Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
File:                     xrjeVShQrOhfyMDhaFLMc98QFp0.mft (raw, json)
Hash identifier:          Stq6oLnzJ6+9T89rPiJQK4eaw+t1jqqYNjGlNft7Jb8=
Subject key identifier:   37:1A:80:EF:30:9B:B1:BE:30:B8:64:4E:C7:6A:1D:0B:D0:6B:68:DB
Authority key identifier: C6:B8:DE:55:28:50:AC:E8:5F:C8:C0:E1:68:52:CC:73:DF:10:16:9D
Certificate issuer:       /CN=c6b8de552850ace85fc8c0e16852cc73df10169d
Certificate serial:       019D9B8781B0045C965C44B87740E4BCD09F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
Manifest number:          0A98
Signing time:             Fri 17 Apr 2026 13:00:42 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:42 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:42 +0000
Files and hashes:         1: xrjeVShQrOhfyMDhaFLMc98QFp0.crl (hash: LKM504tQt5g7+wsQmB+vEIEbpg8cFL+bPVlu/Sv3U4E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 13:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:81:b0:04:5c:96:5c:44:b8:77:40:e4:bc:d0:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6b8de552850ace85fc8c0e16852cc73df10169d
        Validity
            Not Before: Apr 17 13:00:42 2026 GMT
            Not After : Apr 18 13:00:42 2026 GMT
        Subject: CN=371a80ef309bb1be30b8644ec76a1d0bd06b68db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a5:9f:a9:45:6d:fd:9d:07:31:bc:f8:8d:ca:
                    97:99:00:03:9f:58:46:7d:3a:ab:67:f8:75:4d:f6:
                    a5:c5:c6:b3:06:c2:0d:90:47:91:a8:35:ca:30:c0:
                    b7:21:28:d2:81:11:02:ba:65:eb:93:d2:39:0c:ec:
                    c8:aa:7f:56:af:62:4f:76:fb:91:5d:c5:67:e9:e1:
                    e1:79:3e:92:d7:bc:8c:a6:d7:af:37:ac:6e:1e:14:
                    07:ab:36:4b:b5:db:eb:36:13:7e:fd:0b:c1:4f:d7:
                    ca:c7:0f:5a:a4:c2:56:37:42:5b:f2:7a:18:3d:0f:
                    54:0e:bf:82:da:fd:1f:da:b0:84:25:f9:24:4a:38:
                    df:8e:3c:63:fb:e3:cc:39:60:59:27:9d:a0:ca:ad:
                    35:f1:ad:4f:19:91:8e:32:21:e5:e5:0d:c4:96:fa:
                    91:e2:24:24:3c:b3:df:da:d9:e4:e9:0c:d9:0d:d7:
                    9c:22:be:a2:29:59:a8:ff:82:a2:2a:94:68:15:30:
                    06:0c:d7:50:49:4c:7f:1a:46:36:3e:e2:7f:d9:9e:
                    0a:9e:b7:a5:87:ca:74:d7:c9:a0:c6:82:5d:64:1d:
                    d1:3d:f2:bf:42:94:44:68:90:7f:de:08:dd:08:6e:
                    58:bd:e1:23:75:12:1e:ac:c3:f2:e9:32:86:e9:04:
                    d0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:1A:80:EF:30:9B:B1:BE:30:B8:64:4E:C7:6A:1D:0B:D0:6B:68:DB
            X509v3 Authority Key Identifier:
                keyid:C6:B8:DE:55:28:50:AC:E8:5F:C8:C0:E1:68:52:CC:73:DF:10:16:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:46:06:ce:c9:db:b8:77:e6:25:a0:4a:52:18:c4:07:26:ff:
         66:88:fc:d8:a6:55:f9:2c:11:9a:93:96:d0:fa:29:c1:c7:c7:
         e5:b0:78:b9:24:cd:79:36:91:0b:2f:d8:e1:78:5d:a3:1b:09:
         f1:84:e6:fe:44:bf:76:f0:4e:2b:52:e6:f9:d9:ea:4d:12:52:
         9d:a4:f5:ae:a6:14:a0:00:2c:b7:9a:e3:6d:a7:2d:22:07:95:
         74:86:a7:91:21:45:54:a4:95:62:f6:78:3f:92:c2:b0:c2:53:
         96:9c:48:c2:41:54:aa:48:60:08:79:22:2c:11:95:f7:d8:10:
         da:ae:df:99:f7:b7:1a:dd:96:82:78:4d:e1:db:bf:47:b0:32:
         8c:66:fb:16:57:3d:62:c1:6b:60:55:3c:50:26:d7:9a:e3:d8:
         31:45:6c:bb:a5:15:fa:40:a0:fa:31:97:ce:8b:95:3e:6d:9f:
         f1:2b:26:d3:3d:7d:55:46:08:19:aa:a2:4e:7a:52:cb:d4:04:
         13:88:1b:82:74:d5:bb:2b:2d:3b:e4:27:7f:6b:33:63:bc:19:
         b2:78:23:3e:1e:32:2e:47:78:f6:f0:a8:b4:00:e5:85:2d:6f:
         a3:81:c3:af:ef:03:88:c2:25:71:7f:06:02:88:ea:18:a1:c2:
         27:df:69:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh4GwBFyWXES4d0DkvNCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YjhkZTU1Mjg1MGFjZTg1ZmM4YzBlMTY4NTJjYzczZGYx
MDE2OWQwHhcNMjYwNDE3MTMwMDQyWhcNMjYwNDE4MTMwMDQyWjAzMTEwLwYDVQQD
EygzNzFhODBlZjMwOWJiMWJlMzBiODY0NGVjNzZhMWQwYmQwNmI2OGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaWfqUVt/Z0HMbz4jcqXmQADn1hG
fTqrZ/h1TfalxcazBsINkEeRqDXKMMC3ISjSgRECumXrk9I5DOzIqn9Wr2JPdvuR
XcVn6eHheT6S17yMptevN6xuHhQHqzZLtdvrNhN+/QvBT9fKxw9apMJWN0Jb8noY
PQ9UDr+C2v0f2rCEJfkkSjjfjjxj++PMOWBZJ52gyq018a1PGZGOMiHl5Q3ElvqR
4iQkPLPf2tnk6QzZDdecIr6iKVmo/4KiKpRoFTAGDNdQSUx/GkY2PuJ/2Z4Knrel
h8p018mgxoJdZB3RPfK/QpREaJB/3gjdCG5YveEjdRIerMPy6TKG6QTQTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcagO8wm7G+MLhkTsdqHQvQa2jbMB8GA1UdIwQY
MBaAFMa43lUoUKzoX8jA4WhSzHPfEBadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yZjVkOTEtOTJiYS00MDJlLWJlMWMt
ZDI0MGQzNjExMDU4LzEveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yZjVkOTEtOTJiYS00MDJlLWJlMWMtZDI0MGQzNjExMDU4
LzEveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkEYGzsnb
uHfmJaBKUhjEByb/Zoj82KZV+SwRmpOW0PopwcfH5bB4uSTNeTaRCy/Y4XhdoxsJ
8YTm/kS/dvBOK1Lm+dnqTRJSnaT1rqYUoAAst5rjbactIgeVdIankSFFVKSVYvZ4
P5LCsMJTlpxIwkFUqkhgCHkiLBGV99gQ2q7fmfe3Gt2WgnhN4du/R7AyjGb7Flc9
YsFrYFU8UCbXmuPYMUVsu6UV+kCg+jGXzouVPm2f8Ssm0z19VUYIGaqiTnpSy9QE
E4gbgnTVuystO+Qnf2szY7wZsngjPh4yLkd49vCotADlhS1vo4HDr+8DiMIlcX8G
AojqGKHCJ99pDg==
-----END CERTIFICATE-----