Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          666XqLbC5bK3M/ZwU7fnMEEoPIixaZ/YH5FvfBZxs94=
Subject key identifier:   7A:98:3A:CF:C6:A3:48:5D:26:49:0F:D7:8E:D2:72:5B:B5:8F:1E:40
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       019CAAFD8C2ED83727D10B3DA4B31F0DBE50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          046A
Signing time:             Sun 01 Mar 2026 20:01:09 +0000
Manifest this update:     Sun 01 Mar 2026 20:01:09 +0000
Manifest next update:     Mon 02 Mar 2026 20:01:09 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: 13trjoHX6y/vNY6/VdMzedxPapwoJ70N0lia59Cm8YQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:fd:8c:2e:d8:37:27:d1:0b:3d:a4:b3:1f:0d:be:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Mar  1 20:01:09 2026 GMT
            Not After : Mar  2 20:01:09 2026 GMT
        Subject: CN=7a983acfc6a3485d26490fd78ed2725bb58f1e40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e8:08:29:1a:0d:5f:c0:87:b3:84:c7:96:9e:
                    03:79:d8:a7:48:3d:79:c1:4c:0a:3c:31:f1:07:89:
                    b2:7f:d9:22:86:18:10:ff:d4:96:d9:32:74:4d:63:
                    f3:06:4c:88:f4:96:48:38:ba:b5:45:41:ca:f3:11:
                    5f:0c:20:53:8d:3e:68:fb:4f:6f:48:e5:ca:97:ef:
                    5c:99:bd:7a:de:68:d2:f5:c4:74:06:ce:63:0c:9a:
                    24:da:cc:bb:2c:31:0d:e5:74:28:89:cb:07:db:15:
                    cd:eb:d3:0b:75:4a:ea:28:4f:b3:e6:51:5f:23:83:
                    6c:86:fe:e6:58:0d:33:7b:e8:c9:10:8c:3b:51:34:
                    2c:76:23:b1:fa:c6:43:02:2e:f9:75:3f:e3:0a:b8:
                    1a:ed:2d:27:98:9a:f2:df:1c:81:68:c6:94:c5:ef:
                    0e:18:f7:ca:24:34:92:cd:19:e6:60:77:85:56:be:
                    fb:d1:bf:5b:da:3a:a3:3b:b8:cd:09:8d:22:71:7d:
                    f2:50:df:5f:db:12:b7:92:a5:00:4a:1d:2b:46:c4:
                    a6:f2:bf:c4:e8:dc:32:2a:e5:6f:0f:61:0e:8d:8c:
                    63:cf:23:ff:ff:e4:55:5d:7a:e8:fd:8a:c6:3a:b6:
                    33:76:98:24:19:d9:93:84:0c:29:24:57:0b:35:6b:
                    5d:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:98:3A:CF:C6:A3:48:5D:26:49:0F:D7:8E:D2:72:5B:B5:8F:1E:40
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:5a:9b:df:b5:28:ea:a0:ac:c5:81:9b:1d:36:a8:95:49:3a:
         99:f5:e9:90:70:45:82:8d:b9:e9:6f:3f:2c:3a:a7:65:c5:d8:
         b5:b5:7f:b5:a5:9b:ad:8d:7b:42:16:7a:8e:e6:26:ab:b0:54:
         f8:b3:f0:b5:ef:c8:46:49:29:8a:a1:aa:b1:a0:43:e0:b2:a7:
         d3:55:c5:79:8f:e0:9f:45:ac:ae:49:71:c5:cb:59:4f:00:c0:
         87:07:a0:14:ce:d9:d4:e8:db:dc:d8:6c:23:fd:b9:00:83:dd:
         41:76:fc:e8:94:9d:97:a0:b2:05:61:3e:7f:8e:c2:e2:2e:c9:
         48:e8:7d:81:df:e9:82:36:05:3b:a6:47:7d:61:04:2f:c7:86:
         36:e7:b6:64:70:97:51:95:0a:57:0b:df:91:46:1f:82:46:3e:
         77:df:4d:0d:8b:1e:35:b5:2a:b1:b1:d3:6c:23:91:f1:a6:68:
         08:a9:6d:15:69:45:cc:96:2d:2e:c0:54:66:9c:e3:bc:0d:2e:
         c2:64:6a:73:a0:f3:56:3c:c2:0b:d3:13:87:66:b6:f8:a3:e5:
         c7:8e:f3:12:c0:5e:78:c3:8e:bd:38:f4:f7:48:26:88:96:29:
         d1:af:dd:63:6d:3b:df:16:7e:ca:de:9e:39:f7:cd:12:b3:08:
         18:45:d4:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/Ywu2Dcn0Qs9pLMfDb5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjYwMzAxMjAwMTA5WhcNMjYwMzAyMjAwMTA5WjAzMTEwLwYDVQQD
Eyg3YTk4M2FjZmM2YTM0ODVkMjY0OTBmZDc4ZWQyNzI1YmI1OGYxZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+gIKRoNX8CHs4THlp4DedinSD15
wUwKPDHxB4myf9kihhgQ/9SW2TJ0TWPzBkyI9JZIOLq1RUHK8xFfDCBTjT5o+09v
SOXKl+9cmb163mjS9cR0Bs5jDJok2sy7LDEN5XQoicsH2xXN69MLdUrqKE+z5lFf
I4Nshv7mWA0ze+jJEIw7UTQsdiOx+sZDAi75dT/jCrga7S0nmJry3xyBaMaUxe8O
GPfKJDSSzRnmYHeFVr770b9b2jqjO7jNCY0icX3yUN9f2xK3kqUASh0rRsSm8r/E
6NwyKuVvD2EOjYxjzyP//+RVXXro/YrGOrYzdpgkGdmThAwpJFcLNWtdmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHqYOs/Go0hdJkkP147Sclu1jx5AMB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATVqb37Uo
6qCsxYGbHTaolUk6mfXpkHBFgo256W8/LDqnZcXYtbV/taWbrY17QhZ6juYmq7BU
+LPwte/IRkkpiqGqsaBD4LKn01XFeY/gn0WsrklxxctZTwDAhwegFM7Z1Ojb3Nhs
I/25AIPdQXb86JSdl6CyBWE+f47C4i7JSOh9gd/pgjYFO6ZHfWEEL8eGNue2ZHCX
UZUKVwvfkUYfgkY+d99NDYseNbUqsbHTbCOR8aZoCKltFWlFzJYtLsBUZpzjvA0u
wmRqc6DzVjzCC9MTh2a2+KPlx47zEsBeeMOOvTj090gmiJYp0a/dY2073xZ+yt6e
OffNErMIGEXUbQ==
-----END CERTIFICATE-----