Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          Vi2xM1qMtVIVgbRT7ZKHiQTbHzjR/hgLHaE/6L9VhPA=
Subject key identifier:   73:4D:4B:E0:4E:87:65:0B:73:4A:3F:E2:E0:BE:F1:16:24:5A:7F:52
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       019CAB6B8DC0010BCD52C8CA9E68E7E00FEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          1844
Signing time:             Sun 01 Mar 2026 22:01:18 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:18 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:18 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: uIx3v/gO4kI3tIYZakYD1ngUEaXO7ddBvZrRemKXcxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:8d:c0:01:0b:cd:52:c8:ca:9e:68:e7:e0:0f:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Mar  1 22:01:18 2026 GMT
            Not After : Mar  2 22:01:18 2026 GMT
        Subject: CN=734d4be04e87650b734a3fe2e0bef116245a7f52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:39:a5:94:f5:33:af:05:53:42:36:54:e4:0d:
                    84:bd:1c:9b:aa:6a:af:8a:27:ef:0e:f6:b8:9b:15:
                    e8:ee:7f:65:2c:7a:2c:65:ff:be:07:c0:98:fb:a0:
                    cf:99:13:51:1b:9c:1b:ec:5b:e5:e6:82:ae:c4:d5:
                    bd:6d:d9:f0:d8:ae:4e:28:20:7f:78:11:a4:da:73:
                    56:04:82:73:4a:4f:95:15:56:62:8c:df:57:21:8d:
                    86:14:a5:e5:cb:7e:96:7b:da:bb:0f:d7:5d:ec:b3:
                    17:4e:1f:d1:40:ef:a9:92:00:f7:96:b8:3e:cb:2b:
                    07:40:95:74:71:85:16:7c:f3:52:0c:db:a5:10:52:
                    9c:b2:f9:6d:cb:87:77:f8:d8:3c:b3:a9:98:03:28:
                    ea:88:c5:32:16:a9:24:9f:00:f6:0c:05:d8:89:7e:
                    0a:c7:98:1a:a4:0a:40:a1:19:e9:62:bc:71:4e:56:
                    15:96:81:5c:61:a6:9d:5f:d3:a3:4e:f7:17:eb:96:
                    3d:be:fd:9a:db:fb:e8:67:b0:f6:52:53:55:bb:a7:
                    1c:8c:0e:a3:cf:85:96:c3:25:58:21:84:bf:e3:da:
                    73:07:18:95:dc:4f:88:ff:0c:3d:a4:b9:65:bb:4b:
                    7a:08:7b:f6:3f:bf:c0:a5:23:ee:9f:62:8c:30:3c:
                    87:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:4D:4B:E0:4E:87:65:0B:73:4A:3F:E2:E0:BE:F1:16:24:5A:7F:52
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:6b:66:0e:65:fb:d6:13:f8:35:9d:64:cb:d3:9f:e6:80:bb:
         ba:84:07:cd:5e:7c:ca:fe:29:32:53:17:98:b0:6a:fc:dc:ee:
         15:91:f9:3b:07:cb:4e:d7:7a:1e:d6:f4:4c:c3:03:3d:e2:15:
         9c:6b:40:08:b5:6b:17:62:e2:ad:98:9a:e3:58:02:8b:2d:72:
         aa:0a:37:19:12:da:4b:8b:9e:e9:5a:4a:c3:2d:1b:87:d9:12:
         4a:b7:81:2a:d4:2b:8f:5c:d7:d8:40:5b:1a:51:80:6a:a6:0d:
         6c:64:69:93:0e:a5:d9:65:8b:a1:b3:b3:41:63:a8:a9:7e:80:
         e1:5b:e3:fc:3d:c7:b1:74:6a:07:78:fc:c6:d4:3f:98:94:e4:
         d3:da:e3:b1:96:93:53:11:2b:87:28:57:94:f6:56:a1:c8:63:
         6f:a9:53:95:22:13:d2:0e:f8:50:37:8e:0a:6b:99:9b:cf:ab:
         a1:58:e2:8a:9e:be:26:ed:c7:55:3e:bd:e3:45:5a:5b:10:75:
         cf:4e:28:49:f5:4c:39:5f:be:97:ce:76:7e:a6:a3:8d:f7:20:
         6e:74:0d:3b:3d:cd:e0:5a:c7:c8:2f:a7:35:30:24:b6:76:41:
         10:03:d2:fa:37:6f:8b:5c:ac:ac:24:e1:7e:2c:76:a8:41:e7:
         5a:da:2e:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra43AAQvNUsjKnmjn4A/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjYwMzAxMjIwMTE4WhcNMjYwMzAyMjIwMTE4WjAzMTEwLwYDVQQD
Eyg3MzRkNGJlMDRlODc2NTBiNzM0YTNmZTJlMGJlZjExNjI0NWE3ZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjmllPUzrwVTQjZU5A2EvRybqmqv
iifvDva4mxXo7n9lLHosZf++B8CY+6DPmRNRG5wb7Fvl5oKuxNW9bdnw2K5OKCB/
eBGk2nNWBIJzSk+VFVZijN9XIY2GFKXly36We9q7D9dd7LMXTh/RQO+pkgD3lrg+
yysHQJV0cYUWfPNSDNulEFKcsvlty4d3+Ng8s6mYAyjqiMUyFqkknwD2DAXYiX4K
x5gapApAoRnpYrxxTlYVloFcYaadX9OjTvcX65Y9vv2a2/voZ7D2UlNVu6ccjA6j
z4WWwyVYIYS/49pzBxiV3E+I/ww9pLllu0t6CHv2P7/ApSPun2KMMDyHOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHNNS+BOh2ULc0o/4uC+8RYkWn9SMB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd2tmDmX7
1hP4NZ1ky9Of5oC7uoQHzV58yv4pMlMXmLBq/NzuFZH5OwfLTtd6Htb0TMMDPeIV
nGtACLVrF2LirZia41gCiy1yqgo3GRLaS4ue6VpKwy0bh9kSSreBKtQrj1zX2EBb
GlGAaqYNbGRpkw6l2WWLobOzQWOoqX6A4Vvj/D3HsXRqB3j8xtQ/mJTk09rjsZaT
UxErhyhXlPZWochjb6lTlSIT0g74UDeOCmuZm8+roVjiip6+Ju3HVT6940VaWxB1
z04oSfVMOV++l852fqajjfcgbnQNOz3N4FrHyC+nNTAktnZBEAPS+jdvi1ysrCTh
fix2qEHnWtoumQ==
-----END CERTIFICATE-----