Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
File:                     XHOCiOHdRuIcmgORGXJEtHjQqyY.mft (raw, json)
Hash identifier:          Ys1aWrFI+dVQtxkAVniQrGottf9ZBicv4TINv7jHNl4=
Subject key identifier:   E3:7D:21:5E:F7:E0:0F:59:0E:7D:B4:C6:5C:AA:4B:26:30:2C:F0:BC
Authority key identifier: 5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26
Certificate issuer:       /CN=5c738288e1dd46e21c9a0391197244b478d0ab26
Certificate serial:       019CAD5989B84A98EFA03D2C9010D8FF8A12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 07:00:51 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:51 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:51 +0000
Files and hashes:         1: XHOCiOHdRuIcmgORGXJEtHjQqyY.crl (hash: 5WG/kbUYUeHSqN5gmSZSwWhwr1BbMPvt6g21zPU8B80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:89:b8:4a:98:ef:a0:3d:2c:90:10:d8:ff:8a:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c738288e1dd46e21c9a0391197244b478d0ab26
        Validity
            Not Before: Mar  2 07:00:51 2026 GMT
            Not After : Mar  3 07:00:51 2026 GMT
        Subject: CN=e37d215ef7e00f590e7db4c65caa4b26302cf0bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:50:16:93:91:46:98:da:cd:0c:88:d5:67:29:
                    7f:3e:0f:ac:62:2f:bc:99:a7:e1:67:8b:7b:13:0e:
                    75:77:94:19:ce:ef:76:3a:7e:d9:0f:a6:5b:5c:98:
                    16:52:96:61:f4:5e:74:38:c0:26:69:75:a1:78:84:
                    f8:d0:a8:d8:61:f6:f9:87:45:1f:6c:e1:2e:36:14:
                    42:a6:2c:1c:bd:9a:d3:35:20:11:b0:96:39:2b:93:
                    18:43:c5:48:a1:97:9b:cb:e4:63:45:37:ed:41:1e:
                    f2:a8:47:39:f2:c7:ce:58:7f:c7:ca:a5:0e:68:f6:
                    eb:d1:16:c5:d6:1d:f4:a3:59:8c:13:2a:b8:59:e1:
                    bc:fa:e9:28:90:2a:46:f8:01:1b:47:91:c8:95:18:
                    de:48:c2:97:5a:b7:23:6a:b4:34:ac:f7:9a:11:0b:
                    ea:b0:10:fd:d4:50:43:96:eb:78:3c:b9:06:45:33:
                    4a:89:93:a3:8e:07:1f:c7:5b:6d:18:af:9f:82:ef:
                    9b:bf:f3:86:f2:08:ee:bd:91:63:df:b7:e5:68:8f:
                    6b:92:89:0d:96:11:ec:97:d8:3e:05:2b:04:61:ad:
                    21:2c:78:b0:a6:49:9b:af:70:f0:7a:21:77:3b:ca:
                    1b:20:4b:8d:42:96:c3:57:2a:24:c4:b3:38:60:cc:
                    d0:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:7D:21:5E:F7:E0:0F:59:0E:7D:B4:C6:5C:AA:4B:26:30:2C:F0:BC
            X509v3 Authority Key Identifier:
                keyid:5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:8c:a3:3d:72:8d:2b:54:33:60:b7:a4:21:da:31:1a:e3:f1:
         2d:4a:7c:41:85:de:72:d6:f5:98:e0:2f:58:66:34:43:5e:33:
         82:46:88:99:20:0d:c9:50:d3:05:0a:09:07:6c:67:3d:c3:c5:
         3d:df:f2:10:67:36:ee:d7:6f:20:7a:4c:95:02:5b:55:e5:8a:
         84:01:cb:c1:18:e2:7d:e7:4e:a7:e9:dc:01:25:00:56:83:25:
         c2:0e:9b:92:9f:5a:b5:46:24:bf:5c:83:39:14:e7:b4:fa:ea:
         85:4b:f9:2d:0b:e3:65:5e:f4:d5:fe:0d:b3:a0:a8:ad:64:bb:
         b1:2f:fa:ae:0f:ab:0c:ce:70:a2:17:5c:b0:8e:b0:9e:31:1f:
         8b:5b:22:02:4f:c7:40:15:f3:83:33:a2:1d:78:f1:ed:37:ec:
         5d:36:d8:de:5a:a0:62:1a:3a:68:bf:3d:94:37:38:2e:0e:36:
         c8:67:3d:fc:1e:91:9d:84:19:84:32:08:71:9c:1c:04:3c:c9:
         b2:af:21:2d:1b:fd:0c:53:0f:c6:71:85:3a:76:bd:b4:55:c8:
         3e:c5:58:23:40:14:c6:c6:50:de:24:d3:48:78:ca:82:b2:62:
         19:f5:f6:2a:e1:08:1d:14:51:83:c7:23:3b:20:37:00:5d:f5:
         c6:71:19:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWYm4SpjvoD0skBDY/4oSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzM4Mjg4ZTFkZDQ2ZTIxYzlhMDM5MTE5NzI0NGI0Nzhk
MGFiMjYwHhcNMjYwMzAyMDcwMDUxWhcNMjYwMzAzMDcwMDUxWjAzMTEwLwYDVQQD
EyhlMzdkMjE1ZWY3ZTAwZjU5MGU3ZGI0YzY1Y2FhNGIyNjMwMmNmMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1AWk5FGmNrNDIjVZyl/Pg+sYi+8
mafhZ4t7Ew51d5QZzu92On7ZD6ZbXJgWUpZh9F50OMAmaXWheIT40KjYYfb5h0Uf
bOEuNhRCpiwcvZrTNSARsJY5K5MYQ8VIoZeby+RjRTftQR7yqEc58sfOWH/HyqUO
aPbr0RbF1h30o1mMEyq4WeG8+ukokCpG+AEbR5HIlRjeSMKXWrcjarQ0rPeaEQvq
sBD91FBDlut4PLkGRTNKiZOjjgcfx1ttGK+fgu+bv/OG8gjuvZFj37flaI9rkokN
lhHsl9g+BSsEYa0hLHiwpkmbr3DweiF3O8obIEuNQpbDVyokxLM4YMzQ5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFON9IV734A9ZDn20xlyqSyYwLPC8MB8GA1UdIwQY
MBaAFFxzgojh3UbiHJoDkRlyRLR40KsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3Yjct
NTAxNDBjNjgxYWNhLzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3YjctNTAxNDBjNjgxYWNh
LzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADYyjPXKN
K1QzYLekIdoxGuPxLUp8QYXectb1mOAvWGY0Q14zgkaImSANyVDTBQoJB2xnPcPF
Pd/yEGc27tdvIHpMlQJbVeWKhAHLwRjifedOp+ncASUAVoMlwg6bkp9atUYkv1yD
ORTntPrqhUv5LQvjZV701f4Ns6CorWS7sS/6rg+rDM5wohdcsI6wnjEfi1siAk/H
QBXzgzOiHXjx7TfsXTbY3lqgYho6aL89lDc4Lg42yGc9/B6RnYQZhDIIcZwcBDzJ
sq8hLRv9DFMPxnGFOna9tFXIPsVYI0AUxsZQ3iTTSHjKgrJiGfX2KuEIHRRRg8cj
OyA3AF31xnEZZQ==
-----END CERTIFICATE-----