Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          nPkN0tpirpSxULTjwdqorDOU52MYTZVhWmn9POfg+A0=
Subject key identifier:   FF:7A:8F:0D:1F:38:E6:79:52:FE:18:FE:1F:69:A3:54:05:6C:08:74
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       019CAC0FA8787BC1DA71A7B02D89AF3626DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          1658
Signing time:             Mon 02 Mar 2026 01:00:33 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:33 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:33 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: cGtNdRK1v+vda6NqXqzDapnUv86b9kAWojsHbuxMeaY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:a8:78:7b:c1:da:71:a7:b0:2d:89:af:36:26:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: Mar  2 01:00:33 2026 GMT
            Not After : Mar  3 01:00:33 2026 GMT
        Subject: CN=ff7a8f0d1f38e67952fe18fe1f69a354056c0874
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:be:55:85:b4:9d:dd:7f:52:b8:f6:33:37:61:
                    66:b1:35:9b:02:94:74:5b:92:ca:1e:fc:d2:e6:d5:
                    a9:0b:55:1c:2e:d0:c1:49:7b:1c:c0:f2:3e:d6:14:
                    cf:34:c4:dc:d2:e4:d9:72:7a:b5:30:58:e1:26:c2:
                    f7:76:86:b9:96:49:04:92:31:5f:36:a4:ab:80:da:
                    02:21:9e:46:d9:75:14:87:44:6f:4e:70:3d:27:e6:
                    0f:93:76:bd:19:b0:9b:42:ec:5b:9a:af:ff:ce:4f:
                    cd:1d:06:2b:32:b5:f1:00:03:a2:28:a3:64:76:3f:
                    bd:72:cd:40:a3:71:a5:50:8e:b8:9a:e7:ac:f1:68:
                    3f:38:05:04:07:6b:bf:37:39:57:9c:b9:8e:a5:18:
                    e4:73:96:a8:97:12:4c:aa:f8:0e:56:c2:27:ec:b8:
                    8f:87:1e:3f:47:1c:25:38:e8:c4:20:b6:a8:78:64:
                    3f:d5:ce:c6:0f:fc:c3:44:fa:9f:54:f7:75:1a:02:
                    3c:6a:3e:dc:74:b2:4f:38:32:89:94:5d:06:14:1d:
                    43:25:8c:46:c3:0f:fa:48:70:d6:fa:51:72:bb:00:
                    dd:ca:42:8a:65:e1:3b:15:38:7d:0d:90:2a:15:cc:
                    a3:94:0b:e8:43:0e:90:d7:a2:34:4a:3f:32:42:84:
                    1d:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:7A:8F:0D:1F:38:E6:79:52:FE:18:FE:1F:69:A3:54:05:6C:08:74
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:79:42:ee:9b:c3:bf:30:22:a5:88:92:af:d8:64:e3:1a:f7:
         e0:34:3f:cf:a2:08:29:e9:78:19:17:f3:22:b1:2e:c1:97:f0:
         0f:c4:a6:46:6d:00:78:c1:97:6b:09:e0:f0:2f:b4:49:ac:d8:
         12:ca:0c:97:41:b1:b1:31:ce:a3:6a:dc:b5:9b:f8:23:e0:c7:
         d3:7e:3f:69:13:76:97:db:e9:e3:9c:40:a5:61:e8:fa:c2:73:
         14:a4:ac:47:d8:c6:c7:aa:db:b4:02:cd:77:b5:b8:97:b5:11:
         a2:a1:48:db:33:dc:b0:87:21:03:84:29:4a:df:8b:dc:d2:87:
         86:d7:22:6b:fa:5f:e7:6c:70:4b:a8:23:64:e3:5f:1f:06:f4:
         22:e1:96:f5:3e:d9:90:61:11:08:31:df:9f:03:fd:e9:9e:38:
         b4:bb:38:94:5a:57:34:04:74:fc:48:76:a6:20:a1:9b:b4:2e:
         7d:b1:9c:59:11:c5:ca:3d:59:04:80:02:46:9c:0b:79:5c:98:
         88:d5:5d:58:3c:46:3b:73:a2:c2:6f:41:7a:fc:e3:85:21:c5:
         25:ed:04:d6:e6:5e:d2:5a:86:40:ed:cf:ce:b6:aa:0a:fb:3d:
         5f:6d:ed:c8:37:c7:f9:9d:d4:04:68:f4:18:1e:75:1b:9e:5d:
         de:6a:a7:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD6h4e8HacaewLYmvNibfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjYwMzAyMDEwMDMzWhcNMjYwMzAzMDEwMDMzWjAzMTEwLwYDVQQD
EyhmZjdhOGYwZDFmMzhlNjc5NTJmZTE4ZmUxZjY5YTM1NDA1NmMwODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0b5VhbSd3X9SuPYzN2FmsTWbApR0
W5LKHvzS5tWpC1UcLtDBSXscwPI+1hTPNMTc0uTZcnq1MFjhJsL3doa5lkkEkjFf
NqSrgNoCIZ5G2XUUh0RvTnA9J+YPk3a9GbCbQuxbmq//zk/NHQYrMrXxAAOiKKNk
dj+9cs1Ao3GlUI64mues8Wg/OAUEB2u/NzlXnLmOpRjkc5aolxJMqvgOVsIn7LiP
hx4/RxwlOOjEILaoeGQ/1c7GD/zDRPqfVPd1GgI8aj7cdLJPODKJlF0GFB1DJYxG
ww/6SHDW+lFyuwDdykKKZeE7FTh9DZAqFcyjlAvoQw6Q16I0Sj8yQoQdJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP96jw0fOOZ5Uv4Y/h9po1QFbAh0MB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArnlC7pvD
vzAipYiSr9hk4xr34DQ/z6IIKel4GRfzIrEuwZfwD8SmRm0AeMGXawng8C+0SazY
EsoMl0GxsTHOo2rctZv4I+DH034/aRN2l9vp45xApWHo+sJzFKSsR9jGx6rbtALN
d7W4l7URoqFI2zPcsIchA4QpSt+L3NKHhtcia/pf52xwS6gjZONfHwb0IuGW9T7Z
kGERCDHfnwP96Z44tLs4lFpXNAR0/Eh2piChm7QufbGcWRHFyj1ZBIACRpwLeVyY
iNVdWDxGO3Oiwm9BevzjhSHFJe0E1uZe0lqGQO3PzraqCvs9X23tyDfH+Z3UBGj0
GB51G55d3mqnLA==
-----END CERTIFICATE-----