Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
File:                     7fBEw2PXiOdDNOE24DzH_R5JohY.mft (raw, json)
Hash identifier:          4lXHNSLJOlBJR0N7+QIWaPprJ7VeYYrGQtXvcNHOBog=
Subject key identifier:   A5:A7:6F:25:10:FB:C1:ED:B7:62:F0:A5:16:06:0E:AB:28:08:ED:FF
Authority key identifier: ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16
Certificate issuer:       /CN=edf044c363d788e74334e136e03cc7fd1e49a216
Certificate serial:       019D2703BBDC0C8C6A00CBC718F72B258F4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
Manifest number:          0AFC
Signing time:             Wed 25 Mar 2026 22:00:49 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:49 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:49 +0000
Files and hashes:         1: 7fBEw2PXiOdDNOE24DzH_R5JohY.crl (hash: 9PcwNUHm7/WmvV8Df1ROOsS7crs1CPmTX6D8wa16NMg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:bb:dc:0c:8c:6a:00:cb:c7:18:f7:2b:25:8f:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edf044c363d788e74334e136e03cc7fd1e49a216
        Validity
            Not Before: Mar 25 22:00:49 2026 GMT
            Not After : Mar 26 22:00:49 2026 GMT
        Subject: CN=a5a76f2510fbc1edb762f0a516060eab2808edff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:82:85:fd:15:a0:6b:20:45:5a:ba:13:ed:91:
                    d5:77:37:a6:89:88:d7:41:ca:5d:9c:fc:e0:a3:ca:
                    1b:38:69:7a:ac:2d:05:01:9d:a4:5e:55:92:6a:82:
                    d4:eb:cd:60:ed:f8:83:3f:c7:17:72:79:6b:cd:d1:
                    00:61:c8:23:56:27:8e:c7:c2:e0:d9:4d:23:4a:19:
                    f8:28:91:c4:cf:0c:10:00:5e:3c:e2:13:aa:0f:a2:
                    5d:bf:41:21:2c:84:30:c5:79:78:13:2b:90:88:9f:
                    78:a3:3b:f7:91:02:a6:2b:57:f6:15:20:68:ed:e2:
                    d3:fb:30:34:44:29:8e:f9:23:ad:3f:5d:04:a3:30:
                    b5:6a:22:f2:02:e8:89:0d:ff:a7:15:ff:49:88:3d:
                    e9:ac:72:e5:2a:75:1d:ab:7b:a6:a4:8a:dc:b0:f4:
                    9b:33:81:94:5f:40:d2:8d:c0:61:e9:f7:58:20:17:
                    46:4b:37:66:1e:09:d1:f2:1d:41:e2:0e:13:8e:34:
                    97:72:cf:5b:ff:22:28:21:13:82:a6:cc:39:21:6d:
                    8c:86:d5:a6:81:cc:56:75:a7:21:8e:4f:16:d2:7f:
                    ea:77:f8:a4:25:98:a8:b4:9a:2e:5d:96:f6:d7:2f:
                    7b:b3:77:a4:12:3b:23:25:7e:d9:b5:7d:5a:4b:ac:
                    24:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:A7:6F:25:10:FB:C1:ED:B7:62:F0:A5:16:06:0E:AB:28:08:ED:FF
            X509v3 Authority Key Identifier:
                keyid:ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:88:ef:93:26:4c:f0:89:f5:86:7f:82:c0:86:68:17:ab:9c:
         43:58:81:65:47:ff:13:30:8e:ae:0e:d1:9f:51:5c:d6:84:34:
         c7:a2:df:d1:1f:e8:3b:4e:9a:0a:7d:65:40:b1:fe:97:fe:80:
         75:33:2e:e0:52:6d:8d:63:80:73:99:c0:08:9a:00:18:07:95:
         a8:07:b9:ef:88:76:ad:ed:a8:a7:c6:a3:79:35:af:39:83:86:
         de:6b:94:d5:90:96:01:a5:a8:7f:4f:1a:0d:e0:ee:dd:6f:90:
         4c:ca:fd:63:54:d4:d9:de:68:ff:82:d7:38:18:eb:ca:39:53:
         e6:b2:e7:78:c8:bf:49:92:d5:b5:b0:ea:36:f2:f3:79:53:07:
         59:fe:92:17:47:6d:c6:48:94:f7:01:ea:38:4c:2b:85:2f:c0:
         3f:a5:8c:f9:df:3c:7d:2d:37:d6:0b:b6:a0:24:75:b1:0d:3a:
         3c:0f:d5:ed:aa:7f:fd:78:93:d9:c7:66:17:bf:c2:41:41:f0:
         97:a5:75:36:e4:7f:46:1a:11:ac:04:03:41:1b:64:ae:2c:13:
         2b:3d:29:a2:70:ac:2c:65:85:65:6b:12:88:ab:fc:4b:67:f2:
         cb:0f:68:31:c2:aa:b4:b1:c1:ce:a5:23:50:48:79:49:1c:a1:
         59:b0:a9:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA7vcDIxqAMvHGPcrJY9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZjA0NGMzNjNkNzg4ZTc0MzM0ZTEzNmUwM2NjN2ZkMWU0
OWEyMTYwHhcNMjYwMzI1MjIwMDQ5WhcNMjYwMzI2MjIwMDQ5WjAzMTEwLwYDVQQD
EyhhNWE3NmYyNTEwZmJjMWVkYjc2MmYwYTUxNjA2MGVhYjI4MDhlZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYKF/RWgayBFWroT7ZHVdzemiYjX
QcpdnPzgo8obOGl6rC0FAZ2kXlWSaoLU681g7fiDP8cXcnlrzdEAYcgjVieOx8Lg
2U0jShn4KJHEzwwQAF484hOqD6Jdv0EhLIQwxXl4EyuQiJ94ozv3kQKmK1f2FSBo
7eLT+zA0RCmO+SOtP10EozC1aiLyAuiJDf+nFf9JiD3prHLlKnUdq3umpIrcsPSb
M4GUX0DSjcBh6fdYIBdGSzdmHgnR8h1B4g4TjjSXcs9b/yIoIROCpsw5IW2MhtWm
gcxWdachjk8W0n/qd/ikJZiotJouXZb21y97s3ekEjsjJX7ZtX1aS6wkVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWnbyUQ+8Htt2LwpRYGDqsoCO3/MB8GA1UdIwQY
MBaAFO3wRMNj14jnQzThNuA8x/0eSaIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQt
MmZlMTU5NGRkYzljLzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQtMmZlMTU5NGRkYzlj
LzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoojvkyZM
8In1hn+CwIZoF6ucQ1iBZUf/EzCOrg7Rn1Fc1oQ0x6Lf0R/oO06aCn1lQLH+l/6A
dTMu4FJtjWOAc5nACJoAGAeVqAe574h2re2op8ajeTWvOYOG3muU1ZCWAaWof08a
DeDu3W+QTMr9Y1TU2d5o/4LXOBjryjlT5rLneMi/SZLVtbDqNvLzeVMHWf6SF0dt
xkiU9wHqOEwrhS/AP6WM+d88fS031gu2oCR1sQ06PA/V7ap//XiT2cdmF7/CQUHw
l6V1NuR/RhoRrAQDQRtkriwTKz0ponCsLGWFZWsSiKv8S2fyyw9oMcKqtLHBzqUj
UEh5SRyhWbCpmA==
-----END CERTIFICATE-----