Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
File:                     eYCaQAStlYNQpkbViavLPP3z7S4.mft (raw, json)
Hash identifier:          Uo5k8hPsKvh/Qej66Qhxzn9+5WiYLfgeXjAILtN4Zs8=
Subject key identifier:   24:40:4F:03:8C:5A:E7:86:4A:8D:16:31:A2:B2:C7:7F:48:A2:C9:C8
Authority key identifier: 79:80:9A:40:04:AD:95:83:50:A6:46:D5:89:AB:CB:3C:FD:F3:ED:2E
Certificate issuer:       /CN=79809a4004ad958350a646d589abcb3cfdf3ed2e
Certificate serial:       019D29CE4CE00D5865674F95AE880A04DB7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
Manifest number:          0A0A
Signing time:             Thu 26 Mar 2026 11:01:18 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:18 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:18 +0000
Files and hashes:         1: eYCaQAStlYNQpkbViavLPP3z7S4.crl (hash: EI8D6SYAkzEcAErS7Qc7LHXbBmWEEs/pMUQn5ieSjU0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:4c:e0:0d:58:65:67:4f:95:ae:88:0a:04:db:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79809a4004ad958350a646d589abcb3cfdf3ed2e
        Validity
            Not Before: Mar 26 11:01:18 2026 GMT
            Not After : Mar 27 11:01:18 2026 GMT
        Subject: CN=24404f038c5ae7864a8d1631a2b2c77f48a2c9c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:35:75:4b:39:b5:e9:1a:b0:6d:f1:5a:b8:3e:
                    3b:de:f6:61:55:4b:85:cf:e9:a6:6c:06:18:bd:7e:
                    4b:58:e6:21:89:60:b2:04:68:73:c7:e1:9b:ab:56:
                    ac:f2:4c:d2:ab:6c:2f:39:b9:f0:ca:2a:f3:88:34:
                    d7:89:30:f7:9d:0e:1f:f4:13:fc:3e:7d:cf:04:4e:
                    9e:b9:53:11:cc:16:f7:38:a5:a1:0c:5e:d3:bc:27:
                    e2:5f:46:ce:47:15:ef:4a:82:a6:63:5a:8d:77:9e:
                    ea:53:45:63:9e:06:99:6f:d2:ef:4a:1c:20:12:59:
                    a7:1d:2e:d9:45:40:6c:7c:04:2f:f0:f1:fe:0d:32:
                    0e:5d:aa:a4:44:2c:b2:8c:d2:5b:3e:1b:20:3b:14:
                    7f:ac:fe:a1:2b:bd:e0:15:13:88:9a:7e:a0:4f:78:
                    99:54:ad:15:8f:09:ab:e7:4e:3d:38:a3:1a:ec:01:
                    93:95:0a:af:0b:27:fa:a3:4c:ab:ea:00:ae:96:6c:
                    7d:c9:b1:b0:17:b4:34:28:96:a9:e6:37:36:ca:47:
                    74:2f:3e:29:e1:df:e6:b6:23:10:76:a3:ba:8f:87:
                    2c:ca:0e:ec:21:67:37:92:f7:e4:29:82:d9:40:95:
                    6b:8f:ce:f0:ee:a1:3a:6b:f9:18:be:88:41:ea:4b:
                    f3:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:40:4F:03:8C:5A:E7:86:4A:8D:16:31:A2:B2:C7:7F:48:A2:C9:C8
            X509v3 Authority Key Identifier:
                keyid:79:80:9A:40:04:AD:95:83:50:A6:46:D5:89:AB:CB:3C:FD:F3:ED:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:48:21:8b:b6:70:05:8f:26:77:a1:d8:66:1f:a7:5c:70:40:
         70:d7:ec:23:07:c0:a1:b3:63:21:3c:04:e9:e9:58:b3:64:32:
         48:ce:b7:0d:ff:2d:77:21:b6:08:0f:75:76:90:22:89:cb:c8:
         e5:ae:a0:48:c7:52:5e:7d:87:1a:a4:95:bb:62:a9:bd:33:b2:
         8a:0c:4c:ff:f1:5a:c4:41:31:67:ba:a9:7a:f7:59:3a:04:d6:
         94:6e:4c:53:a1:65:5c:6c:90:a2:2d:d3:56:ee:57:e1:e0:d4:
         67:66:44:d3:6d:42:ac:08:0f:f1:8f:6b:c8:2a:83:f7:16:08:
         51:ce:5d:f9:85:3e:88:6b:da:6c:de:1e:fc:4f:e1:b2:06:31:
         32:8c:7a:d4:d3:c9:d6:f0:4f:6e:d0:ad:18:99:47:6b:5a:c4:
         25:01:c6:3e:7d:06:06:21:55:1b:9a:13:d9:f5:5e:dc:c8:60:
         ba:92:71:61:2e:18:a6:05:cc:78:75:c9:8c:08:90:0b:b2:75:
         6b:83:8a:d7:1d:60:2f:06:14:7a:76:08:4b:aa:ee:1e:8f:81:
         8b:92:b0:b9:3b:54:ec:c8:ff:a1:44:a9:88:ac:f0:31:23:08:
         af:61:e9:50:f7:05:19:33:8e:7b:78:84:44:61:13:9a:af:bd:
         64:9c:4a:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzkzgDVhlZ0+VrogKBNt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ODA5YTQwMDRhZDk1ODM1MGE2NDZkNTg5YWJjYjNjZmRm
M2VkMmUwHhcNMjYwMzI2MTEwMTE4WhcNMjYwMzI3MTEwMTE4WjAzMTEwLwYDVQQD
EygyNDQwNGYwMzhjNWFlNzg2NGE4ZDE2MzFhMmIyYzc3ZjQ4YTJjOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzV1Szm16RqwbfFauD473vZhVUuF
z+mmbAYYvX5LWOYhiWCyBGhzx+Gbq1as8kzSq2wvObnwyirziDTXiTD3nQ4f9BP8
Pn3PBE6euVMRzBb3OKWhDF7TvCfiX0bORxXvSoKmY1qNd57qU0VjngaZb9LvShwg
ElmnHS7ZRUBsfAQv8PH+DTIOXaqkRCyyjNJbPhsgOxR/rP6hK73gFROImn6gT3iZ
VK0Vjwmr5049OKMa7AGTlQqvCyf6o0yr6gCulmx9ybGwF7Q0KJap5jc2ykd0Lz4p
4d/mtiMQdqO6j4csyg7sIWc3kvfkKYLZQJVrj87w7qE6a/kYvohB6kvzKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRATwOMWueGSo0WMaKyx39IosnIMB8GA1UdIwQY
MBaAFHmAmkAErZWDUKZG1Ymryzz98+0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81YjQ1ZjgtOWEzMC00MWQzLWI2MTEt
ZDVhYTY0NzdlZmRlLzEvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81YjQ1ZjgtOWEzMC00MWQzLWI2MTEtZDVhYTY0NzdlZmRl
LzEvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk0ghi7Zw
BY8md6HYZh+nXHBAcNfsIwfAobNjITwE6elYs2QySM63Df8tdyG2CA91dpAiicvI
5a6gSMdSXn2HGqSVu2KpvTOyigxM//FaxEExZ7qpevdZOgTWlG5MU6FlXGyQoi3T
Vu5X4eDUZ2ZE021CrAgP8Y9ryCqD9xYIUc5d+YU+iGvabN4e/E/hsgYxMox61NPJ
1vBPbtCtGJlHa1rEJQHGPn0GBiFVG5oT2fVe3MhgupJxYS4YpgXMeHXJjAiQC7J1
a4OK1x1gLwYUenYIS6ruHo+Bi5KwuTtU7Mj/oUSpiKzwMSMIr2HpUPcFGTOOe3iE
RGETmq+9ZJxKdQ==
-----END CERTIFICATE-----