Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          U9/0Gh7fCCtbxxJR+HhavAyktmLNglDz0PKHl5FL+cI=
Subject key identifier:   03:5E:94:BE:25:27:49:D3:28:8D:77:7B:26:51:8F:3D:8C:8D:96:DF
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       019D9886BFCC76FFDA4863835ECA6B4313C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          04E5
Signing time:             Thu 16 Apr 2026 23:01:00 +0000
Manifest this update:     Thu 16 Apr 2026 23:01:00 +0000
Manifest next update:     Fri 17 Apr 2026 23:01:00 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: GIlwU7lf+GFYBBATZApXhsFhNZTDY6AympgGUL/UCTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:86:bf:cc:76:ff:da:48:63:83:5e:ca:6b:43:13:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Apr 16 23:01:00 2026 GMT
            Not After : Apr 17 23:01:00 2026 GMT
        Subject: CN=035e94be252749d3288d777b26518f3d8c8d96df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:00:99:78:0a:64:4d:f2:87:2e:c2:32:80:1d:
                    5d:d8:38:0b:50:0c:73:29:6e:b9:4c:f3:d5:4d:30:
                    9c:e2:5c:16:29:95:27:3e:be:d5:b3:98:d2:ff:43:
                    ee:d9:0b:48:f7:5f:77:5d:87:3d:a6:6b:51:7c:6c:
                    3c:43:40:d1:14:80:7e:bf:30:84:a3:f6:5e:6e:f3:
                    89:d2:2c:6a:30:ac:98:69:ff:16:e0:58:d6:f3:4f:
                    0c:54:03:4e:bd:89:34:fa:7c:27:21:ea:4b:40:08:
                    d3:97:66:bb:08:51:82:33:a2:92:ff:b4:aa:f1:12:
                    f4:cb:7c:fd:76:d3:ef:fa:62:1e:57:18:7c:3d:c8:
                    c2:30:9c:50:67:05:c2:42:e6:86:04:77:05:f7:05:
                    bf:eb:c2:cd:99:ee:81:0b:ae:62:5c:30:2a:15:b3:
                    d9:34:ba:66:17:a2:ba:a1:69:95:1c:c7:c5:5f:63:
                    c1:d7:ec:c8:16:b8:1e:83:72:eb:15:ec:36:e9:65:
                    11:78:07:34:2b:d5:28:1c:a8:08:c6:38:83:d6:7a:
                    d1:36:bf:da:ab:f3:ec:75:59:b5:16:f6:fe:f5:85:
                    88:ed:84:d1:63:b6:d3:6e:cf:8e:cb:54:18:ce:86:
                    f1:89:fd:7c:f4:9a:71:5e:34:00:b6:5f:23:54:72:
                    5a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:5E:94:BE:25:27:49:D3:28:8D:77:7B:26:51:8F:3D:8C:8D:96:DF
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:45:70:d8:c0:93:d4:73:0e:e8:4b:cf:47:1a:cf:b1:fc:8d:
         19:8f:87:10:c6:53:1c:d4:8d:b2:fa:ce:e3:87:48:56:f1:a2:
         53:e2:8e:10:23:90:f8:9d:d2:f2:ac:1a:f7:67:f2:6b:7c:69:
         9c:4f:74:da:a5:4a:f7:70:66:77:12:1e:fd:d5:9d:a2:7c:47:
         c6:4f:d7:2c:c2:53:4a:eb:a5:c9:f4:4b:87:ee:76:2e:9e:6e:
         ff:10:20:a0:a3:8f:ce:48:63:d8:06:41:0e:be:16:90:49:62:
         80:ef:17:b0:48:06:07:9d:a6:2b:8d:e2:11:67:59:d1:e0:57:
         e2:c3:c2:46:42:0f:2e:bf:6d:d6:cf:91:40:00:85:74:71:5a:
         18:56:58:4c:95:d2:3c:a1:c0:11:55:87:65:96:28:5e:89:c3:
         50:ef:bc:cf:47:bf:5f:4f:f3:2e:32:16:d2:f5:84:0e:1e:db:
         f6:10:ec:5d:c7:f7:20:3e:1b:28:45:45:ab:e9:70:d2:be:73:
         f0:7e:56:aa:7e:41:57:ee:1d:02:1a:78:f9:3f:4b:ed:7b:7d:
         1f:e5:26:6b:df:7e:9c:c9:b3:04:a6:32:b4:00:c4:8b:1f:93:
         32:14:81:4d:91:46:ef:0a:6e:31:9f:ef:1e:16:7a:da:7c:c5:
         5b:3e:5c:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Yhr/Mdv/aSGODXsprQxPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjYwNDE2MjMwMTAwWhcNMjYwNDE3MjMwMTAwWjAzMTEwLwYDVQQD
EygwMzVlOTRiZTI1Mjc0OWQzMjg4ZDc3N2IyNjUxOGYzZDhjOGQ5NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgCZeApkTfKHLsIygB1d2DgLUAxz
KW65TPPVTTCc4lwWKZUnPr7Vs5jS/0Pu2QtI9193XYc9pmtRfGw8Q0DRFIB+vzCE
o/ZebvOJ0ixqMKyYaf8W4FjW808MVANOvYk0+nwnIepLQAjTl2a7CFGCM6KS/7Sq
8RL0y3z9dtPv+mIeVxh8PcjCMJxQZwXCQuaGBHcF9wW/68LNme6BC65iXDAqFbPZ
NLpmF6K6oWmVHMfFX2PB1+zIFrgeg3LrFew26WUReAc0K9UoHKgIxjiD1nrRNr/a
q/PsdVm1Fvb+9YWI7YTRY7bTbs+Oy1QYzobxif189JpxXjQAtl8jVHJanwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANelL4lJ0nTKI13eyZRjz2MjZbfMB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaUVw2MCT
1HMO6EvPRxrPsfyNGY+HEMZTHNSNsvrO44dIVvGiU+KOECOQ+J3S8qwa92fya3xp
nE902qVK93BmdxIe/dWdonxHxk/XLMJTSuulyfRLh+52Lp5u/xAgoKOPzkhj2AZB
Dr4WkEligO8XsEgGB52mK43iEWdZ0eBX4sPCRkIPLr9t1s+RQACFdHFaGFZYTJXS
PKHAEVWHZZYoXonDUO+8z0e/X0/zLjIW0vWEDh7b9hDsXcf3ID4bKEVFq+lw0r5z
8H5Wqn5BV+4dAhp4+T9L7Xt9H+Uma99+nMmzBKYytADEix+TMhSBTZFG7wpuMZ/v
HhZ62nzFWz5cqA==
-----END CERTIFICATE-----