Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
File:                     Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft (raw, json)
Hash identifier:          5jsMy5WTvdZE5sK6ab9WDCe9v1acxMXBd/U8Grs2UMI=
Subject key identifier:   F9:58:92:8A:93:8E:0A:61:4B:38:31:7D:CA:30:CF:ED:81:9C:56:BD
Authority key identifier: 5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B
Certificate issuer:       /CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b
Certificate serial:       019D9962A3FF755A540278FBB8336C0FECC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
Manifest number:          0F17
Signing time:             Fri 17 Apr 2026 03:01:11 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:11 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:11 +0000
Files and hashes:         1: Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl (hash: ZXuxjXbflMumPp4wr+lqnlf0BSR8ew+MwS7DXFwlLSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:a3:ff:75:5a:54:02:78:fb:b8:33:6c:0f:ec:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b
        Validity
            Not Before: Apr 17 03:01:11 2026 GMT
            Not After : Apr 18 03:01:11 2026 GMT
        Subject: CN=f958928a938e0a614b38317dca30cfed819c56bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ad:f1:f7:03:17:de:bc:66:c8:5a:17:23:0c:
                    d4:0a:a8:3c:9b:62:15:ca:a6:b9:5c:d9:a8:6b:f2:
                    9b:e4:3f:92:9a:ec:35:b1:d4:a5:ec:20:eb:92:ab:
                    61:08:00:3f:8e:f0:f6:f6:8e:dc:3b:44:09:05:1f:
                    aa:53:0b:3d:e0:cc:ea:66:9a:54:81:05:1d:b1:a2:
                    23:3a:64:2c:bb:e9:70:27:c6:98:fc:ed:ce:cc:45:
                    63:54:4a:ef:3a:07:60:a0:b0:ec:e7:59:07:f7:5d:
                    12:e9:fa:d1:47:69:78:bc:f3:35:20:85:16:6d:7e:
                    17:c0:dc:88:b2:87:b6:5f:fc:23:96:64:53:cc:6f:
                    39:88:bf:5c:58:3f:8d:30:b9:9c:ab:5c:fe:73:36:
                    d7:a7:4d:84:e8:8e:96:1c:7b:31:dc:12:8d:f0:29:
                    88:fd:3e:e7:c2:d7:e2:ff:23:3f:e6:2a:bc:ea:71:
                    c1:67:30:c2:70:ed:17:7b:72:f8:e4:fb:dd:74:50:
                    82:34:82:41:17:f1:2b:5a:bc:96:fa:3a:21:cc:3b:
                    53:ea:49:b1:ec:b6:3f:83:35:be:74:59:ce:7e:3f:
                    8c:b9:29:37:bb:81:36:87:ac:d8:8b:36:62:a5:f7:
                    4a:e0:d4:af:d9:61:72:02:3c:54:18:03:65:34:ed:
                    c1:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:58:92:8A:93:8E:0A:61:4B:38:31:7D:CA:30:CF:ED:81:9C:56:BD
            X509v3 Authority Key Identifier:
                keyid:5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:00:cd:ae:3f:8a:bb:4b:6e:da:43:6f:a5:3b:77:6d:0b:56:
         8f:bf:7c:26:2e:64:26:1c:fb:93:1e:b7:c7:7d:1f:ca:ea:f4:
         3a:9d:9b:6c:d6:35:1f:b2:0f:ea:46:fa:fe:50:1d:25:9c:dd:
         f9:2f:84:fb:77:91:a4:4c:61:a1:68:85:51:e9:c8:35:9f:18:
         f0:01:eb:68:9c:a1:66:89:f7:5f:78:be:66:88:e4:fd:22:32:
         f5:71:68:2f:2d:3f:9a:29:94:be:86:18:6b:a7:00:3f:01:2a:
         7d:f0:c0:2a:9e:f4:ce:55:75:d3:ad:16:e9:dd:2d:50:35:0a:
         2a:ba:4a:ca:2b:2c:cd:2c:44:97:56:d4:bb:fc:bc:ce:9b:4d:
         13:af:c2:7f:5f:58:c9:02:4a:1d:c2:2f:e1:f2:a0:bb:4d:dd:
         95:4c:f4:fc:d8:a2:77:e2:74:fe:80:15:d7:d1:b8:40:d0:29:
         74:99:4f:94:69:ef:0a:a2:40:d9:56:9b:c1:14:f8:6c:82:df:
         dc:e4:dd:56:38:21:c7:e4:ff:1c:3f:eb:76:6a:d4:b9:f4:a4:
         ae:79:55:a2:9d:a0:20:a1:23:c9:ad:95:08:a3:f0:a1:ab:86:
         63:dd:8f:58:2b:46:a2:f1:d2:4f:22:bb:91:ed:14:d2:78:6b:
         3e:57:ad:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYqP/dVpUAnj7uDNsD+zFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlM2U0ZmE4Yzk5NzFhZWYxMjM0NWZjMGUzN2QxNmIzNDU5
Yjc4M2IwHhcNMjYwNDE3MDMwMTExWhcNMjYwNDE4MDMwMTExWjAzMTEwLwYDVQQD
EyhmOTU4OTI4YTkzOGUwYTYxNGIzODMxN2RjYTMwY2ZlZDgxOWM1NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5K3x9wMX3rxmyFoXIwzUCqg8m2IV
yqa5XNmoa/Kb5D+Smuw1sdSl7CDrkqthCAA/jvD29o7cO0QJBR+qUws94MzqZppU
gQUdsaIjOmQsu+lwJ8aY/O3OzEVjVErvOgdgoLDs51kH910S6frRR2l4vPM1IIUW
bX4XwNyIsoe2X/wjlmRTzG85iL9cWD+NMLmcq1z+czbXp02E6I6WHHsx3BKN8CmI
/T7nwtfi/yM/5iq86nHBZzDCcO0Xe3L45PvddFCCNIJBF/ErWryW+johzDtT6kmx
7LY/gzW+dFnOfj+MuSk3u4E2h6zYizZipfdK4NSv2WFyAjxUGANlNO3BnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlYkoqTjgphSzgxfcowz+2BnFa9MB8GA1UdIwQY
MBaAFF4+T6jJlxrvEjRfwON9FrNFm3g7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGIt
M2EzYjAyOTZiYjgyLzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGItM2EzYjAyOTZiYjgy
LzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWwDNrj+K
u0tu2kNvpTt3bQtWj798Ji5kJhz7kx63x30fyur0Op2bbNY1H7IP6kb6/lAdJZzd
+S+E+3eRpExhoWiFUenINZ8Y8AHraJyhZon3X3i+Zojk/SIy9XFoLy0/mimUvoYY
a6cAPwEqffDAKp70zlV1060W6d0tUDUKKrpKyisszSxEl1bUu/y8zptNE6/Cf19Y
yQJKHcIv4fKgu03dlUz0/Niid+J0/oAV19G4QNApdJlPlGnvCqJA2VabwRT4bILf
3OTdVjghx+T/HD/rdmrUufSkrnlVop2gIKEjya2VCKPwoauGY92PWCtGovHSTyK7
ke0U0nhrPlet0A==
-----END CERTIFICATE-----