Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
File:                     i5epFTYKSH1c9dXGZeW_4f_1Np8.mft (raw, json)
Hash identifier:          RtvYtQzMUTN3XCfjcKsCRDYlwyRG0cGN7iFrqiZXk6w=
Subject key identifier:   5D:6F:99:66:ED:D7:3F:EA:CC:14:9D:F0:55:EF:FD:C9:0F:8F:22:61
Authority key identifier: 8B:97:A9:15:36:0A:48:7D:5C:F5:D5:C6:65:E5:BF:E1:FF:F5:36:9F
Certificate issuer:       /CN=8b97a915360a487d5cf5d5c665e5bfe1fff5369f
Certificate serial:       019D27043BEC3F7FA1F6D8EAC1E1BAD20D7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
Manifest number:          0723
Signing time:             Wed 25 Mar 2026 22:01:22 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:22 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:22 +0000
Files and hashes:         1: i5epFTYKSH1c9dXGZeW_4f_1Np8.crl (hash: 8Z1Dxxop9icVaeisarn44eCpJaP3ffJ9QcnbzvEA1Pc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:3b:ec:3f:7f:a1:f6:d8:ea:c1:e1:ba:d2:0d:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b97a915360a487d5cf5d5c665e5bfe1fff5369f
        Validity
            Not Before: Mar 25 22:01:22 2026 GMT
            Not After : Mar 26 22:01:22 2026 GMT
        Subject: CN=5d6f9966edd73feacc149df055effdc90f8f2261
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c2:1b:e8:87:11:68:88:ce:70:57:7c:92:35:
                    08:2f:20:e8:03:63:7c:4e:fe:54:e7:e4:17:0a:91:
                    de:9e:54:4b:71:82:c3:c3:31:a4:bb:98:d5:52:d6:
                    16:33:46:2d:fa:bf:58:c6:3c:28:45:33:44:0a:38:
                    62:a4:40:b8:c0:02:4b:a5:c8:44:51:37:e2:74:c0:
                    ce:cb:26:b6:21:4b:91:e4:b5:31:f7:da:8c:28:53:
                    e1:5d:ce:3d:2d:e6:fa:20:d7:10:cb:01:33:89:78:
                    4c:11:2d:3d:a8:25:12:13:61:c9:5b:a0:30:56:e3:
                    7d:14:57:a0:b3:37:0a:6c:dc:62:55:dd:99:1f:14:
                    08:9d:66:d1:28:2b:a8:db:8f:10:89:e2:41:07:dd:
                    74:18:33:ec:bd:f3:f1:6a:7e:9f:40:cd:bb:f7:40:
                    ab:da:02:ac:7f:09:12:61:81:1b:4d:1a:31:30:0c:
                    26:21:1b:62:ce:4e:8f:47:c1:f1:b3:8b:20:db:56:
                    2d:17:57:3f:f1:69:9f:dd:ea:f6:30:92:1d:c4:fe:
                    93:2a:55:2e:03:e2:46:1a:df:43:16:60:ef:4f:cb:
                    7c:50:93:73:dd:6e:88:ee:5d:7d:eb:0e:fc:55:31:
                    7e:d9:81:3b:78:05:85:04:6e:7d:06:6b:50:77:1a:
                    6e:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6F:99:66:ED:D7:3F:EA:CC:14:9D:F0:55:EF:FD:C9:0F:8F:22:61
            X509v3 Authority Key Identifier:
                keyid:8B:97:A9:15:36:0A:48:7D:5C:F5:D5:C6:65:E5:BF:E1:FF:F5:36:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:16:d6:6a:df:b9:dc:b4:c4:37:2f:d9:10:a4:33:c3:67:04:
         8c:70:56:8b:b8:49:77:d6:12:5b:af:cc:46:b7:bb:48:55:83:
         ad:56:73:07:2a:e1:c9:d0:70:c0:9c:4e:6c:99:51:c4:6e:e1:
         7c:73:23:71:5a:3b:f5:82:d8:86:06:e5:8b:23:ef:5b:45:9c:
         e1:01:36:26:da:27:91:ad:62:9e:3f:d7:6f:59:ae:3c:32:1c:
         54:6c:e6:73:9f:a5:75:5d:38:ed:64:5c:4e:4e:20:9f:37:f9:
         c3:0f:b6:1f:66:e0:a8:d0:df:9e:d0:a6:a8:06:70:dc:ae:34:
         38:64:71:93:bb:8d:c9:ba:20:55:6a:73:c9:24:ed:1e:23:cf:
         54:f2:da:ce:68:4e:35:8b:92:59:a6:44:cf:b9:58:5c:21:e4:
         73:4b:26:86:c5:dd:fb:1b:9a:e3:2e:98:9c:cc:91:d9:c2:bb:
         e0:0f:6c:58:9b:78:8b:42:18:dd:60:63:3e:fa:ba:f8:6e:9d:
         85:de:09:3d:ac:eb:3c:1f:d4:e8:83:8b:1d:c3:9d:93:9b:bc:
         31:9b:c7:a6:96:92:90:eb:95:c7:ce:ae:52:99:3f:5c:fd:31:
         25:40:8f:6d:f5:4e:24:e9:8c:ce:81:0c:e9:ae:d7:e4:e3:7d:
         ae:75:7f:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBDvsP3+h9tjqweG60g17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTdhOTE1MzYwYTQ4N2Q1Y2Y1ZDVjNjY1ZTViZmUxZmZm
NTM2OWYwHhcNMjYwMzI1MjIwMTIyWhcNMjYwMzI2MjIwMTIyWjAzMTEwLwYDVQQD
Eyg1ZDZmOTk2NmVkZDczZmVhY2MxNDlkZjA1NWVmZmRjOTBmOGYyMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MIb6IcRaIjOcFd8kjUILyDoA2N8
Tv5U5+QXCpHenlRLcYLDwzGku5jVUtYWM0Yt+r9YxjwoRTNECjhipEC4wAJLpchE
UTfidMDOyya2IUuR5LUx99qMKFPhXc49Leb6INcQywEziXhMES09qCUSE2HJW6Aw
VuN9FFegszcKbNxiVd2ZHxQInWbRKCuo248QieJBB910GDPsvfPxan6fQM2790Cr
2gKsfwkSYYEbTRoxMAwmIRtizk6PR8Hxs4sg21YtF1c/8Wmf3er2MJIdxP6TKlUu
A+JGGt9DFmDvT8t8UJNz3W6I7l196w78VTF+2YE7eAWFBG59BmtQdxpuGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1vmWbt1z/qzBSd8FXv/ckPjyJhMB8GA1UdIwQY
MBaAFIuXqRU2Ckh9XPXVxmXlv+H/9TafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83ZDRhMjktMDIzZi00MmQ3LWFhYjct
ZDg3YjM2MWFjZDg5LzEvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83ZDRhMjktMDIzZi00MmQ3LWFhYjctZDg3YjM2MWFjZDg5
LzEvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeBbWat+5
3LTENy/ZEKQzw2cEjHBWi7hJd9YSW6/MRre7SFWDrVZzByrhydBwwJxObJlRxG7h
fHMjcVo79YLYhgbliyPvW0Wc4QE2Jtonka1inj/Xb1muPDIcVGzmc5+ldV047WRc
Tk4gnzf5ww+2H2bgqNDfntCmqAZw3K40OGRxk7uNybogVWpzySTtHiPPVPLazmhO
NYuSWaZEz7lYXCHkc0smhsXd+xua4y6YnMyR2cK74A9sWJt4i0IY3WBjPvq6+G6d
hd4JPazrPB/U6IOLHcOdk5u8MZvHppaSkOuVx86uUpk/XP0xJUCPbfVOJOmMzoEM
6a7X5ON9rnV/tw==
-----END CERTIFICATE-----