Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          IxR7tlgVXN9j8g/mHLM5iBC0i2/G777w30wqqrm5VLI=
Subject key identifier:   B7:28:A3:17:E2:63:A0:26:02:04:72:36:36:30:43:06:BB:A2:38:0B
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       019D2772980E3B20A24BBF52B1C33FB65863
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          1882
Signing time:             Thu 26 Mar 2026 00:01:54 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:54 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:54 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: rCrR+wYZLCh+2qxYN6g/KGEPN38VNg/X44ORVqr49zQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:98:0e:3b:20:a2:4b:bf:52:b1:c3:3f:b6:58:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: Mar 26 00:01:54 2026 GMT
            Not After : Mar 27 00:01:54 2026 GMT
        Subject: CN=b728a317e263a0260204723636304306bba2380b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:07:62:5b:3e:cb:90:53:40:f3:a9:31:4e:42:
                    ff:2f:c5:3a:3b:de:ae:0b:75:61:f7:cb:ce:37:fe:
                    cc:a5:65:9c:b7:a3:8e:69:8e:1e:83:9a:ad:8a:fc:
                    2d:83:10:fb:03:ea:c5:e9:41:3d:33:dd:64:eb:46:
                    9a:ae:34:4a:a4:b5:55:fd:8c:37:71:21:8b:40:15:
                    40:a8:b6:cd:de:1b:7c:87:3e:0b:f1:20:65:ce:64:
                    be:66:a4:d8:c2:0f:e1:e7:a7:07:96:0f:57:68:74:
                    c1:bb:b5:d8:b8:a4:40:82:b3:25:a4:d9:b5:f3:9e:
                    fb:ba:a1:b2:1f:bd:19:60:32:d3:c8:d2:4c:53:e0:
                    fb:ce:2a:a0:ee:9f:c8:7a:c6:01:22:6a:91:bc:0a:
                    3b:cd:c9:ad:31:e2:2d:c4:26:d6:f5:cd:05:79:cf:
                    0f:43:06:e1:32:7e:8f:85:de:06:9b:01:d8:4a:37:
                    b8:30:0b:f7:7e:c9:19:e5:31:36:77:55:f3:b7:64:
                    b5:0e:fc:a4:6d:47:ad:0a:77:3c:7c:76:dd:52:17:
                    3f:be:0e:8f:fb:c7:1f:7d:70:2c:a8:09:d0:81:ab:
                    07:3d:af:19:44:79:25:4c:30:cf:f2:82:50:d6:f1:
                    3c:ce:8f:03:88:3d:35:c3:b0:1e:40:fc:2b:81:2e:
                    52:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:28:A3:17:E2:63:A0:26:02:04:72:36:36:30:43:06:BB:A2:38:0B
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:d4:4d:94:96:29:64:50:59:a1:90:54:15:d8:ce:18:fd:8a:
         4a:95:e9:ee:9d:89:c5:6f:e9:23:95:dd:aa:ea:cc:6e:06:e1:
         c9:2f:c4:a7:d5:20:0b:a6:bd:74:76:f3:f6:ec:49:b7:d8:22:
         74:bf:1c:9d:85:15:c4:57:85:ea:98:df:6c:d6:f9:8d:0a:38:
         24:21:51:72:6e:f3:cd:80:aa:b6:b3:8f:bb:5d:2a:98:b5:ac:
         eb:1b:d5:cd:85:2d:30:38:99:e7:66:bd:33:05:d1:57:ee:cc:
         6d:10:19:71:25:dd:40:e2:8a:d6:16:67:d0:91:13:08:d7:03:
         24:83:69:08:56:2a:dd:c2:4f:ac:fa:16:f1:ae:05:cb:4b:9c:
         39:2e:ae:de:e9:d0:cc:ab:b4:6d:92:f2:c6:84:14:f4:46:9c:
         f9:84:25:6f:e6:80:7a:65:fb:32:bc:19:45:a7:36:a2:4d:71:
         a9:ee:bf:ab:68:ac:e2:39:7d:e3:53:95:b5:37:99:c3:39:03:
         3d:4b:40:10:ee:5a:0a:df:a4:0f:ca:c9:0e:b7:19:4a:3b:ef:
         3e:c8:61:24:9a:67:f9:f5:08:d6:83:f8:f0:0e:17:7e:1c:ea:
         cc:94:d6:04:78:00:28:98:e3:20:02:fa:37:ef:68:83:c3:e4:
         91:a0:d2:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncpgOOyCiS79SscM/tlhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjYwMzI2MDAwMTU0WhcNMjYwMzI3MDAwMTU0WjAzMTEwLwYDVQQD
EyhiNzI4YTMxN2UyNjNhMDI2MDIwNDcyMzYzNjMwNDMwNmJiYTIzODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAdiWz7LkFNA86kxTkL/L8U6O96u
C3Vh98vON/7MpWWct6OOaY4eg5qtivwtgxD7A+rF6UE9M91k60aarjRKpLVV/Yw3
cSGLQBVAqLbN3ht8hz4L8SBlzmS+ZqTYwg/h56cHlg9XaHTBu7XYuKRAgrMlpNm1
8577uqGyH70ZYDLTyNJMU+D7ziqg7p/IesYBImqRvAo7zcmtMeItxCbW9c0Fec8P
QwbhMn6Phd4GmwHYSje4MAv3fskZ5TE2d1Xzt2S1DvykbUetCnc8fHbdUhc/vg6P
+8cffXAsqAnQgasHPa8ZRHklTDDP8oJQ1vE8zo8DiD01w7AeQPwrgS5SXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcooxfiY6AmAgRyNjYwQwa7ojgLMB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABNRNlJYp
ZFBZoZBUFdjOGP2KSpXp7p2JxW/pI5XdqurMbgbhyS/Ep9UgC6a9dHbz9uxJt9gi
dL8cnYUVxFeF6pjfbNb5jQo4JCFRcm7zzYCqtrOPu10qmLWs6xvVzYUtMDiZ52a9
MwXRV+7MbRAZcSXdQOKK1hZn0JETCNcDJINpCFYq3cJPrPoW8a4Fy0ucOS6u3unQ
zKu0bZLyxoQU9Eac+YQlb+aAemX7MrwZRac2ok1xqe6/q2is4jl941OVtTeZwzkD
PUtAEO5aCt+kD8rJDrcZSjvvPshhJJpn+fUI1oP48A4XfhzqzJTWBHgAKJjjIAL6
N+9og8PkkaDSsw==
-----END CERTIFICATE-----