Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
File:                     CeVm4OteXiEQflX8lg-x7iGHRHQ.mft (raw, json)
Hash identifier:          5+ZA7vVyvHM20k2IktXRTLu6FVCALkDd9hKCuk3w7TA=
Subject key identifier:   A9:3E:7D:38:38:A8:2F:44:19:B0:0A:1B:87:62:95:CB:FB:2E:8F:B5
Authority key identifier: 09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74
Certificate issuer:       /CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
Certificate serial:       019D2703F3668B7679BAFA32CF7DB4723E1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
Manifest number:          16CD
Signing time:             Wed 25 Mar 2026 22:01:03 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:03 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:03 +0000
Files and hashes:         1: CeVm4OteXiEQflX8lg-x7iGHRHQ.crl (hash: Zwt8LMKbNMhOqQrEAvV0tCx2oq9NEHMq5xN3PykGCtE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:f3:66:8b:76:79:ba:fa:32:cf:7d:b4:72:3e:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
        Validity
            Not Before: Mar 25 22:01:03 2026 GMT
            Not After : Mar 26 22:01:03 2026 GMT
        Subject: CN=a93e7d3838a82f4419b00a1b876295cbfb2e8fb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:da:1a:ba:2a:03:c6:78:91:99:20:86:0d:62:
                    53:1a:a4:7b:a8:43:d5:e4:15:21:64:b8:42:6f:96:
                    75:a3:26:d1:65:16:2e:ee:8f:ba:da:cc:ad:0c:fe:
                    fe:fb:4a:a9:94:49:73:7c:e4:75:b2:f6:3c:65:00:
                    a8:a1:1a:f3:1f:3b:0d:13:40:a7:0d:30:ab:cc:e9:
                    9a:dd:82:50:d8:c9:62:c3:f4:bf:46:9d:24:d5:55:
                    44:8e:1b:51:2a:87:06:f4:47:fe:38:11:7b:84:a3:
                    09:a7:d5:37:dd:41:4e:2f:dc:6a:b9:93:c4:57:73:
                    69:5c:16:92:4b:84:1b:1b:47:ad:30:0c:20:36:5c:
                    68:b0:2e:cc:84:01:75:4c:cc:c0:d0:57:9a:32:89:
                    69:70:d6:84:65:07:91:07:71:b2:74:72:3e:a3:06:
                    b6:e0:98:31:70:94:05:10:36:75:da:15:cc:b0:f8:
                    5c:92:75:70:ad:92:22:67:99:ca:b6:2a:14:84:5b:
                    f2:3f:a6:ff:49:8f:dc:ce:02:1b:4e:64:ed:0f:33:
                    03:bd:dc:5b:85:06:22:69:4d:e2:2a:2e:fb:eb:e1:
                    6c:a9:81:f1:51:a9:ce:ae:be:14:0e:2a:42:2d:52:
                    b6:ae:90:95:fb:ab:c9:63:99:9f:f3:4b:22:75:f6:
                    58:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:3E:7D:38:38:A8:2F:44:19:B0:0A:1B:87:62:95:CB:FB:2E:8F:B5
            X509v3 Authority Key Identifier:
                keyid:09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:79:9e:13:8f:3e:74:11:ee:9f:4d:2d:11:0b:4a:12:03:77:
         70:a5:5e:11:94:f3:34:e7:af:0c:40:ff:ec:00:ee:85:fe:55:
         06:6d:1c:9d:93:eb:18:db:44:0d:c3:e8:1a:e2:68:ea:26:67:
         92:bd:74:58:c8:f6:ea:ae:6c:b1:46:d3:3c:0a:a0:9b:5b:92:
         c4:f4:89:67:98:f2:20:aa:19:af:39:9a:73:e4:af:09:98:d1:
         13:f2:50:52:ac:fa:72:fa:5e:cb:a7:62:28:c5:85:b7:ea:60:
         d4:13:2f:8f:ca:0c:c7:19:97:6f:04:4f:36:d2:a5:fe:df:c5:
         8a:14:43:7f:8e:e3:10:ba:e7:32:26:17:01:ef:c6:51:6f:25:
         c2:10:bb:8a:74:83:7b:99:e4:09:b6:73:d4:5e:b7:bf:9a:d0:
         0d:3a:48:07:f1:8f:52:55:a8:40:ee:d8:dd:8d:1e:14:2d:75:
         0f:1c:cf:09:a6:9f:d6:d2:4a:f6:62:cb:41:06:66:3a:4f:9f:
         08:55:b1:df:18:6c:4c:08:29:56:ea:04:83:fa:bd:05:37:e6:
         70:07:6d:92:61:9e:79:d2:9e:db:2f:18:e7:97:c7:c6:50:9b:
         12:7e:2e:b6:15:1f:91:b7:eb:91:06:dd:30:42:7d:26:e4:59:
         d4:c7:49:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA/Nmi3Z5uvoyz320cj4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU2NmUwZWI1ZTVlMjExMDdlNTVmYzk2MGZiMWVlMjE4
NzQ0NzQwHhcNMjYwMzI1MjIwMTAzWhcNMjYwMzI2MjIwMTAzWjAzMTEwLwYDVQQD
EyhhOTNlN2QzODM4YTgyZjQ0MTliMDBhMWI4NzYyOTVjYmZiMmU4ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NoauioDxniRmSCGDWJTGqR7qEPV
5BUhZLhCb5Z1oybRZRYu7o+62sytDP7++0qplElzfOR1svY8ZQCooRrzHzsNE0Cn
DTCrzOma3YJQ2Mliw/S/Rp0k1VVEjhtRKocG9Ef+OBF7hKMJp9U33UFOL9xquZPE
V3NpXBaSS4QbG0etMAwgNlxosC7MhAF1TMzA0FeaMolpcNaEZQeRB3GydHI+owa2
4JgxcJQFEDZ12hXMsPhcknVwrZIiZ5nKtioUhFvyP6b/SY/czgIbTmTtDzMDvdxb
hQYiaU3iKi776+FsqYHxUanOrr4UDipCLVK2rpCV+6vJY5mf80sidfZYFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKk+fTg4qC9EGbAKG4dilcv7Lo+1MB8GA1UdIwQY
MBaAFAnlZuDrXl4hEH5V/JYPse4hh0R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYt
MGFmMWRlOGYxZmYxLzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYtMGFmMWRlOGYxZmYx
LzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABHmeE48+
dBHun00tEQtKEgN3cKVeEZTzNOevDED/7ADuhf5VBm0cnZPrGNtEDcPoGuJo6iZn
kr10WMj26q5ssUbTPAqgm1uSxPSJZ5jyIKoZrzmac+SvCZjRE/JQUqz6cvpey6di
KMWFt+pg1BMvj8oMxxmXbwRPNtKl/t/FihRDf47jELrnMiYXAe/GUW8lwhC7inSD
e5nkCbZz1F63v5rQDTpIB/GPUlWoQO7Y3Y0eFC11DxzPCaaf1tJK9mLLQQZmOk+f
CFWx3xhsTAgpVuoEg/q9BTfmcAdtkmGeedKe2y8Y55fHxlCbEn4uthUfkbfrkQbd
MEJ9JuRZ1MdJUw==
-----END CERTIFICATE-----