Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          23+GlCkOoAo1WNfKEF/b56zyoNneqateSAt7u0XwBuQ=
Subject key identifier:   0A:1C:D7:C6:AB:D6:2A:77:B1:30:FB:53:39:78:4F:33:AE:03:73:FC
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       019E1CB46400087CFC7BFCBFE34546A942D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          1901
Signing time:             Tue 12 May 2026 15:00:44 +0000
Manifest this update:     Tue 12 May 2026 15:00:44 +0000
Manifest next update:     Wed 13 May 2026 15:00:44 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: 2PVGdRbrlakP/4ec1mz+WWJml1QrcEZSfhbNDtE1jFc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:b4:64:00:08:7c:fc:7b:fc:bf:e3:45:46:a9:42:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: May 12 15:00:44 2026 GMT
            Not After : May 13 15:00:44 2026 GMT
        Subject: CN=0a1cd7c6abd62a77b130fb5339784f33ae0373fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:49:6a:88:2a:57:fd:99:3d:60:04:e8:3a:ad:
                    6a:38:8a:3a:5b:c8:50:66:9b:3e:f7:f8:cb:09:4f:
                    a2:15:7b:e5:26:d0:08:c5:b3:1a:ee:51:25:24:7a:
                    8c:1c:66:a5:de:00:41:13:28:2d:60:74:3b:95:ac:
                    f0:e3:d4:24:75:ce:fd:2f:7f:5f:1b:a7:1e:ba:8a:
                    84:c8:54:f5:f8:d6:b4:c8:b8:45:1a:22:e2:bf:58:
                    f3:0e:6b:7b:79:4f:5f:55:46:e0:f2:23:7c:a2:95:
                    33:51:53:75:40:81:a0:0f:4c:e5:ee:8a:36:bc:b1:
                    ca:58:8c:44:f5:1e:db:97:dc:4f:f9:c4:f6:74:f2:
                    ae:bb:ca:49:01:73:ef:68:5b:63:d0:fe:9c:d7:0c:
                    e5:35:3d:bd:b2:8b:96:c1:63:25:b5:22:90:0e:5a:
                    13:55:68:41:e5:ee:cd:ca:59:45:f6:bb:6f:09:38:
                    5e:1f:5c:5a:8f:66:9d:2b:c7:74:b8:ae:73:08:1b:
                    04:0c:19:e5:ac:5d:c5:1e:84:59:fb:5d:34:90:60:
                    be:af:14:9e:ba:b0:ff:d0:fa:fa:1a:64:18:80:27:
                    72:4f:90:fc:0d:ed:ea:6e:29:18:0c:22:e9:ff:94:
                    f4:c4:2a:5c:a3:ab:02:4a:d2:42:99:5f:59:93:1a:
                    2e:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:1C:D7:C6:AB:D6:2A:77:B1:30:FB:53:39:78:4F:33:AE:03:73:FC
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:16:98:c3:f9:dd:fe:46:3d:13:f0:b2:7c:e9:7f:52:f3:c6:
         c6:28:06:29:66:cd:ee:e7:bf:c8:c9:f2:1c:88:b2:6e:a1:e8:
         bb:7f:22:76:a6:a1:1a:10:cf:21:2d:48:52:9f:60:b5:3e:2a:
         3e:1b:05:07:7e:1c:b7:a1:ad:5f:53:fc:27:72:9b:59:19:1e:
         4f:6a:00:26:24:8e:0e:4d:b5:63:0a:78:7b:db:c6:4b:86:7b:
         fe:7b:4a:9f:bf:37:d5:e2:fd:42:0d:d4:ff:0f:8c:ef:d5:da:
         c8:14:fa:ba:fb:49:57:37:18:2e:ef:e9:aa:e4:f1:3b:15:68:
         45:b2:aa:cb:5c:99:35:d4:c6:23:41:02:68:ee:f0:39:86:5d:
         b7:e9:82:4b:cb:11:50:9b:93:8b:fa:ea:19:4d:64:fe:dd:2e:
         70:ff:e6:96:e0:8e:84:35:9f:1f:27:a9:42:ba:68:70:f0:9f:
         74:ff:52:d5:81:08:37:ce:19:d6:07:a3:fc:a9:44:9e:4f:1a:
         95:8d:bd:85:e4:b0:aa:e8:6a:82:8b:ca:0f:4c:3f:82:99:d7:
         80:79:48:3f:2d:80:f4:e9:3e:e5:20:28:02:a5:4e:0b:a8:d4:
         8e:30:fe:b9:9a:b4:34:32:3a:e9:f5:c2:bf:59:89:fb:af:eb:
         c8:e6:f3:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ctGQACHz8e/y/40VGqULRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjYwNTEyMTUwMDQ0WhcNMjYwNTEzMTUwMDQ0WjAzMTEwLwYDVQQD
EygwYTFjZDdjNmFiZDYyYTc3YjEzMGZiNTMzOTc4NGYzM2FlMDM3M2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApklqiCpX/Zk9YAToOq1qOIo6W8hQ
Zps+9/jLCU+iFXvlJtAIxbMa7lElJHqMHGal3gBBEygtYHQ7lazw49Qkdc79L39f
G6ceuoqEyFT1+Na0yLhFGiLiv1jzDmt7eU9fVUbg8iN8opUzUVN1QIGgD0zl7oo2
vLHKWIxE9R7bl9xP+cT2dPKuu8pJAXPvaFtj0P6c1wzlNT29souWwWMltSKQDloT
VWhB5e7NyllF9rtvCTheH1xaj2adK8d0uK5zCBsEDBnlrF3FHoRZ+100kGC+rxSe
urD/0Pr6GmQYgCdyT5D8De3qbikYDCLp/5T0xCpco6sCStJCmV9ZkxounwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAoc18ar1ip3sTD7Uzl4TzOuA3P8MB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAexaYw/nd
/kY9E/CyfOl/UvPGxigGKWbN7ue/yMnyHIiybqHou38idqahGhDPIS1IUp9gtT4q
PhsFB34ct6GtX1P8J3KbWRkeT2oAJiSODk21Ywp4e9vGS4Z7/ntKn7831eL9Qg3U
/w+M79XayBT6uvtJVzcYLu/pquTxOxVoRbKqy1yZNdTGI0ECaO7wOYZdt+mCS8sR
UJuTi/rqGU1k/t0ucP/mluCOhDWfHyepQrpocPCfdP9S1YEIN84Z1gej/KlEnk8a
lY29heSwquhqgovKD0w/gpnXgHlIPy2A9Ok+5SAoAqVOC6jUjjD+uZq0NDI66fXC
v1mJ+6/ryObzkg==
-----END CERTIFICATE-----