Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          vIjpl4tB6oDYndMlb+5WlxuUq20eft0cqmoIrHIFDvQ=
Subject key identifier:   84:FA:A7:12:9B:B1:86:6E:C7:41:44:15:3E:D7:3E:7C:6D:79:39:68
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       019CAB6B7C6AC8E7906239909A93739D3ABE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0E83
Signing time:             Sun 01 Mar 2026 22:01:13 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:13 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:13 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: 2llztU6gzJywMT2r7MXeW646YnsblHpzcdG+Ohgqqho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:7c:6a:c8:e7:90:62:39:90:9a:93:73:9d:3a:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Mar  1 22:01:13 2026 GMT
            Not After : Mar  2 22:01:13 2026 GMT
        Subject: CN=84faa7129bb1866ec74144153ed73e7c6d793968
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:86:0f:cd:88:d7:39:fa:f0:33:25:5e:c5:0a:
                    5c:04:57:84:6d:5e:f0:5b:73:37:40:8f:98:6d:68:
                    3a:5a:8a:f0:c0:05:de:63:46:f9:5d:fe:47:4d:70:
                    c0:55:46:8d:fc:e7:13:b7:e6:6a:da:c5:9a:02:f0:
                    61:f2:89:bc:d5:e5:a7:54:eb:d2:1e:97:db:de:b4:
                    d0:a3:cb:81:ca:b4:e9:04:fe:3c:20:b8:9a:2c:91:
                    4d:7a:56:20:89:1d:a6:4a:10:1b:e0:2e:df:e4:cc:
                    18:3f:0f:02:6d:c9:b8:4a:cf:ec:27:d7:7e:02:44:
                    39:c2:4e:c2:9a:da:0f:7b:64:3f:57:13:15:cb:d2:
                    69:82:12:33:12:f0:17:cd:22:00:52:02:8e:15:3f:
                    ef:9c:7c:51:52:40:38:5d:09:69:01:43:d3:e6:58:
                    6d:c2:d4:cd:dd:7e:02:52:15:fe:87:6c:86:7a:88:
                    50:1a:4a:f9:69:de:4e:ca:63:08:e2:37:bc:fb:80:
                    27:16:e8:04:f3:9c:2c:e7:71:c1:90:b9:f9:d7:a1:
                    24:6e:8c:71:16:11:27:13:e9:9f:5b:69:f0:d1:3f:
                    d8:97:9f:f8:a8:75:a3:85:e4:e9:cf:74:62:d2:37:
                    91:92:f6:08:5d:82:78:7e:a6:37:63:73:f6:05:ad:
                    04:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:FA:A7:12:9B:B1:86:6E:C7:41:44:15:3E:D7:3E:7C:6D:79:39:68
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:34:bb:ae:39:f2:7a:d9:9f:dd:55:43:38:e7:85:93:c4:74:
         95:78:5c:6f:7e:a6:79:9b:3b:9f:43:a1:b2:d4:ba:f0:6d:a5:
         c5:ae:03:24:ac:d5:1c:fb:49:d9:0b:9b:ed:b3:4e:e5:d2:79:
         ba:da:95:c0:7c:dd:36:7f:e3:a6:eb:d8:f5:d1:66:91:f3:c6:
         64:29:ee:0c:e3:5e:c2:8f:13:a7:39:aa:a3:e6:ab:4c:4f:aa:
         84:d7:10:de:1a:7f:48:34:00:c5:1c:c3:03:37:b2:02:1a:1c:
         86:91:75:e2:3e:92:80:0c:d4:b9:f8:9e:27:61:eb:34:d0:c8:
         ec:cc:d8:22:19:22:e0:45:84:d5:53:22:e8:65:70:bb:05:02:
         30:6d:da:f3:48:d9:5a:ab:57:3a:5f:89:7b:34:85:1b:a4:7a:
         3d:60:a1:87:86:11:a9:57:7f:b8:2a:52:8c:53:eb:28:a7:98:
         03:ee:40:1b:9b:fe:b6:46:39:1e:d5:59:30:0d:f3:3d:62:ea:
         b9:81:dd:e6:0e:ef:a8:f8:1c:81:48:0a:71:34:de:4d:80:3a:
         c7:bd:0a:a5:0c:26:ec:af:16:40:6d:51:08:b4:17:67:1f:40:
         28:e4:7b:b5:40:f5:21:a1:f4:2e:cd:e9:5b:25:06:2c:56:4f:
         78:f4:f4:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra3xqyOeQYjmQmpNznTq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjYwMzAxMjIwMTEzWhcNMjYwMzAyMjIwMTEzWjAzMTEwLwYDVQQD
Eyg4NGZhYTcxMjliYjE4NjZlYzc0MTQ0MTUzZWQ3M2U3YzZkNzkzOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYYPzYjXOfrwMyVexQpcBFeEbV7w
W3M3QI+YbWg6WorwwAXeY0b5Xf5HTXDAVUaN/OcTt+Zq2sWaAvBh8om81eWnVOvS
Hpfb3rTQo8uByrTpBP48ILiaLJFNelYgiR2mShAb4C7f5MwYPw8Cbcm4Ss/sJ9d+
AkQ5wk7CmtoPe2Q/VxMVy9JpghIzEvAXzSIAUgKOFT/vnHxRUkA4XQlpAUPT5lht
wtTN3X4CUhX+h2yGeohQGkr5ad5OymMI4je8+4AnFugE85ws53HBkLn516Ekboxx
FhEnE+mfW2nw0T/Yl5/4qHWjheTpz3Ri0jeRkvYIXYJ4fqY3Y3P2Ba0EEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIT6pxKbsYZux0FEFT7XPnxteTloMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJDS7rjny
etmf3VVDOOeFk8R0lXhcb36meZs7n0OhstS68G2lxa4DJKzVHPtJ2Qub7bNO5dJ5
utqVwHzdNn/jpuvY9dFmkfPGZCnuDONewo8Tpzmqo+arTE+qhNcQ3hp/SDQAxRzD
AzeyAhochpF14j6SgAzUufieJ2HrNNDI7MzYIhki4EWE1VMi6GVwuwUCMG3a80jZ
WqtXOl+JezSFG6R6PWChh4YRqVd/uCpSjFPrKKeYA+5AG5v+tkY5HtVZMA3zPWLq
uYHd5g7vqPgcgUgKcTTeTYA6x70KpQwm7K8WQG1RCLQXZx9AKOR7tUD1IaH0Ls3p
WyUGLFZPePT0OQ==
-----END CERTIFICATE-----