Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          pxnViCtLnxo9zpxrIrzBnTocz62iu0SJmaUCuPGEIcQ=
Subject key identifier:   99:85:AF:F9:CA:14:2B:33:CA:D6:DB:F7:0C:51:9F:46:7A:B8:81:BE
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       019D9D7595E058C586FC9F95B69B9B29FBE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          16D5
Signing time:             Fri 17 Apr 2026 22:00:22 +0000
Manifest this update:     Fri 17 Apr 2026 22:00:22 +0000
Manifest next update:     Sat 18 Apr 2026 22:00:22 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: ALFaSCffzVIHO7rpFESz1Wq/CrNQBNgxBRIucMexoEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9d:75:95:e0:58:c5:86:fc:9f:95:b6:9b:9b:29:fb:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: Apr 17 22:00:22 2026 GMT
            Not After : Apr 18 22:00:22 2026 GMT
        Subject: CN=9985aff9ca142b33cad6dbf70c519f467ab881be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:62:05:bd:5a:d7:a4:8f:92:be:38:4f:f1:52:
                    72:7b:f2:d6:05:70:4b:83:0c:45:31:81:fd:76:77:
                    30:e4:a9:e8:a4:64:3b:ee:93:d4:e7:77:cc:a4:6a:
                    03:55:7f:f1:31:9c:94:99:9e:9d:50:53:74:d1:4f:
                    43:e6:cf:94:92:15:ab:a8:a4:89:3a:78:5c:93:ce:
                    bd:9d:d9:87:28:81:bc:45:c8:3f:55:b5:3d:cb:22:
                    21:7f:db:af:f8:89:96:11:e2:60:64:01:51:77:da:
                    e8:0c:58:f7:15:f2:8e:a9:26:df:3f:c0:43:64:f6:
                    84:6a:0f:23:3b:ab:ee:fd:e7:8d:f8:4e:86:db:20:
                    e4:55:c2:2f:b3:75:11:f9:cf:75:5b:99:59:29:7a:
                    d6:92:de:bd:47:4a:be:c1:68:05:fa:7b:d2:ff:d8:
                    a3:ac:1a:6c:3c:21:d1:8a:c8:00:89:f8:cc:55:77:
                    59:d2:1f:5a:90:d8:56:c1:f4:47:47:2f:13:dc:71:
                    b1:32:49:a4:d0:59:2b:ba:1b:c2:75:9b:05:b9:8c:
                    fb:fc:60:ad:6e:dd:80:b8:c9:bd:41:55:2e:5f:3d:
                    81:b8:0c:95:dd:56:22:64:71:dd:74:c7:f9:37:57:
                    2c:2b:7e:87:84:a2:cf:1f:e0:19:db:1a:28:1f:0a:
                    4e:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:85:AF:F9:CA:14:2B:33:CA:D6:DB:F7:0C:51:9F:46:7A:B8:81:BE
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:74:09:5d:ac:65:23:b5:2d:87:c6:24:6b:e5:8a:2f:31:c4:
         8c:84:6f:a1:93:1b:a9:bb:41:46:8b:7e:92:37:7d:12:fa:7a:
         c5:64:c8:9d:4c:a2:5c:10:6a:6c:69:48:57:2c:d5:ed:58:39:
         f6:4d:8c:32:2f:7c:21:5c:9c:95:70:99:70:c3:4e:0d:d6:a6:
         f2:7d:ce:1d:b5:70:45:0d:3b:1d:51:2e:60:a4:46:f7:c4:f6:
         70:a2:ff:8e:78:cf:9c:26:08:0d:f6:47:dd:81:a7:f8:81:dc:
         b7:66:90:cd:2a:c1:16:63:82:94:1c:1a:be:30:33:03:f6:67:
         ed:ba:a8:62:22:5c:f7:99:70:13:f8:9d:53:d3:e5:4f:99:fa:
         e4:64:23:93:4a:86:81:82:2b:72:0f:84:dd:ca:a6:e1:14:dd:
         05:91:96:8a:ae:17:03:55:1e:d2:cc:cd:3a:35:41:52:61:8b:
         0b:93:fd:62:8d:6d:e3:3e:16:36:0c:9b:38:ec:9e:1b:3c:64:
         6c:7f:9b:23:b0:c1:70:da:94:25:fe:2c:1b:a3:21:98:73:ec:
         10:c6:aa:20:da:27:5f:6e:a8:1e:83:31:7e:0e:6c:07:f9:ee:
         d9:dc:1c:e8:45:1b:ae:91:e5:ca:f3:72:c3:5e:db:ac:b5:53:
         73:6b:ec:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ddZXgWMWG/J+VtpubKfvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjYwNDE3MjIwMDIyWhcNMjYwNDE4MjIwMDIyWjAzMTEwLwYDVQQD
Eyg5OTg1YWZmOWNhMTQyYjMzY2FkNmRiZjcwYzUxOWY0NjdhYjg4MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mIFvVrXpI+SvjhP8VJye/LWBXBL
gwxFMYH9dncw5KnopGQ77pPU53fMpGoDVX/xMZyUmZ6dUFN00U9D5s+UkhWrqKSJ
Onhck869ndmHKIG8Rcg/VbU9yyIhf9uv+ImWEeJgZAFRd9roDFj3FfKOqSbfP8BD
ZPaEag8jO6vu/eeN+E6G2yDkVcIvs3UR+c91W5lZKXrWkt69R0q+wWgF+nvS/9ij
rBpsPCHRisgAifjMVXdZ0h9akNhWwfRHRy8T3HGxMkmk0FkruhvCdZsFuYz7/GCt
bt2AuMm9QVUuXz2BuAyV3VYiZHHddMf5N1csK36HhKLPH+AZ2xooHwpOjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmFr/nKFCszytbb9wxRn0Z6uIG+MB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAknQJXaxl
I7Uth8Yka+WKLzHEjIRvoZMbqbtBRot+kjd9Evp6xWTInUyiXBBqbGlIVyzV7Vg5
9k2MMi98IVyclXCZcMNODdam8n3OHbVwRQ07HVEuYKRG98T2cKL/jnjPnCYIDfZH
3YGn+IHct2aQzSrBFmOClBwavjAzA/Zn7bqoYiJc95lwE/idU9PlT5n65GQjk0qG
gYIrcg+E3cqm4RTdBZGWiq4XA1Ue0szNOjVBUmGLC5P9Yo1t4z4WNgybOOyeGzxk
bH+bI7DBcNqUJf4sG6MhmHPsEMaqINonX26oHoMxfg5sB/nu2dwc6EUbrpHlyvNy
w17brLVTc2vsBQ==
-----END CERTIFICATE-----