Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          JqcWPV9dLR+H+G5p1J6Vxw+BI/QLZv++SMGDO/Es09s=
Subject key identifier:   14:7D:E1:EF:38:85:F7:3C:46:F3:49:7B:1D:CC:AE:0E:A9:EF:BF:17
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       019D98F4C10EDD975E43A7F91EC6A59240FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0EFE
Signing time:             Fri 17 Apr 2026 01:01:10 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:10 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:10 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: ibCdD96vs/E9qXaGb7hhK75Hp5k81oEzK9VwIBW2GTE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:c1:0e:dd:97:5e:43:a7:f9:1e:c6:a5:92:40:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Apr 17 01:01:10 2026 GMT
            Not After : Apr 18 01:01:10 2026 GMT
        Subject: CN=147de1ef3885f73c46f3497b1dccae0ea9efbf17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0d:6e:78:5d:54:73:35:73:07:2f:36:b9:61:
                    ba:6d:9d:a7:d2:e1:79:7c:93:86:74:4a:c4:7a:f1:
                    4b:9c:c9:27:4a:6a:7d:ba:20:ad:52:ff:d9:4c:2a:
                    12:76:a4:7f:e2:14:f4:21:4a:4a:fa:23:78:47:25:
                    b2:03:8b:87:50:50:c2:d1:09:31:97:19:5f:53:51:
                    cd:14:08:a9:c9:b6:07:a4:17:57:00:25:37:04:57:
                    74:3d:37:fb:7a:78:fa:8d:bd:cb:92:4e:70:e5:66:
                    63:9e:a3:c9:0f:e4:8a:2c:af:95:35:e7:14:ab:4e:
                    b8:a7:2b:8a:f9:95:6a:d5:a9:88:c4:e2:f5:5e:eb:
                    3d:86:e4:a5:50:d9:ca:d8:ae:22:41:be:be:d4:c6:
                    6e:dd:23:38:6a:97:63:34:0d:37:03:ed:6e:d1:22:
                    92:b8:b7:7b:dd:18:14:7c:e9:ba:17:2c:cb:5d:c1:
                    8e:f7:11:5a:1c:b2:67:0f:04:30:64:71:44:06:7c:
                    b2:cd:d8:e6:8a:60:b3:0b:a3:77:44:3d:6c:7f:d6:
                    73:59:04:9b:a3:ba:ca:ed:36:e6:a6:12:0b:0e:a0:
                    6f:c5:8c:7e:30:1b:5a:e9:4f:f2:c0:27:88:90:26:
                    eb:1d:05:3f:e3:9e:c4:1f:54:0a:0a:05:dd:96:b8:
                    77:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:7D:E1:EF:38:85:F7:3C:46:F3:49:7B:1D:CC:AE:0E:A9:EF:BF:17
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:73:3f:ba:31:8b:af:e1:c4:01:9b:54:14:cc:f2:05:aa:08:
         98:c4:fa:0a:c0:c4:74:d6:ae:97:05:91:05:67:0d:8c:51:3a:
         f7:b6:aa:42:2f:e4:9b:52:26:0c:95:fe:ca:52:fe:fb:98:23:
         03:bc:4b:38:d2:4b:28:d7:a4:17:f3:74:2b:a6:eb:ce:f2:53:
         14:2a:82:7a:ca:f6:0e:2c:a1:f9:b6:93:21:56:18:bb:f4:89:
         8a:90:ca:24:ed:c5:a7:50:21:0d:91:e5:1f:85:b5:1d:2c:34:
         64:68:09:06:9b:e5:5e:31:09:cb:aa:ea:11:87:79:d6:41:44:
         af:8b:d8:00:d4:f1:f7:7c:e0:01:06:b0:7d:ef:2a:e0:92:4e:
         f1:08:74:cc:b9:2c:78:b0:a9:8a:49:30:ac:f6:3c:30:d5:87:
         b1:ff:f4:4b:43:ff:68:25:c1:96:b4:2f:61:ce:ad:2f:6f:7c:
         63:c2:39:d1:94:d7:33:0b:9d:fd:51:9e:91:cd:b8:d9:64:6c:
         89:b5:bf:01:38:e1:27:bc:00:af:5d:e2:70:8e:62:fd:3c:e9:
         33:6f:2a:b5:93:93:cc:4f:a3:1a:dd:d8:75:79:e5:0d:03:8a:
         52:db:96:82:f2:a8:3f:70:88:c6:9e:c8:e3:ba:ae:96:37:7f:
         6e:32:30:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9MEO3ZdeQ6f5HsalkkD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjYwNDE3MDEwMTEwWhcNMjYwNDE4MDEwMTEwWjAzMTEwLwYDVQQD
EygxNDdkZTFlZjM4ODVmNzNjNDZmMzQ5N2IxZGNjYWUwZWE5ZWZiZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQ1ueF1UczVzBy82uWG6bZ2n0uF5
fJOGdErEevFLnMknSmp9uiCtUv/ZTCoSdqR/4hT0IUpK+iN4RyWyA4uHUFDC0Qkx
lxlfU1HNFAipybYHpBdXACU3BFd0PTf7enj6jb3Lkk5w5WZjnqPJD+SKLK+VNecU
q064pyuK+ZVq1amIxOL1Xus9huSlUNnK2K4iQb6+1MZu3SM4apdjNA03A+1u0SKS
uLd73RgUfOm6FyzLXcGO9xFaHLJnDwQwZHFEBnyyzdjmimCzC6N3RD1sf9ZzWQSb
o7rK7TbmphILDqBvxYx+MBta6U/ywCeIkCbrHQU/457EH1QKCgXdlrh31wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBR94e84hfc8RvNJex3Mrg6p778XMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhnM/ujGL
r+HEAZtUFMzyBaoImMT6CsDEdNaulwWRBWcNjFE697aqQi/km1ImDJX+ylL++5gj
A7xLONJLKNekF/N0K6brzvJTFCqCesr2Diyh+baTIVYYu/SJipDKJO3Fp1AhDZHl
H4W1HSw0ZGgJBpvlXjEJy6rqEYd51kFEr4vYANTx93zgAQawfe8q4JJO8Qh0zLks
eLCpikkwrPY8MNWHsf/0S0P/aCXBlrQvYc6tL298Y8I50ZTXMwud/VGekc242WRs
ibW/ATjhJ7wAr13icI5i/TzpM28qtZOTzE+jGt3YdXnlDQOKUtuWgvKoP3CIxp7I
47quljd/bjIwgQ==
-----END CERTIFICATE-----