Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          D6pJ4+enI+5aGgHu/ZfziXF3wX7DDbnge9qkUBvs5Fc=
Subject key identifier:   E2:DB:54:7F:9A:38:07:7F:49:A3:4D:76:26:70:6C:31:3B:33:4D:2B
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       019D25831F69EE22B8BE8CE0EC2FF9B55275
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0EEC
Signing time:             Wed 25 Mar 2026 15:00:43 +0000
Manifest this update:     Wed 25 Mar 2026 15:00:43 +0000
Manifest next update:     Thu 26 Mar 2026 15:00:43 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: dMV7VT2PTnaSe2x9GajEOmp3tcy4xrXx/ofIQ9cdeZM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:83:1f:69:ee:22:b8:be:8c:e0:ec:2f:f9:b5:52:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: Mar 25 15:00:43 2026 GMT
            Not After : Mar 26 15:00:43 2026 GMT
        Subject: CN=e2db547f9a38077f49a34d7626706c313b334d2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c3:d1:9f:18:a1:f4:71:88:ad:e6:93:6b:09:
                    92:72:2a:c9:ce:e0:29:12:cd:fc:c4:1b:5b:a0:b2:
                    14:fa:23:ce:34:14:ef:0c:0e:a1:fd:f7:3d:83:92:
                    f5:5f:88:c5:50:d0:76:cd:1e:72:ce:67:9f:2a:0d:
                    ba:0b:d9:f6:df:37:4d:98:9b:de:6e:d2:67:e9:4f:
                    ac:65:d6:24:10:b1:36:df:60:6e:5f:35:e3:67:5f:
                    1a:93:2a:d2:f2:78:51:56:e8:30:45:8d:48:7f:75:
                    b5:f0:b3:80:ab:6b:15:82:ea:65:0c:6e:8f:9d:54:
                    53:dd:1d:98:9c:76:aa:71:0a:a5:2f:50:63:e9:01:
                    d7:56:e3:5d:51:02:a5:8d:f3:8e:38:09:32:7e:7d:
                    07:f5:ce:5f:e2:44:45:39:b7:64:7b:5c:cf:ed:88:
                    7e:3a:96:5f:7b:a6:c4:5f:90:99:3b:a1:ea:80:9b:
                    ae:b8:51:73:5c:02:9c:4a:cb:f9:8e:33:a7:5a:ec:
                    48:8b:02:b9:4d:82:41:0a:b9:c8:8d:8a:d8:27:66:
                    16:89:ef:7c:bc:cd:6c:8e:92:13:56:b7:c6:95:7f:
                    a1:9c:42:d8:c7:ff:be:8a:d3:53:5b:21:f5:1c:61:
                    68:c4:ef:11:5d:0d:e3:e5:22:a7:9a:20:ed:7c:f7:
                    33:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:DB:54:7F:9A:38:07:7F:49:A3:4D:76:26:70:6C:31:3B:33:4D:2B
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:1a:16:57:a3:bf:ad:06:0e:00:13:d8:a8:8d:4d:ff:c9:db:
         ca:5b:b0:ad:9f:fa:33:b5:9a:d6:a9:21:8f:b1:85:e6:3a:db:
         fb:e5:8b:09:17:89:2c:4d:f2:40:db:0f:42:d8:c6:d9:a5:ea:
         06:6d:b4:eb:64:6b:14:21:31:84:ff:00:e3:d9:3d:cb:ee:00:
         35:21:4d:57:40:c4:d0:7e:5b:7c:be:20:56:ba:24:f0:63:36:
         20:43:a3:70:13:2e:5d:d5:15:61:a8:ea:64:40:03:5f:9c:56:
         9d:a2:ba:ce:83:fa:6f:18:66:01:52:29:aa:6a:5b:3f:c3:63:
         82:aa:1a:26:7c:18:9d:b9:ab:d3:6c:f9:e2:56:28:5f:a3:ef:
         1f:85:9f:75:65:8a:37:5c:56:25:70:1e:4a:8f:43:0a:54:be:
         8d:70:07:42:3f:25:e0:dc:db:2a:a1:30:77:dd:e9:32:fb:cd:
         15:48:0a:84:8d:a7:b0:ee:d0:10:8b:f0:7a:35:ad:a7:ea:00:
         1f:30:84:7a:c5:40:6f:eb:9d:e9:eb:65:3b:0b:12:3d:58:7f:
         5e:4c:db:0e:c7:78:06:b1:2d:c7:7b:52:b6:a4:95:5d:76:0e:
         77:9f:82:e2:0d:db:37:92:fd:bc:fd:3b:9c:ae:22:2e:ec:37:
         b2:d0:04:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lgx9p7iK4vozg7C/5tVJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjYwMzI1MTUwMDQzWhcNMjYwMzI2MTUwMDQzWjAzMTEwLwYDVQQD
EyhlMmRiNTQ3ZjlhMzgwNzdmNDlhMzRkNzYyNjcwNmMzMTNiMzM0ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMPRnxih9HGIreaTawmScirJzuAp
Es38xBtboLIU+iPONBTvDA6h/fc9g5L1X4jFUNB2zR5yzmefKg26C9n23zdNmJve
btJn6U+sZdYkELE232BuXzXjZ18akyrS8nhRVugwRY1If3W18LOAq2sVguplDG6P
nVRT3R2YnHaqcQqlL1Bj6QHXVuNdUQKljfOOOAkyfn0H9c5f4kRFObdke1zP7Yh+
OpZfe6bEX5CZO6HqgJuuuFFzXAKcSsv5jjOnWuxIiwK5TYJBCrnIjYrYJ2YWie98
vM1sjpITVrfGlX+hnELYx/++itNTWyH1HGFoxO8RXQ3j5SKnmiDtfPczSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOLbVH+aOAd/SaNNdiZwbDE7M00rMB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgBoWV6O/
rQYOABPYqI1N/8nbyluwrZ/6M7Wa1qkhj7GF5jrb++WLCReJLE3yQNsPQtjG2aXq
Bm2062RrFCExhP8A49k9y+4ANSFNV0DE0H5bfL4gVrok8GM2IEOjcBMuXdUVYajq
ZEADX5xWnaK6zoP6bxhmAVIpqmpbP8NjgqoaJnwYnbmr02z54lYoX6PvH4WfdWWK
N1xWJXAeSo9DClS+jXAHQj8l4NzbKqEwd93pMvvNFUgKhI2nsO7QEIvwejWtp+oA
HzCEesVAb+ud6etlOwsSPVh/XkzbDsd4BrEtx3tStqSVXXYOd5+C4g3bN5L9vP07
nK4iLuw3stAEUg==
-----END CERTIFICATE-----