Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
File:                     mdXL9__sUlSnHvex7fem12x1liU.mft (raw, json)
Hash identifier:          JyUCOkZUpvC5IXJpZnBykScTo+SKrdrl6M2LvKojXYo=
Subject key identifier:   F3:89:1E:50:B7:40:DE:27:7E:96:F5:D1:46:9B:84:12:85:4E:EC:3A
Authority key identifier: 99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25
Certificate issuer:       /CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
Certificate serial:       019CAB6B049B463ABF0638A1929215B90432
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:00:43 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:43 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:43 +0000
Files and hashes:         1: mdXL9__sUlSnHvex7fem12x1liU.crl (hash: YjAoF44JWsmgbMwEb/h0JGPBX4nqM6ERGusZfffXfZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:04:9b:46:3a:bf:06:38:a1:92:92:15:b9:04:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
        Validity
            Not Before: Mar  1 22:00:43 2026 GMT
            Not After : Mar  2 22:00:43 2026 GMT
        Subject: CN=f3891e50b740de277e96f5d1469b8412854eec3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:15:01:28:d7:b3:03:49:e7:f7:d9:4e:85:11:
                    6e:ab:c6:77:b8:27:60:7b:91:3f:bc:27:b0:d4:ac:
                    d7:7b:60:40:51:e2:eb:6b:36:77:98:16:f9:9d:db:
                    40:16:48:a3:e0:41:fa:5f:1b:05:22:55:cf:95:94:
                    ee:cc:53:ca:a3:5d:5b:14:95:c6:7c:34:bd:24:b2:
                    45:5a:f9:00:b9:4f:5b:1e:05:80:bc:67:30:23:f1:
                    fc:7f:7b:82:5a:57:e1:ea:b7:12:9b:23:b5:7e:da:
                    a6:9f:61:3e:88:c6:66:e9:ae:d3:d7:91:f9:08:a5:
                    64:3e:90:a7:69:8b:bf:b1:0d:44:e1:1e:26:7f:62:
                    69:9f:5f:b6:a5:b5:08:d5:ef:32:a5:5b:1c:1b:a6:
                    6e:ae:b4:27:d6:03:40:df:0a:92:5a:f1:2f:da:50:
                    f1:84:7c:b3:5e:89:af:c2:47:64:08:86:b1:d8:83:
                    b9:ef:b1:2d:e5:3d:c7:24:0d:52:42:d7:27:ef:57:
                    69:82:16:0e:6f:68:ef:6b:21:08:cd:2c:03:79:13:
                    c1:01:ff:80:87:55:9c:37:27:92:a0:80:3c:e3:f2:
                    1d:66:6f:3f:3e:86:89:ac:03:35:f1:11:6c:59:9f:
                    6a:d9:4b:1e:a8:1d:18:6c:4b:19:5d:e4:90:e3:6a:
                    9e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:89:1E:50:B7:40:DE:27:7E:96:F5:D1:46:9B:84:12:85:4E:EC:3A
            X509v3 Authority Key Identifier:
                keyid:99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:5b:10:bf:c0:68:7a:ed:c3:01:9e:ce:c5:8f:58:66:96:de:
         24:31:10:ee:b4:ac:fb:fa:ef:46:e1:98:ff:0d:10:d3:67:78:
         b7:44:25:a1:21:87:5c:d3:45:88:6a:8a:75:01:8f:31:6e:38:
         1d:26:3f:b6:c1:da:b0:af:69:c3:4a:57:c7:6d:4e:db:ca:44:
         10:7b:34:5b:e6:1b:cd:3f:ea:8d:ca:fc:cb:13:4a:02:26:56:
         84:f3:65:bd:b5:4a:6c:ee:62:e5:e8:6a:90:1e:06:b0:4c:99:
         05:0c:f4:b4:c2:9c:a4:ca:ff:21:8f:21:ed:de:b8:23:a0:79:
         c6:bc:1c:4c:62:ab:c3:7c:1e:b0:9e:8d:46:63:51:8e:b4:ac:
         6f:02:cb:ee:9f:fc:4e:81:4e:ad:b0:f7:8c:0a:f0:8b:a6:ad:
         a6:0c:93:69:47:d5:c6:54:b1:4a:2a:89:a0:b2:30:09:f5:d4:
         64:c0:c1:ef:44:ee:10:af:08:b8:01:76:51:f2:27:73:a8:69:
         3c:d9:0e:81:b9:3e:0d:0e:26:ee:56:cc:3d:70:19:f3:da:88:
         66:1e:72:b5:89:55:13:85:ec:93:0e:0c:d9:8a:6b:9c:56:1c:
         80:6a:32:92:de:39:a3:c5:03:46:13:7b:3c:38:28:e1:ef:fd:
         54:c9:cd:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrawSbRjq/BjihkpIVuQQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDVjYmY3ZmZlYzUyNTRhNzFlZjdiMWVkZjdhNmQ3NmM3
NTk2MjUwHhcNMjYwMzAxMjIwMDQzWhcNMjYwMzAyMjIwMDQzWjAzMTEwLwYDVQQD
EyhmMzg5MWU1MGI3NDBkZTI3N2U5NmY1ZDE0NjliODQxMjg1NGVlYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRUBKNezA0nn99lOhRFuq8Z3uCdg
e5E/vCew1KzXe2BAUeLrazZ3mBb5ndtAFkij4EH6XxsFIlXPlZTuzFPKo11bFJXG
fDS9JLJFWvkAuU9bHgWAvGcwI/H8f3uCWlfh6rcSmyO1ftqmn2E+iMZm6a7T15H5
CKVkPpCnaYu/sQ1E4R4mf2Jpn1+2pbUI1e8ypVscG6ZurrQn1gNA3wqSWvEv2lDx
hHyzXomvwkdkCIax2IO577Et5T3HJA1SQtcn71dpghYOb2jvayEIzSwDeRPBAf+A
h1WcNyeSoIA84/IdZm8/PoaJrAM18RFsWZ9q2UseqB0YbEsZXeSQ42qelQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPOJHlC3QN4nfpb10UabhBKFTuw6MB8GA1UdIwQY
MBaAFJnVy/f/7FJUpx73se33ptdsdZYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQt
YWVhZTZlMzU5M2E3LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQtYWVhZTZlMzU5M2E3
LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo1sQv8Bo
eu3DAZ7OxY9YZpbeJDEQ7rSs+/rvRuGY/w0Q02d4t0QloSGHXNNFiGqKdQGPMW44
HSY/tsHasK9pw0pXx21O28pEEHs0W+YbzT/qjcr8yxNKAiZWhPNlvbVKbO5i5ehq
kB4GsEyZBQz0tMKcpMr/IY8h7d64I6B5xrwcTGKrw3wesJ6NRmNRjrSsbwLL7p/8
ToFOrbD3jArwi6atpgyTaUfVxlSxSiqJoLIwCfXUZMDB70TuEK8IuAF2UfInc6hp
PNkOgbk+DQ4m7lbMPXAZ89qIZh5ytYlVE4Xskw4M2YprnFYcgGoykt45o8UDRhN7
PDgo4e/9VMnNcg==
-----END CERTIFICATE-----