Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
File:                     Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft (raw, json)
Hash identifier:          qyNxUUIN8qKzlhqpTW64mRU5nsP7wGOm8YVfeP0Fzvw=
Subject key identifier:   AC:8E:03:7F:23:E3:5C:43:66:A1:5A:05:C8:12:6E:C5:B7:5D:C7:94
Authority key identifier: 5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B
Certificate issuer:       /CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b
Certificate serial:       019CABD973F606BA989F2C6B3C1E02837051
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
Manifest number:          0E9C
Signing time:             Mon 02 Mar 2026 00:01:20 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:20 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:20 +0000
Files and hashes:         1: Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl (hash: fxDzqYFWMbycqUb2+Dxy1wz74K1mhL/pED5UbDxBb38=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:73:f6:06:ba:98:9f:2c:6b:3c:1e:02:83:70:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b
        Validity
            Not Before: Mar  2 00:01:20 2026 GMT
            Not After : Mar  3 00:01:20 2026 GMT
        Subject: CN=ac8e037f23e35c4366a15a05c8126ec5b75dc794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:67:d2:45:e2:b3:e3:59:2d:86:fd:ee:0c:87:
                    a6:7d:60:7e:d0:24:fc:3a:ec:80:b9:61:99:16:a0:
                    c1:db:d2:58:b4:6c:3f:e3:19:c4:98:b8:e3:a5:36:
                    e2:26:f4:f6:91:7d:c9:eb:75:db:ba:72:4a:8a:ef:
                    6d:ff:30:af:6f:62:6d:08:9b:c9:da:31:56:58:bd:
                    0d:42:de:43:85:70:8c:d4:f3:d2:d3:ad:c9:cf:3a:
                    20:e9:41:ed:08:94:fa:1a:24:eb:14:e8:d8:bf:f4:
                    52:a3:91:fe:d2:18:16:40:dc:2e:4a:8f:d4:fc:24:
                    e4:31:d5:0c:d4:30:14:ff:49:f3:1b:49:da:7b:59:
                    cf:ed:83:fb:22:28:a3:f7:7a:e6:e6:b4:33:95:45:
                    21:52:14:e7:07:69:8a:af:fc:5d:35:81:c1:41:5c:
                    16:5b:8a:c5:b7:86:cc:06:5c:cb:01:5f:83:42:58:
                    b5:f3:18:2d:5a:fb:b8:db:e5:ae:ee:70:9a:b6:53:
                    87:77:71:d7:5e:92:1d:47:01:08:07:41:3d:90:08:
                    fa:57:8e:34:83:73:40:aa:80:3f:51:cd:ca:91:c4:
                    6d:10:08:47:7e:6a:44:58:4a:28:cb:3d:72:fe:c3:
                    0c:6b:3c:18:19:f6:20:78:f5:8d:a2:ad:f0:6a:e7:
                    1b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:8E:03:7F:23:E3:5C:43:66:A1:5A:05:C8:12:6E:C5:B7:5D:C7:94
            X509v3 Authority Key Identifier:
                keyid:5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:c1:23:e4:a7:ec:8d:f7:0a:76:4a:cd:0e:d1:5c:40:68:ed:
         83:f4:49:5f:67:e8:04:a6:68:4f:ee:d3:b9:74:7b:e0:eb:36:
         3e:f8:25:50:bc:d6:8a:1e:55:1f:bb:8f:de:d6:64:d4:bd:3f:
         20:b5:17:3c:40:10:e5:41:8f:92:28:0e:c6:1a:06:34:18:1c:
         53:c4:47:33:49:94:dc:30:5b:f2:38:3d:4e:a1:be:f7:dd:9e:
         42:fb:4d:89:46:db:40:7c:b2:19:37:5a:40:e3:ab:6a:c1:60:
         e6:39:f8:2b:aa:87:57:28:af:bf:ca:a0:57:2f:35:fa:20:01:
         ff:a5:39:1e:37:42:67:68:9e:ca:b7:37:b3:d9:cb:5a:72:ec:
         bc:f7:47:3a:0d:f4:30:13:3b:96:10:27:49:51:4a:c8:60:cb:
         7d:bb:1c:7b:ba:62:c3:e7:bc:b4:d6:75:7c:2d:d0:e3:42:99:
         0e:a4:4d:02:87:eb:4c:1c:80:c7:20:10:61:1d:e6:93:64:70:
         78:99:0d:c3:23:67:d7:ef:b5:81:24:83:7f:3e:29:47:15:1e:
         04:52:08:ec:19:6b:a0:d9:22:1d:b3:d2:20:11:03:7b:9e:2d:
         29:7a:50:3c:b0:30:28:4a:83:46:94:f3:e3:40:c6:ec:66:9f:
         ed:71:a1:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2XP2BrqYnyxrPB4Cg3BRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlM2U0ZmE4Yzk5NzFhZWYxMjM0NWZjMGUzN2QxNmIzNDU5
Yjc4M2IwHhcNMjYwMzAyMDAwMTIwWhcNMjYwMzAzMDAwMTIwWjAzMTEwLwYDVQQD
EyhhYzhlMDM3ZjIzZTM1YzQzNjZhMTVhMDVjODEyNmVjNWI3NWRjNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmfSReKz41kthv3uDIemfWB+0CT8
OuyAuWGZFqDB29JYtGw/4xnEmLjjpTbiJvT2kX3J63XbunJKiu9t/zCvb2JtCJvJ
2jFWWL0NQt5DhXCM1PPS063Jzzog6UHtCJT6GiTrFOjYv/RSo5H+0hgWQNwuSo/U
/CTkMdUM1DAU/0nzG0nae1nP7YP7Iiij93rm5rQzlUUhUhTnB2mKr/xdNYHBQVwW
W4rFt4bMBlzLAV+DQli18xgtWvu42+Wu7nCatlOHd3HXXpIdRwEIB0E9kAj6V440
g3NAqoA/Uc3KkcRtEAhHfmpEWEooyz1y/sMMazwYGfYgePWNoq3waucbUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyOA38j41xDZqFaBcgSbsW3XceUMB8GA1UdIwQY
MBaAFF4+T6jJlxrvEjRfwON9FrNFm3g7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGIt
M2EzYjAyOTZiYjgyLzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGItM2EzYjAyOTZiYjgy
LzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf8Ej5Kfs
jfcKdkrNDtFcQGjtg/RJX2foBKZoT+7TuXR74Os2PvglULzWih5VH7uP3tZk1L0/
ILUXPEAQ5UGPkigOxhoGNBgcU8RHM0mU3DBb8jg9TqG+992eQvtNiUbbQHyyGTda
QOOrasFg5jn4K6qHVyivv8qgVy81+iAB/6U5HjdCZ2ieyrc3s9nLWnLsvPdHOg30
MBM7lhAnSVFKyGDLfbsce7piw+e8tNZ1fC3Q40KZDqRNAofrTByAxyAQYR3mk2Rw
eJkNwyNn1++1gSSDfz4pRxUeBFII7BlroNkiHbPSIBEDe54tKXpQPLAwKEqDRpTz
40DG7Gaf7XGhTA==
-----END CERTIFICATE-----