Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/5c02bb-a4a5-4fc4-9db3-1948267472de/1/RIjdC2q9M32PzGIEd-bo1SiS9xQ.mft
File:                     RIjdC2q9M32PzGIEd-bo1SiS9xQ.mft (raw, json)
Hash identifier:          uUxVTqW540F3VscUrmD7etVzGMfQFCnHaTnM1IdiweU=
Subject key identifier:   28:7C:BD:EA:90:96:21:26:C5:2D:E7:3F:8A:D9:23:44:74:AD:A0:15
Authority key identifier: 44:88:DD:0B:6A:BD:33:7D:8F:CC:62:04:77:E6:E8:D5:28:92:F7:14
Certificate issuer:       /CN=4488dd0b6abd337d8fcc620477e6e8d52892f714
Certificate serial:       019D333F1DACAC8A8555768C2EA6C1E35B72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RIjdC2q9M32PzGIEd-bo1SiS9xQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/5c02bb-a4a5-4fc4-9db3-1948267472de/1/RIjdC2q9M32PzGIEd-bo1SiS9xQ.mft
Manifest number:          7A
Signing time:             Sat 28 Mar 2026 07:01:07 +0000
Manifest this update:     Sat 28 Mar 2026 07:01:07 +0000
Manifest next update:     Sun 29 Mar 2026 07:01:07 +0000
Files and hashes:         1: RIjdC2q9M32PzGIEd-bo1SiS9xQ.crl (hash: QyKC72mUJdQqCNJ4cdOpJoVT0U+fh9X1u2Id/s3KqR4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/5c02bb-a4a5-4fc4-9db3-1948267472de/1/RIjdC2q9M32PzGIEd-bo1SiS9xQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/5c02bb-a4a5-4fc4-9db3-1948267472de/1/RIjdC2q9M32PzGIEd-bo1SiS9xQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RIjdC2q9M32PzGIEd-bo1SiS9xQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:3f:1d:ac:ac:8a:85:55:76:8c:2e:a6:c1:e3:5b:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4488dd0b6abd337d8fcc620477e6e8d52892f714
        Validity
            Not Before: Mar 28 07:01:07 2026 GMT
            Not After : Mar 29 07:01:07 2026 GMT
        Subject: CN=287cbdea90962126c52de73f8ad9234474ada015
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:8a:da:f1:39:5e:a2:f1:01:1f:0e:54:92:47:
                    ea:e2:3f:cf:5e:90:49:f5:96:8a:e2:a1:83:7b:16:
                    b3:0b:41:a0:8b:13:0f:ea:8d:cd:ce:4d:9a:87:68:
                    d1:ba:65:53:bc:85:28:73:49:c0:1b:6b:dd:0b:87:
                    19:06:0a:7f:7b:a9:97:0d:df:40:b6:dd:3f:6c:19:
                    66:90:05:9a:ac:11:bc:7d:4f:10:15:20:69:8e:54:
                    5a:47:eb:47:49:14:b5:ab:63:67:f6:c3:d0:11:30:
                    f4:2d:2e:39:d6:7c:48:0c:49:1d:4d:00:a3:f5:3d:
                    3c:7d:b6:17:a8:52:69:24:19:85:0c:26:42:d9:1a:
                    81:52:f3:c4:69:12:8f:de:de:db:42:57:c4:d7:5d:
                    d5:bd:2e:f6:15:31:4c:9d:41:82:4c:89:66:1e:fe:
                    95:b6:36:4a:d5:89:7a:d7:42:68:3c:ef:b9:7d:7a:
                    05:e3:ca:83:f8:c9:e0:ca:02:f1:db:75:c9:1a:49:
                    dd:72:10:e5:81:c0:2a:88:64:a6:1c:fd:44:0b:7f:
                    23:e6:f4:c3:f3:fd:1e:58:7c:ca:aa:eb:e4:8e:53:
                    ed:84:52:20:5b:d3:ae:b9:a4:fb:58:d9:23:7a:d7:
                    c3:b5:15:26:fb:1d:d5:d0:13:e3:cd:b5:73:e7:01:
                    3b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:7C:BD:EA:90:96:21:26:C5:2D:E7:3F:8A:D9:23:44:74:AD:A0:15
            X509v3 Authority Key Identifier:
                keyid:44:88:DD:0B:6A:BD:33:7D:8F:CC:62:04:77:E6:E8:D5:28:92:F7:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RIjdC2q9M32PzGIEd-bo1SiS9xQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/5c02bb-a4a5-4fc4-9db3-1948267472de/1/RIjdC2q9M32PzGIEd-bo1SiS9xQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/5c02bb-a4a5-4fc4-9db3-1948267472de/1/RIjdC2q9M32PzGIEd-bo1SiS9xQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:9f:23:d4:1c:61:f6:80:88:bf:1d:41:62:a7:c8:15:8e:91:
         59:cd:66:f0:ed:3e:4c:89:24:68:38:55:9b:57:72:19:e7:2a:
         ad:67:a0:0e:e7:98:46:18:89:eb:be:24:3b:34:6d:12:ea:c1:
         6d:0c:f6:5e:dd:23:25:32:d5:b2:e5:2a:61:a9:ee:23:38:67:
         97:11:55:bb:29:6d:70:19:30:e9:7b:a7:7e:07:fc:07:1c:53:
         db:08:e9:cf:2f:8a:30:78:bd:bc:96:6f:4a:41:99:57:47:c5:
         a3:4c:cb:88:d1:54:2d:ba:bc:db:08:dd:eb:74:97:de:15:2c:
         66:ae:64:e0:38:94:cc:74:e7:bb:3d:51:7b:ea:0f:28:4d:31:
         e4:ba:95:ef:9c:c2:c7:97:c3:05:30:b0:ef:51:c6:20:92:df:
         5b:2e:ab:30:c2:ec:4f:80:c3:4e:18:ee:ed:95:6f:64:19:84:
         67:39:1f:43:76:a5:e7:be:f1:a8:db:1e:2e:57:29:fd:c3:3a:
         63:0f:a6:cf:a9:1f:cf:29:3f:b5:04:91:11:59:c4:d5:9f:29:
         97:0f:05:fa:c7:13:a1:30:b9:b5:57:96:29:ea:52:18:f9:25:
         0d:6b:13:b1:9f:4c:d9:67:b2:ea:91:af:9f:44:0f:61:a7:38:
         2b:10:fb:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zPx2srIqFVXaMLqbB41tyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ODhkZDBiNmFiZDMzN2Q4ZmNjNjIwNDc3ZTZlOGQ1Mjg5
MmY3MTQwHhcNMjYwMzI4MDcwMTA3WhcNMjYwMzI5MDcwMTA3WjAzMTEwLwYDVQQD
EygyODdjYmRlYTkwOTYyMTI2YzUyZGU3M2Y4YWQ5MjM0NDc0YWRhMDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4ra8TleovEBHw5Ukkfq4j/PXpBJ
9ZaK4qGDexazC0GgixMP6o3Nzk2ah2jRumVTvIUoc0nAG2vdC4cZBgp/e6mXDd9A
tt0/bBlmkAWarBG8fU8QFSBpjlRaR+tHSRS1q2Nn9sPQETD0LS451nxIDEkdTQCj
9T08fbYXqFJpJBmFDCZC2RqBUvPEaRKP3t7bQlfE113VvS72FTFMnUGCTIlmHv6V
tjZK1Yl610JoPO+5fXoF48qD+MngygLx23XJGkndchDlgcAqiGSmHP1EC38j5vTD
8/0eWHzKquvkjlPthFIgW9OuuaT7WNkjetfDtRUm+x3V0BPjzbVz5wE73QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCh8veqQliEmxS3nP4rZI0R0raAVMB8GA1UdIwQY
MBaAFESI3QtqvTN9j8xiBHfm6NUokvcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUklqZEMycTlNMzJQekdJRWQtYm8xU2lTOXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81YzAyYmItYTRhNS00ZmM0LTlkYjMt
MTk0ODI2NzQ3MmRlLzEvUklqZEMycTlNMzJQekdJRWQtYm8xU2lTOXhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81YzAyYmItYTRhNS00ZmM0LTlkYjMtMTk0ODI2NzQ3MmRl
LzEvUklqZEMycTlNMzJQekdJRWQtYm8xU2lTOXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA58j1Bxh
9oCIvx1BYqfIFY6RWc1m8O0+TIkkaDhVm1dyGecqrWegDueYRhiJ674kOzRtEurB
bQz2Xt0jJTLVsuUqYanuIzhnlxFVuyltcBkw6Xunfgf8BxxT2wjpzy+KMHi9vJZv
SkGZV0fFo0zLiNFULbq82wjd63SX3hUsZq5k4DiUzHTnuz1Re+oPKE0x5LqV75zC
x5fDBTCw71HGIJLfWy6rMMLsT4DDThju7ZVvZBmEZzkfQ3al577xqNseLlcp/cM6
Yw+mz6kfzyk/tQSREVnE1Z8plw8F+scToTC5tVeWKepSGPklDWsTsZ9M2Wey6pGv
n0QPYac4KxD7dw==
-----END CERTIFICATE-----