Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
File:                     xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json)
Hash identifier:          O5mogYh6HP1wKUUjpqfP6NCW7/f7YgM6TX1fzmrnLCE=
Subject key identifier:   E5:0C:EF:96:3E:3C:02:EF:BD:6B:3C:1C:FD:90:FB:95:B3:29:39:FF
Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0
Certificate issuer:       /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
Certificate serial:       019D98F4FF51E1B8140FE0CF9E488049666A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
Manifest number:          087D
Signing time:             Fri 17 Apr 2026 01:01:25 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:25 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:25 +0000
Files and hashes:         1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: EAwTPfioVuSMR4DO7O8uR/i5isdhhLH02+eCvrQ5JxM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:ff:51:e1:b8:14:0f:e0:cf:9e:48:80:49:66:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
        Validity
            Not Before: Apr 17 01:01:25 2026 GMT
            Not After : Apr 18 01:01:25 2026 GMT
        Subject: CN=e50cef963e3c02efbd6b3c1cfd90fb95b32939ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:87:3a:eb:d0:b4:dd:ad:3c:82:d8:b0:13:8e:
                    d4:47:13:04:03:fd:69:10:c2:56:9d:eb:ec:7b:bf:
                    36:3e:7b:bc:46:96:b4:39:2d:b5:35:18:ab:7a:03:
                    ec:af:66:fd:cb:ad:d9:40:9a:06:b9:bb:9f:c3:ed:
                    ec:cf:a6:bb:5e:71:24:f8:13:fa:a8:b5:40:89:5f:
                    af:ea:42:82:da:0a:27:a6:c8:1d:47:8f:75:01:b3:
                    33:ed:ca:da:4d:3e:a3:59:69:89:94:79:6a:41:79:
                    0f:03:cf:31:f6:1a:37:a8:b8:16:45:88:b8:19:c6:
                    6e:0e:d3:a5:6d:2e:fe:2b:f6:ca:69:6b:ee:b5:6e:
                    1e:e5:f7:35:a2:fb:76:84:4e:2c:76:48:d1:cd:c4:
                    75:79:59:69:d8:99:c9:90:34:de:6e:8b:07:6d:c6:
                    1e:70:81:ae:c4:13:63:cf:45:89:f0:f2:af:7a:be:
                    76:db:0f:9c:4f:38:79:6e:a0:5e:8b:19:e2:10:74:
                    7b:75:3a:ae:31:eb:47:10:ea:b0:ab:a7:6f:b3:32:
                    96:8d:4a:1f:03:93:4f:3b:49:84:9d:64:12:8b:14:
                    65:71:8e:dc:37:58:b7:a9:5c:a9:b2:c8:d1:96:63:
                    13:5b:cd:c9:ca:5e:f8:39:d9:b5:16:04:3d:bf:c3:
                    82:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:0C:EF:96:3E:3C:02:EF:BD:6B:3C:1C:FD:90:FB:95:B3:29:39:FF
            X509v3 Authority Key Identifier:
                keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:fe:62:5b:25:59:da:20:35:c7:69:3f:81:eb:3d:e4:1b:ec:
         ff:7e:f0:67:df:4b:c6:09:6e:2a:3a:0f:4d:61:e8:5d:10:03:
         88:e3:08:8f:de:3a:9e:41:1f:cb:5c:18:81:40:62:ca:28:15:
         a3:82:f3:b8:40:54:d2:a4:47:b9:9a:de:0c:0c:4a:dc:b3:44:
         f9:48:d7:47:34:e2:22:1d:54:0f:66:5f:ca:06:eb:47:90:51:
         4f:0a:c7:67:0b:69:ff:23:5a:dc:33:3d:ad:c6:60:06:2d:9c:
         96:94:ef:de:20:79:b2:4a:c2:da:b5:f0:06:d8:c9:4a:c9:6d:
         0a:d4:fc:32:0b:c5:98:46:9e:8f:fe:86:68:29:48:ac:0c:dd:
         50:37:10:57:33:1f:16:67:a2:1b:0f:f4:d5:14:20:ae:ab:97:
         20:72:9c:3d:59:2f:7b:a6:b0:1f:eb:ad:22:d5:09:73:6c:b9:
         28:3b:d7:e8:8b:f0:51:09:3b:dc:5d:cb:42:36:d5:b1:c7:61:
         65:d8:df:8b:0c:22:4b:e8:8f:89:4a:57:8a:a4:53:e5:a6:25:
         2c:4c:31:7d:00:a0:18:17:4d:b9:60:f9:43:d3:96:f6:e4:d0:
         6b:9c:42:50:5d:bc:bf:13:61:f4:c3:bd:c5:da:99:cd:3e:b8:
         1c:90:83:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9P9R4bgUD+DPnkiASWZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk
YzY4YTAwHhcNMjYwNDE3MDEwMTI1WhcNMjYwNDE4MDEwMTI1WjAzMTEwLwYDVQQD
EyhlNTBjZWY5NjNlM2MwMmVmYmQ2YjNjMWNmZDkwZmI5NWIzMjkzOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oc669C03a08gtiwE47URxMEA/1p
EMJWnevse782Pnu8Rpa0OS21NRiregPsr2b9y63ZQJoGubufw+3sz6a7XnEk+BP6
qLVAiV+v6kKC2gonpsgdR491AbMz7craTT6jWWmJlHlqQXkPA88x9ho3qLgWRYi4
GcZuDtOlbS7+K/bKaWvutW4e5fc1ovt2hE4sdkjRzcR1eVlp2JnJkDTebosHbcYe
cIGuxBNjz0WJ8PKver522w+cTzh5bqBeixniEHR7dTquMetHEOqwq6dvszKWjUof
A5NPO0mEnWQSixRlcY7cN1i3qVypssjRlmMTW83Jyl74Odm1FgQ9v8OCDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUM75Y+PALvvWs8HP2Q+5WzKTn/MB8GA1UdIwQY
MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt
OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh
LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhP5iWyVZ
2iA1x2k/ges95Bvs/37wZ99LxgluKjoPTWHoXRADiOMIj946nkEfy1wYgUBiyigV
o4LzuEBU0qRHuZreDAxK3LNE+UjXRzTiIh1UD2ZfygbrR5BRTwrHZwtp/yNa3DM9
rcZgBi2clpTv3iB5skrC2rXwBtjJSsltCtT8MgvFmEaej/6GaClIrAzdUDcQVzMf
FmeiGw/01RQgrquXIHKcPVkve6awH+utItUJc2y5KDvX6IvwUQk73F3LQjbVscdh
ZdjfiwwiS+iPiUpXiqRT5aYlLEwxfQCgGBdNuWD5Q9OW9uTQa5xCUF28vxNh9MO9
xdqZzT64HJCD3w==
-----END CERTIFICATE-----