Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
File:                     xVRM5A0R1h07gKfRAyMBI_t9aKU.mft (raw, json)
Hash identifier:          DQhzf3o2L/seNjcJnU6WygpmqI1gmXIYcR7st4jLAAM=
Subject key identifier:   01:77:A9:10:B3:30:FD:42:64:09:EA:BE:21:FC:1B:F2:8C:95:49:8E
Authority key identifier: C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5
Certificate issuer:       /CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
Certificate serial:       019D984FCA8B979715B5B6D6D41148D2BA65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
Manifest number:          11E0
Signing time:             Thu 16 Apr 2026 22:00:59 +0000
Manifest this update:     Thu 16 Apr 2026 22:00:59 +0000
Manifest next update:     Fri 17 Apr 2026 22:00:59 +0000
Files and hashes:         1: xVRM5A0R1h07gKfRAyMBI_t9aKU.crl (hash: BfYpKPCyjXgkyK/1E7eN5eBlnFbic0ThQiqxWmKpqjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:ca:8b:97:97:15:b5:b6:d6:d4:11:48:d2:ba:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
        Validity
            Not Before: Apr 16 22:00:59 2026 GMT
            Not After : Apr 17 22:00:59 2026 GMT
        Subject: CN=0177a910b330fd426409eabe21fc1bf28c95498e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:81:e7:a2:a3:5f:e8:73:d1:e1:36:10:b7:58:
                    d7:af:97:72:b8:c1:aa:09:4c:a5:2c:f7:9e:2a:87:
                    b0:ef:04:9a:02:97:c9:22:ff:e6:5b:10:4f:b0:2a:
                    48:db:b8:5f:42:9a:3e:ff:de:6c:40:eb:c3:35:34:
                    a5:b3:97:58:1b:ba:d3:b3:57:1f:86:6a:f7:92:63:
                    2a:0d:b0:52:ae:ed:e9:8b:5b:85:15:43:35:32:a7:
                    ab:85:40:4c:4e:c0:72:23:b1:ef:65:d9:ee:e9:e7:
                    8f:b6:e7:24:be:26:3c:ca:28:32:f1:e7:d2:ce:83:
                    7f:f2:71:31:93:49:97:2f:9c:3b:6f:72:ab:0b:68:
                    1c:50:55:ee:67:1c:ae:b6:d3:7e:44:2f:61:6e:7f:
                    a6:3b:ad:ad:ea:08:dc:e5:af:da:21:d3:9a:3e:e3:
                    bd:0c:31:8e:fc:54:ca:21:8f:94:45:48:5f:30:ec:
                    ad:f9:a9:57:bb:6c:4f:84:e3:d9:1f:25:8e:5c:f8:
                    0b:b2:81:e0:ad:e7:13:eb:06:ec:bc:cd:a5:5c:c7:
                    0e:fe:11:f0:67:5b:45:6f:b7:52:61:a4:f1:07:11:
                    c4:b4:b8:12:45:f1:f2:99:04:76:2a:32:59:34:67:
                    ae:f5:cf:d7:2d:e4:0d:2d:e5:d5:26:49:16:75:f3:
                    d6:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:77:A9:10:B3:30:FD:42:64:09:EA:BE:21:FC:1B:F2:8C:95:49:8E
            X509v3 Authority Key Identifier:
                keyid:C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:ad:02:fb:51:52:74:f9:bf:56:f9:dd:ae:e2:bb:03:26:e2:
         85:ae:fa:ae:88:46:47:49:8a:22:9a:a7:7c:93:f7:d0:1f:1d:
         cc:83:60:fa:c1:fe:f7:b3:16:17:f2:4b:dd:c4:07:08:cc:72:
         42:86:74:2c:bc:e5:48:f0:01:37:d3:dc:7e:4c:b6:b0:04:c9:
         3a:84:00:9e:8c:1b:51:b8:42:7d:cb:39:80:21:cb:64:fd:a6:
         62:64:ef:f2:27:06:c4:23:e6:4c:d8:de:ae:21:0c:7e:64:2f:
         72:17:8b:92:f9:cc:0a:d3:62:fe:26:9e:77:b9:2a:07:4e:e8:
         1d:7d:0d:9b:16:78:73:7f:bd:0a:b7:0d:ec:ce:ce:85:b3:50:
         ab:3f:54:83:57:58:74:fb:f4:bd:8f:fe:c9:d7:b0:5d:3e:df:
         2f:2f:36:ad:58:e6:ee:7f:a7:3d:58:3e:fa:79:a1:62:e0:1b:
         aa:18:09:d4:0f:95:37:f2:21:e0:2f:b9:df:98:b1:f5:0d:72:
         4d:7d:74:f7:27:f6:60:41:e0:02:35:e5:9e:74:24:1a:3d:f5:
         26:c0:24:20:07:1e:69:7a:0c:5e:c0:55:2b:73:90:bd:10:1d:
         97:b3:24:33:15:e8:eb:c3:54:c8:1a:27:9c:40:71:87:51:ce:
         a5:63:fe:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT8qLl5cVtbbW1BFI0rplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTQ0Y2U0MGQxMWQ2MWQzYjgwYTdkMTAzMjMwMTIzZmI3
ZDY4YTUwHhcNMjYwNDE2MjIwMDU5WhcNMjYwNDE3MjIwMDU5WjAzMTEwLwYDVQQD
EygwMTc3YTkxMGIzMzBmZDQyNjQwOWVhYmUyMWZjMWJmMjhjOTU0OThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYHnoqNf6HPR4TYQt1jXr5dyuMGq
CUylLPeeKoew7wSaApfJIv/mWxBPsCpI27hfQpo+/95sQOvDNTSls5dYG7rTs1cf
hmr3kmMqDbBSru3pi1uFFUM1MqerhUBMTsByI7HvZdnu6eePtuckviY8yigy8efS
zoN/8nExk0mXL5w7b3KrC2gcUFXuZxyuttN+RC9hbn+mO62t6gjc5a/aIdOaPuO9
DDGO/FTKIY+URUhfMOyt+alXu2xPhOPZHyWOXPgLsoHgrecT6wbsvM2lXMcO/hHw
Z1tFb7dSYaTxBxHEtLgSRfHymQR2KjJZNGeu9c/XLeQNLeXVJkkWdfPWawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAF3qRCzMP1CZAnqviH8G/KMlUmOMB8GA1UdIwQY
MBaAFMVUTOQNEdYdO4Cn0QMjASP7fWilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQt
NTI3Y2IyNGRiZDQwLzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQtNTI3Y2IyNGRiZDQw
LzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACa0C+1FS
dPm/VvndruK7Aybiha76rohGR0mKIpqnfJP30B8dzINg+sH+97MWF/JL3cQHCMxy
QoZ0LLzlSPABN9Pcfky2sATJOoQAnowbUbhCfcs5gCHLZP2mYmTv8icGxCPmTNje
riEMfmQvcheLkvnMCtNi/iaed7kqB07oHX0NmxZ4c3+9CrcN7M7OhbNQqz9Ug1dY
dPv0vY/+ydewXT7fLy82rVjm7n+nPVg++nmhYuAbqhgJ1A+VN/Ih4C+535ix9Q1y
TX109yf2YEHgAjXlnnQkGj31JsAkIAceaXoMXsBVK3OQvRAdl7MkMxXo68NUyBon
nEBxh1HOpWP+Sg==
-----END CERTIFICATE-----