Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
File:                     7_vi0INCz7z3p9dOiOvQMeEgItk.mft (raw, json)
Hash identifier:          pzqZ6ampgQDgF1m9XBDSzZdTC+BdPMhcSi39HU3Ei3Y=
Subject key identifier:   5D:55:D0:A3:50:C1:7D:96:D0:8C:AB:A0:44:D9:2D:86:05:89:96:F5
Authority key identifier: EF:FB:E2:D0:83:42:CF:BC:F7:A7:D7:4E:88:EB:D0:31:E1:20:22:D9
Certificate issuer:       /CN=effbe2d08342cfbcf7a7d74e88ebd031e12022d9
Certificate serial:       019D333E6F77DE1C9F120DB5191E210F7744
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
Manifest number:          0681
Signing time:             Sat 28 Mar 2026 07:00:22 +0000
Manifest this update:     Sat 28 Mar 2026 07:00:22 +0000
Manifest next update:     Sun 29 Mar 2026 07:00:22 +0000
Files and hashes:         1: 7_vi0INCz7z3p9dOiOvQMeEgItk.crl (hash: 4wZGAJtdewtoOOQqXwH1g4qXeP9CMZb1W9ivhl2W+ww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 07:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:3e:6f:77:de:1c:9f:12:0d:b5:19:1e:21:0f:77:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=effbe2d08342cfbcf7a7d74e88ebd031e12022d9
        Validity
            Not Before: Mar 28 07:00:22 2026 GMT
            Not After : Mar 29 07:00:22 2026 GMT
        Subject: CN=5d55d0a350c17d96d08caba044d92d86058996f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:40:47:6c:e7:43:6d:ab:1a:f5:02:a8:c2:83:
                    b7:09:15:fc:d2:fd:fd:7f:5b:e7:50:de:88:67:1c:
                    bf:99:c6:b7:10:69:81:f7:cb:46:9b:54:94:88:22:
                    21:65:b7:bb:64:7f:e7:4e:d1:1f:01:58:55:eb:d0:
                    a7:b2:ec:cd:b3:c4:a9:51:b6:2d:3c:12:ac:32:66:
                    46:8d:90:c9:c5:f1:36:43:11:9b:3c:27:fe:cd:96:
                    4c:8b:8c:c3:01:a9:7a:d2:6f:a3:e1:bc:ae:ad:7e:
                    06:d0:02:da:b4:04:90:f3:6d:fd:0a:e2:aa:e9:ca:
                    a5:ff:7f:c6:40:13:ce:58:af:72:dd:8f:65:6d:c7:
                    8f:1d:6e:0d:79:35:ee:c0:da:e5:00:62:67:da:c4:
                    a5:b8:58:82:ab:fc:fb:96:85:73:16:e3:a0:aa:8e:
                    a5:0c:73:b8:9d:ca:7b:06:23:95:23:61:0b:a1:5e:
                    95:12:55:64:be:27:b2:cb:fc:6a:9c:6d:09:f5:e4:
                    85:29:7f:4c:a8:ea:e7:ee:09:a6:f1:6e:8c:8a:37:
                    d0:f4:cc:da:cc:26:6e:85:56:a9:1a:61:e1:f0:c1:
                    8b:32:96:bd:72:54:ce:e1:a3:76:55:f9:95:e9:ed:
                    80:ee:34:16:20:8b:0d:87:f8:74:78:84:60:f8:f1:
                    fe:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:55:D0:A3:50:C1:7D:96:D0:8C:AB:A0:44:D9:2D:86:05:89:96:F5
            X509v3 Authority Key Identifier:
                keyid:EF:FB:E2:D0:83:42:CF:BC:F7:A7:D7:4E:88:EB:D0:31:E1:20:22:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:14:b0:2d:eb:a1:0f:0c:e4:1f:df:36:97:00:9e:93:fc:5d:
         0b:9c:06:7b:7f:47:90:19:e3:25:18:3d:42:15:6c:1d:b3:30:
         50:8d:f7:43:f8:b9:ae:65:1b:94:4c:5b:ec:8d:91:37:9f:5f:
         bd:bd:99:e2:c6:17:bf:cb:c5:2d:04:5a:00:84:74:21:65:dc:
         dd:96:bb:0f:c5:7b:c6:3f:4e:ad:38:8a:c7:68:97:74:ea:25:
         1f:c1:b7:c3:f1:9f:7e:bf:42:43:a8:9b:1b:52:e0:24:c1:d8:
         14:a4:03:37:cf:08:70:b2:1e:65:c4:56:b5:ab:13:c2:03:ec:
         c8:e6:5c:1c:56:e7:01:24:f3:15:cb:a5:e9:67:8b:dc:1f:fb:
         1c:4c:8e:a9:31:ed:36:9b:3f:26:4c:01:b6:a1:c3:f7:4d:d4:
         7c:cb:ee:8f:3f:d1:a0:f8:7f:70:a1:ac:b6:b1:3c:6c:1d:83:
         63:d1:da:1f:10:f1:fc:23:19:13:bd:ae:30:a6:d5:2b:55:c2:
         f7:6b:fe:c7:ad:f0:75:01:b8:bb:90:e6:bc:c7:56:58:ab:f4:
         48:80:18:db:50:4e:68:cb:6d:12:97:02:27:92:b1:37:8b:8e:
         86:40:a7:3b:bf:e3:a1:96:c9:f0:4c:94:a8:24:79:e3:d6:66:
         de:10:98:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zPm933hyfEg21GR4hD3dEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZmJlMmQwODM0MmNmYmNmN2E3ZDc0ZTg4ZWJkMDMxZTEy
MDIyZDkwHhcNMjYwMzI4MDcwMDIyWhcNMjYwMzI5MDcwMDIyWjAzMTEwLwYDVQQD
Eyg1ZDU1ZDBhMzUwYzE3ZDk2ZDA4Y2FiYTA0NGQ5MmQ4NjA1ODk5NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0BHbOdDbasa9QKowoO3CRX80v39
f1vnUN6IZxy/mca3EGmB98tGm1SUiCIhZbe7ZH/nTtEfAVhV69CnsuzNs8SpUbYt
PBKsMmZGjZDJxfE2QxGbPCf+zZZMi4zDAal60m+j4byurX4G0ALatASQ8239CuKq
6cql/3/GQBPOWK9y3Y9lbcePHW4NeTXuwNrlAGJn2sSluFiCq/z7loVzFuOgqo6l
DHO4ncp7BiOVI2ELoV6VElVkvieyy/xqnG0J9eSFKX9MqOrn7gmm8W6MijfQ9Mza
zCZuhVapGmHh8MGLMpa9clTO4aN2VfmV6e2A7jQWIIsNh/h0eIRg+PH+mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1V0KNQwX2W0IyroETZLYYFiZb1MB8GA1UdIwQY
MBaAFO/74tCDQs+896fXTojr0DHhICLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82YWU4YjMtYTM5MC00YjUxLWI3ZjEt
ZjJmMWNhMjg3MTQxLzEvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82YWU4YjMtYTM5MC00YjUxLWI3ZjEtZjJmMWNhMjg3MTQx
LzEvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABRSwLeuh
DwzkH982lwCek/xdC5wGe39HkBnjJRg9QhVsHbMwUI33Q/i5rmUblExb7I2RN59f
vb2Z4sYXv8vFLQRaAIR0IWXc3Za7D8V7xj9OrTiKx2iXdOolH8G3w/Gffr9CQ6ib
G1LgJMHYFKQDN88IcLIeZcRWtasTwgPsyOZcHFbnASTzFcul6WeL3B/7HEyOqTHt
Nps/JkwBtqHD903UfMvujz/RoPh/cKGstrE8bB2DY9HaHxDx/CMZE72uMKbVK1XC
92v+x63wdQG4u5DmvMdWWKv0SIAY21BOaMttEpcCJ5KxN4uOhkCnO7/joZbJ8EyU
qCR549Zm3hCYOw==
-----END CERTIFICATE-----