Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.mft
File:                     XOMWuo-zBWfOy8cnBR02QA4lH8c.mft (raw, json)
Hash identifier:          1Twogf3nSa9gJV0n9mOUaVaVrMsA+HoE8yCoGFxQR7s=
Subject key identifier:   D6:41:C3:60:CB:57:69:E0:5F:F0:E9:B5:4A:96:25:1A:CE:8E:8D:30
Authority key identifier: 5C:E3:16:BA:8F:B3:05:67:CE:CB:C7:27:05:1D:36:40:0E:25:1F:C7
Certificate issuer:       /CN=5ce316ba8fb30567cecbc727051d36400e251fc7
Certificate serial:       019D9B880990339913E15C31D4B078913767
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XOMWuo-zBWfOy8cnBR02QA4lH8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.mft
Manifest number:          069A
Signing time:             Fri 17 Apr 2026 13:01:16 +0000
Manifest this update:     Fri 17 Apr 2026 13:01:16 +0000
Manifest next update:     Sat 18 Apr 2026 13:01:16 +0000
Files and hashes:         1: XOMWuo-zBWfOy8cnBR02QA4lH8c.crl (hash: /LoKESQXfdHiAcyv1izbUwscU3bFn7fKRBdrdRbNn9w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XOMWuo-zBWfOy8cnBR02QA4lH8c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:88:09:90:33:99:13:e1:5c:31:d4:b0:78:91:37:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ce316ba8fb30567cecbc727051d36400e251fc7
        Validity
            Not Before: Apr 17 13:01:16 2026 GMT
            Not After : Apr 18 13:01:16 2026 GMT
        Subject: CN=d641c360cb5769e05ff0e9b54a96251ace8e8d30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:fc:86:c3:ab:39:ba:75:cb:7c:23:03:57:8f:
                    6f:c9:a1:35:f8:f8:4c:66:5c:ec:04:06:7b:5e:6f:
                    a4:76:a5:d5:fb:65:0d:14:b1:14:d4:cd:02:5f:2e:
                    2c:a7:ac:d2:54:66:12:74:c2:96:bd:af:49:03:36:
                    9c:16:c5:72:4a:96:81:90:e2:fe:c7:5c:67:d5:d3:
                    27:47:33:e9:50:d1:1e:48:54:ae:b6:ef:cc:d4:fc:
                    79:67:a1:e5:04:f9:28:32:30:cb:9e:8c:92:65:a2:
                    78:db:be:14:b3:cc:47:7d:4f:77:26:61:ed:a9:ff:
                    20:0d:2c:78:0f:8b:5a:1d:9f:6a:4d:b1:3c:38:da:
                    4a:a8:75:82:75:5f:65:24:d9:6e:4b:61:43:1c:bb:
                    0b:39:15:8c:17:1b:be:2c:c2:a6:02:3b:e9:8d:6a:
                    96:ca:57:d3:bb:a8:a4:57:6d:fe:14:29:71:dc:b1:
                    51:5a:f9:86:05:54:9c:5d:72:02:fc:21:b5:82:f2:
                    70:37:b6:a9:03:a5:a8:f1:9c:9e:09:f7:e4:fb:33:
                    6b:76:fc:12:d4:f9:f2:90:c6:73:4b:7a:97:52:eb:
                    6b:af:20:bf:ea:34:d4:b3:f1:07:38:97:45:db:e3:
                    26:3b:94:6b:ee:51:ab:81:bb:10:89:f9:8a:15:81:
                    76:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:41:C3:60:CB:57:69:E0:5F:F0:E9:B5:4A:96:25:1A:CE:8E:8D:30
            X509v3 Authority Key Identifier:
                keyid:5C:E3:16:BA:8F:B3:05:67:CE:CB:C7:27:05:1D:36:40:0E:25:1F:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOMWuo-zBWfOy8cnBR02QA4lH8c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/247eef-f71a-421f-bb86-26729d894ef7/1/XOMWuo-zBWfOy8cnBR02QA4lH8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:8e:7c:3b:96:69:1c:fd:90:ea:ac:a6:b2:99:49:4d:87:d8:
         82:c5:46:00:12:4c:9f:64:d6:95:ae:97:fb:59:81:1c:51:cb:
         51:e3:97:18:23:f4:cb:5c:8a:39:20:1d:a8:b6:1f:d0:ac:34:
         b9:cf:82:5f:7d:bb:bc:96:1c:79:02:7b:91:86:35:17:08:31:
         8f:64:06:c5:36:c8:31:1e:d5:b5:12:45:4a:ea:e1:2d:b3:2f:
         33:a9:b3:e3:cc:6c:93:96:1e:0a:c4:af:00:91:2e:62:00:7b:
         59:fe:5a:32:6a:95:b9:8c:9a:c9:05:4f:79:c8:19:7f:7c:7f:
         0c:e3:3c:9e:a6:ed:b6:2a:00:1c:90:d2:0a:d3:2d:3d:60:24:
         c1:01:36:e3:7b:07:87:96:46:74:60:09:2f:0a:6d:9c:46:b8:
         fa:75:56:b4:41:43:76:30:bc:38:3a:aa:0c:58:e5:91:c0:63:
         42:a5:22:82:91:6e:a7:10:85:5b:3b:6f:37:00:2b:d3:5f:f3:
         ed:a8:f9:38:62:c4:bb:7d:3c:d4:f4:47:63:fa:ad:89:3e:18:
         c9:9a:e6:e5:66:72:ea:22:e0:a0:ba:eb:df:d9:4e:cb:34:a9:
         6b:20:24:03:97:a7:ce:d9:0d:cd:27:62:93:be:a4:6a:f7:f4:
         1b:a6:64:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2biAmQM5kT4Vwx1LB4kTdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZTMxNmJhOGZiMzA1NjdjZWNiYzcyNzA1MWQzNjQwMGUy
NTFmYzcwHhcNMjYwNDE3MTMwMTE2WhcNMjYwNDE4MTMwMTE2WjAzMTEwLwYDVQQD
EyhkNjQxYzM2MGNiNTc2OWUwNWZmMGU5YjU0YTk2MjUxYWNlOGU4ZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivyGw6s5unXLfCMDV49vyaE1+PhM
ZlzsBAZ7Xm+kdqXV+2UNFLEU1M0CXy4sp6zSVGYSdMKWva9JAzacFsVySpaBkOL+
x1xn1dMnRzPpUNEeSFSutu/M1Px5Z6HlBPkoMjDLnoySZaJ4274Us8xHfU93JmHt
qf8gDSx4D4taHZ9qTbE8ONpKqHWCdV9lJNluS2FDHLsLORWMFxu+LMKmAjvpjWqW
ylfTu6ikV23+FClx3LFRWvmGBVScXXIC/CG1gvJwN7apA6Wo8ZyeCffk+zNrdvwS
1PnykMZzS3qXUutrryC/6jTUs/EHOJdF2+MmO5Rr7lGrgbsQifmKFYF2HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZBw2DLV2ngX/DptUqWJRrOjo0wMB8GA1UdIwQY
MBaAFFzjFrqPswVnzsvHJwUdNkAOJR/HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9NV3VvLXpCV2ZPeThjbkJSMDJRQTRsSDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yNDdlZWYtZjcxYS00MjFmLWJiODYt
MjY3MjlkODk0ZWY3LzEvWE9NV3VvLXpCV2ZPeThjbkJSMDJRQTRsSDhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8yNDdlZWYtZjcxYS00MjFmLWJiODYtMjY3MjlkODk0ZWY3
LzEvWE9NV3VvLXpCV2ZPeThjbkJSMDJRQTRsSDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjY58O5Zp
HP2Q6qymsplJTYfYgsVGABJMn2TWla6X+1mBHFHLUeOXGCP0y1yKOSAdqLYf0Kw0
uc+CX327vJYceQJ7kYY1Fwgxj2QGxTbIMR7VtRJFSurhLbMvM6mz48xsk5YeCsSv
AJEuYgB7Wf5aMmqVuYyayQVPecgZf3x/DOM8nqbttioAHJDSCtMtPWAkwQE243sH
h5ZGdGAJLwptnEa4+nVWtEFDdjC8ODqqDFjlkcBjQqUigpFupxCFWztvNwAr01/z
7aj5OGLEu3081PRHY/qtiT4YyZrm5WZy6iLgoLrr39lOyzSpayAkA5enztkNzSdi
k76kavf0G6Zk2Q==
-----END CERTIFICATE-----