Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
File:                     ehKIruzRFJyedF-YZT5okK-iU6s.mft (raw, json)
Hash identifier:          ZwIgTkNqQyxwisMPHqzxGTkkjv1i+m9jWKvM5AmT7gw=
Subject key identifier:   14:F5:66:FB:36:84:78:4B:A1:DE:D1:E5:F7:C5:D4:96:C8:92:CB:82
Authority key identifier: 7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB
Certificate issuer:       /CN=7a1288aeecd1149c9e745f98653e6890afa253ab
Certificate serial:       019D29976BD2FDBC1DF403A134B83EDFCA83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
Manifest number:          0375
Signing time:             Thu 26 Mar 2026 10:01:22 +0000
Manifest this update:     Thu 26 Mar 2026 10:01:22 +0000
Manifest next update:     Fri 27 Mar 2026 10:01:22 +0000
Files and hashes:         1: ehKIruzRFJyedF-YZT5okK-iU6s.crl (hash: YeMVHRyYrnv17WybRmJUxV2H0WE+2ef0MyAo51EbGKw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:97:6b:d2:fd:bc:1d:f4:03:a1:34:b8:3e:df:ca:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a1288aeecd1149c9e745f98653e6890afa253ab
        Validity
            Not Before: Mar 26 10:01:22 2026 GMT
            Not After : Mar 27 10:01:22 2026 GMT
        Subject: CN=14f566fb3684784ba1ded1e5f7c5d496c892cb82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:2a:f8:78:69:39:4d:74:04:83:16:16:8e:0b:
                    90:c5:e6:97:56:0b:d3:e6:d2:c7:35:a2:03:92:0f:
                    c5:41:20:76:1f:60:df:b8:c2:ee:9f:9d:d9:80:22:
                    ff:44:d7:d8:cd:03:6c:db:90:81:0b:00:a9:1c:52:
                    49:0b:d2:d2:03:db:1b:e1:60:8f:18:0c:28:1f:0b:
                    1f:6f:25:19:82:89:4b:51:c8:b0:ef:26:5c:4e:9d:
                    60:30:1c:5d:20:7b:b8:ba:29:54:97:15:67:3d:e8:
                    4a:34:3e:9c:0a:06:55:b3:65:de:89:1a:30:95:fe:
                    6b:bf:0d:45:ae:ed:f9:1f:ea:49:d1:ad:ce:3e:72:
                    1b:07:ad:78:09:66:28:7f:c7:e8:91:5a:32:9e:e4:
                    ff:52:21:7b:ce:11:01:93:38:13:05:4c:5b:90:3c:
                    69:95:02:b6:dc:71:25:33:4c:43:de:84:6c:dc:9e:
                    8a:c5:ad:fd:f2:0a:63:f2:dd:a3:36:3c:49:63:22:
                    6e:d0:61:e0:a1:e6:e8:ab:62:e8:c1:8b:5b:4a:ae:
                    d8:24:b0:c3:22:bd:b8:a1:3d:eb:71:50:56:13:31:
                    cd:76:4d:89:fe:eb:76:27:0e:11:cf:0c:72:66:43:
                    d8:c2:9a:74:7d:c1:6d:7c:2f:8d:b6:45:da:f6:84:
                    7d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:F5:66:FB:36:84:78:4B:A1:DE:D1:E5:F7:C5:D4:96:C8:92:CB:82
            X509v3 Authority Key Identifier:
                keyid:7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:25:c1:86:85:0b:5c:99:00:b3:22:0c:fd:f4:03:5a:a0:5f:
         b8:36:eb:aa:1a:e0:2a:06:33:80:76:c4:de:ed:25:a3:ff:4c:
         89:b5:5e:e1:41:cb:a7:3d:42:6d:0a:f1:00:81:da:d3:37:75:
         99:20:64:41:51:61:c2:c7:22:53:02:61:80:3d:09:30:98:aa:
         87:ae:29:bd:62:c2:e0:ea:ea:0c:db:89:ea:c3:b4:38:3e:ff:
         10:22:5c:32:71:c9:3a:31:d5:11:14:8e:63:0a:0f:fb:7f:cb:
         ad:79:66:23:16:40:b3:75:b2:0c:f4:7c:89:7d:46:76:34:4e:
         18:60:20:1d:80:e0:db:79:ef:b7:30:f1:5b:ce:5d:db:73:97:
         d9:1a:9a:50:2d:c6:4d:db:ea:80:aa:ff:04:48:dd:43:e0:4d:
         c9:c2:61:30:3f:8b:f9:b3:fe:c0:6d:7b:4e:0b:fa:e0:67:88:
         5d:ee:77:ef:ca:02:fb:97:d0:ff:32:70:ae:e7:13:35:b4:6f:
         a5:3a:a3:5b:91:33:a0:7a:e4:cf:5c:43:7b:f2:ee:22:4e:dd:
         7a:9e:5d:04:71:8c:28:3e:e6:3b:e9:f7:52:d0:5e:04:c4:2e:
         37:d5:5e:75:a2:b5:4b:f6:fa:3a:20:85:58:b0:78:c4:31:58:
         ee:31:0a:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl2vS/bwd9AOhNLg+38qDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTI4OGFlZWNkMTE0OWM5ZTc0NWY5ODY1M2U2ODkwYWZh
MjUzYWIwHhcNMjYwMzI2MTAwMTIyWhcNMjYwMzI3MTAwMTIyWjAzMTEwLwYDVQQD
EygxNGY1NjZmYjM2ODQ3ODRiYTFkZWQxZTVmN2M1ZDQ5NmM4OTJjYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyr4eGk5TXQEgxYWjguQxeaXVgvT
5tLHNaIDkg/FQSB2H2DfuMLun53ZgCL/RNfYzQNs25CBCwCpHFJJC9LSA9sb4WCP
GAwoHwsfbyUZgolLUciw7yZcTp1gMBxdIHu4uilUlxVnPehKND6cCgZVs2XeiRow
lf5rvw1Fru35H+pJ0a3OPnIbB614CWYof8fokVoynuT/UiF7zhEBkzgTBUxbkDxp
lQK23HElM0xD3oRs3J6Kxa398gpj8t2jNjxJYyJu0GHgoeboq2LowYtbSq7YJLDD
Ir24oT3rcVBWEzHNdk2J/ut2Jw4RzwxyZkPYwpp0fcFtfC+NtkXa9oR98wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBT1Zvs2hHhLod7R5ffF1JbIksuCMB8GA1UdIwQY
MBaAFHoSiK7s0RScnnRfmGU+aJCvolOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAt
OGUyMDI3Njk1ZDA3LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAtOGUyMDI3Njk1ZDA3
LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALyXBhoUL
XJkAsyIM/fQDWqBfuDbrqhrgKgYzgHbE3u0lo/9MibVe4UHLpz1CbQrxAIHa0zd1
mSBkQVFhwsciUwJhgD0JMJiqh64pvWLC4OrqDNuJ6sO0OD7/ECJcMnHJOjHVERSO
YwoP+3/LrXlmIxZAs3WyDPR8iX1GdjROGGAgHYDg23nvtzDxW85d23OX2RqaUC3G
TdvqgKr/BEjdQ+BNycJhMD+L+bP+wG17Tgv64GeIXe5378oC+5fQ/zJwrucTNbRv
pTqjW5EzoHrkz1xDe/LuIk7dep5dBHGMKD7mO+n3UtBeBMQuN9VedaK1S/b6OiCF
WLB4xDFY7jEKvA==
-----END CERTIFICATE-----