:56:67:fe:b9:9e:b2:8d:94:d1:ef:54:4f:dd:
         c5:70:6e:37:e1:a1:8f:d5:76:25:c5:74:e9:80:26:8e:da:74:
         42:32:df:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyv7HBjB+Y6SIlVP9bS67vxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjYwMzAyMTkwMDMzWhcNMjYwMzAzMTkwMDMzWjAzMTEwLwYDVQQD
EyhkYWRhZmQyZDE3ZGM3ODI4ODA0YmI0ZDYxNWNkNjk4NTgwYTNhYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp38akib8ku34XGFTxo+OaWDkEOv2
puWtpfPF0xQq6HtGwAeLUNag2f9ZvBKzwqvTKG0ezDvlJkiE7VubT6BqvgONq5ln
gVPIa+DZ4XgcWxTGH3d88Uw6+E0mn2r6LR7SV3f1CLo7lu+hS3BZP9MjIRtDvw3s
W9UobuO8378ZbpLvB/RqhcvH7b6yEFCWRzw+39W5leaKHM5TuWjnXwLZ0GnLlm5S
dlnvToGObGyNcM6cWwLLcPsxIjMAG6YtBDXlSVVwTRVtJ90mSL+sGbk3sjKnoX/T
3m5HnUipRNbBsbCXJvq+FiE/fYeJOe1ToNK3NEOI0a44o3+DZwVtqex6KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNra/S0X3HgogEu01hXNaYWAo6qEMB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABBcICsU5
Zj5HP5f2ydnt8ZMxptiipMLfqNY9VPDHpEsgQvMg8FMKa/H7lumXzt8Wd5ntOqMP
tb+5rdJLFpM8UnKYcxKO2NuIQKMAOeNgpCysmzzY8jOFu1ObDMBiKDcj7+RamPv1
p0JXllD5BB1yJu4qy4ykjw9hxasVBeU3C1UtUmhMuy1G1FY4KGSOKFcq0n2lSGSm
nmg5JFM7pj0dyvkmTWDo5TlY4Bmmey2Cl4yyG6uxCVn5ZO/MK9nDnkTijqdy/R4z
Ma+DYJira/2/zYNw/pyJDN3hCBJMQOFWZ/65nrKNlNHvVE/dxXBuN+Ghj9V2JcV0
6YAmjtp0QjLfeA==
-----END CERTIFICATE-----