Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft
File:                     egadopx7Yd3rzAUk_QjlTf80wWg.mft (raw, json)
Hash identifier:          Exgw2eiGfGr+QQR88ie9+YLbFX4BagJFXRFxl4FnEcw=
Subject key identifier:   C0:AA:12:8B:F9:DF:3A:2A:2D:53:26:CE:F2:2D:C0:23:FC:1D:81:5D
Authority key identifier: 7A:06:9D:A2:9C:7B:61:DD:EB:CC:05:24:FD:08:E5:4D:FF:34:C1:68
Certificate issuer:       /CN=7a069da29c7b61ddebcc0524fd08e54dff34c168
Certificate serial:       019D2703E642E1CE50D31152BB41B5B166DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/egadopx7Yd3rzAUk_QjlTf80wWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:01:00 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:00 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:00 +0000
Files and hashes:         1: egadopx7Yd3rzAUk_QjlTf80wWg.crl (hash: z4bnoMLoO+1J6AOKQdkOQf4zRGlY0bGtsenTbyGigNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/egadopx7Yd3rzAUk_QjlTf80wWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:e6:42:e1:ce:50:d3:11:52:bb:41:b5:b1:66:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a069da29c7b61ddebcc0524fd08e54dff34c168
        Validity
            Not Before: Mar 25 22:01:00 2026 GMT
            Not After : Mar 26 22:01:00 2026 GMT
        Subject: CN=c0aa128bf9df3a2a2d5326cef22dc023fc1d815d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:13:6a:71:1a:44:d8:90:4e:e4:f9:74:40:87:
                    6a:be:e7:b7:51:08:52:2d:a4:5c:94:65:d1:74:67:
                    d1:60:23:9d:84:fb:3c:ca:39:08:d3:9b:8e:b4:ae:
                    3d:7d:5f:45:06:46:36:e7:9e:d4:36:d5:73:fe:e3:
                    96:dd:3f:75:61:77:37:be:2b:ce:4d:22:b3:f1:cf:
                    eb:a0:8a:22:3e:9b:f8:d5:ce:19:29:9f:f0:1d:f6:
                    be:36:f3:0f:1e:70:d1:1e:61:e2:f5:8d:18:be:20:
                    4f:ad:2a:90:17:1b:40:b0:b8:c5:59:c3:d6:ad:2a:
                    c8:f4:26:47:ea:71:1c:ba:63:11:66:65:9f:5d:00:
                    9c:b1:92:eb:9f:79:41:85:bf:54:8b:37:91:6a:10:
                    cb:0d:10:bb:15:6a:38:c6:8f:94:07:b3:52:e6:06:
                    d4:a6:86:c6:cd:e1:34:32:ee:82:f8:b5:63:62:49:
                    a9:05:e8:46:50:91:e9:7d:c2:ed:db:00:3e:96:85:
                    04:9c:53:c3:65:ff:70:44:72:fc:04:1b:c5:e8:4a:
                    cf:4a:12:ce:ca:23:38:30:69:c9:1d:c9:1d:64:62:
                    f1:10:92:85:b6:74:5c:59:dd:27:b3:7b:b7:c5:03:
                    ac:df:9c:13:2f:68:3e:b0:28:e3:21:eb:38:02:fb:
                    9e:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:AA:12:8B:F9:DF:3A:2A:2D:53:26:CE:F2:2D:C0:23:FC:1D:81:5D
            X509v3 Authority Key Identifier:
                keyid:7A:06:9D:A2:9C:7B:61:DD:EB:CC:05:24:FD:08:E5:4D:FF:34:C1:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egadopx7Yd3rzAUk_QjlTf80wWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:63:4f:81:ad:ad:2e:48:b9:8d:b0:1a:8f:f9:6e:7d:c6:94:
         ad:dc:c9:b7:92:cb:c2:72:36:29:b3:cd:d9:cb:ec:89:c9:68:
         25:0c:4c:b4:a2:f6:62:4b:74:c5:6b:d5:df:f9:97:28:73:d9:
         37:53:76:0c:4d:c3:16:f6:17:2a:24:aa:3f:df:0c:4d:28:81:
         d8:4c:17:fa:7d:2b:8b:7a:15:99:ef:6f:2b:89:88:48:01:68:
         0b:ca:92:e5:79:aa:95:92:0b:aa:bf:7e:d1:4b:97:eb:21:88:
         62:e1:6b:c9:c1:b0:4f:14:7c:be:c3:a4:93:f9:c1:60:86:4f:
         8a:0d:fd:07:a3:56:7a:44:cd:5a:5f:87:4e:af:c7:d5:e7:f0:
         48:d8:db:8f:a7:2b:d6:8a:fe:35:c5:0c:99:88:2c:19:ae:bb:
         a7:f3:af:9b:50:a2:a5:2a:9e:35:17:fe:90:45:09:2f:8d:78:
         cf:d1:1f:c1:5e:00:ce:4d:a3:44:7c:3f:48:93:de:5e:ef:20:
         67:78:9e:28:ae:ae:c5:5c:44:50:55:02:f9:ee:26:bc:6b:dd:
         af:42:56:fc:8c:13:d8:52:98:c0:f1:95:3f:eb:29:66:5a:0d:
         e7:85:60:ee:e6:4f:f8:d4:92:6c:cf:44:39:3b:50:3a:74:76:
         5c:99:ea:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA+ZC4c5Q0xFSu0G1sWbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMDY5ZGEyOWM3YjYxZGRlYmNjMDUyNGZkMDhlNTRkZmYz
NGMxNjgwHhcNMjYwMzI1MjIwMTAwWhcNMjYwMzI2MjIwMTAwWjAzMTEwLwYDVQQD
EyhjMGFhMTI4YmY5ZGYzYTJhMmQ1MzI2Y2VmMjJkYzAyM2ZjMWQ4MTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RNqcRpE2JBO5Pl0QIdqvue3UQhS
LaRclGXRdGfRYCOdhPs8yjkI05uOtK49fV9FBkY2557UNtVz/uOW3T91YXc3vivO
TSKz8c/roIoiPpv41c4ZKZ/wHfa+NvMPHnDRHmHi9Y0YviBPrSqQFxtAsLjFWcPW
rSrI9CZH6nEcumMRZmWfXQCcsZLrn3lBhb9UizeRahDLDRC7FWo4xo+UB7NS5gbU
pobGzeE0Mu6C+LVjYkmpBehGUJHpfcLt2wA+loUEnFPDZf9wRHL8BBvF6ErPShLO
yiM4MGnJHckdZGLxEJKFtnRcWd0ns3u3xQOs35wTL2g+sCjjIes4AvueBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCqEov53zoqLVMmzvItwCP8HYFdMB8GA1UdIwQY
MBaAFHoGnaKce2Hd68wFJP0I5U3/NMFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdhZG9weDdZZDNyekFVa19RamxUZjgwd1dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82MDM5ZTgtMmQ2OC00MzEwLWEzYWMt
NGJmZWZlNDE2ZjI2LzEvZWdhZG9weDdZZDNyekFVa19RamxUZjgwd1dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82MDM5ZTgtMmQ2OC00MzEwLWEzYWMtNGJmZWZlNDE2ZjI2
LzEvZWdhZG9weDdZZDNyekFVa19RamxUZjgwd1dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcWNPga2t
Lki5jbAaj/lufcaUrdzJt5LLwnI2KbPN2cvsicloJQxMtKL2Ykt0xWvV3/mXKHPZ
N1N2DE3DFvYXKiSqP98MTSiB2EwX+n0ri3oVme9vK4mISAFoC8qS5XmqlZILqr9+
0UuX6yGIYuFrycGwTxR8vsOkk/nBYIZPig39B6NWekTNWl+HTq/H1efwSNjbj6cr
1or+NcUMmYgsGa67p/Ovm1CipSqeNRf+kEUJL414z9EfwV4Azk2jRHw/SJPeXu8g
Z3ieKK6uxVxEUFUC+e4mvGvdr0JW/IwT2FKYwPGVP+spZloN54Vg7uZP+NSSbM9E
OTtQOnR2XJnqZw==
-----END CERTIFICATE-----