Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          1NHjIfEDySI2Ud1uy2oEyabVC6KZmO95r6UHzfMHPnc=
Subject key identifier:   7B:B7:31:A1:59:4C:D8:30:EC:B6:EE:27:24:73:00:CD:98:DC:38:45
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       019D2703E51746312718E21D15709CE757CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          0B67
Signing time:             Wed 25 Mar 2026 22:00:59 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:59 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:59 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: lVd1u3HD1OARPl49SNXc0egq1wmi0SCOXEd9WdeXcpQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:e5:17:46:31:27:18:e2:1d:15:70:9c:e7:57:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: Mar 25 22:00:59 2026 GMT
            Not After : Mar 26 22:00:59 2026 GMT
        Subject: CN=7bb731a1594cd830ecb6ee27247300cd98dc3845
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ae:aa:de:98:0b:de:a7:e1:ba:d1:d3:35:e6:
                    5e:4f:c0:84:29:53:1d:b4:c0:af:bf:1a:51:ee:74:
                    72:34:e5:a5:d7:80:2c:06:9d:56:14:d1:1a:08:9e:
                    5c:07:dd:27:44:5c:fa:cc:77:ea:f6:ae:b9:9f:18:
                    ef:c1:0d:7e:e4:04:f5:ef:95:b2:c0:c6:75:d4:c8:
                    81:ec:af:76:a1:82:a7:48:35:51:01:b4:e3:d9:72:
                    27:60:79:36:c8:4c:7d:38:a8:96:f9:85:b4:a6:2e:
                    10:71:7c:21:67:1b:f0:8f:80:25:ed:71:fa:31:b7:
                    2e:f0:03:4d:97:6b:86:f7:0d:76:7a:36:91:9b:38:
                    d9:0f:53:88:ff:77:f3:2f:99:fd:e2:73:cf:7d:ea:
                    08:9b:f6:87:d0:04:3f:e9:4a:45:d4:52:b8:60:7a:
                    b2:7b:f3:f7:19:d5:47:a3:8f:0f:36:3d:4d:2f:f7:
                    a5:87:86:6f:01:ed:35:6d:3d:ae:44:5f:68:54:a2:
                    37:0b:16:fd:58:e6:c3:d4:98:da:1e:8c:8b:49:88:
                    bd:5a:3c:1e:c1:bf:53:7a:7f:e4:7c:0a:ba:9d:9e:
                    3d:c4:84:28:f0:a1:48:b0:54:10:20:17:d8:7b:a8:
                    75:71:7c:38:cf:c4:b0:f8:d8:0c:b1:d0:6d:67:e5:
                    d2:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:B7:31:A1:59:4C:D8:30:EC:B6:EE:27:24:73:00:CD:98:DC:38:45
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:fb:55:8a:e5:d3:10:f4:33:3d:42:c6:d6:c2:f5:5d:b5:2f:
         89:4c:28:2b:d5:65:de:5b:f0:d5:55:6a:a5:5c:dc:b4:b0:a5:
         d4:5b:77:a5:e4:14:9b:9f:15:4f:3a:d6:1a:49:8d:ad:ba:33:
         60:a5:d1:6f:0d:51:ae:f9:e9:fe:ed:98:e5:fc:30:6a:c2:88:
         1e:a4:74:5d:d3:c3:ba:44:13:af:20:b9:b2:7b:f3:00:d3:f3:
         99:9f:48:dd:90:e6:08:53:f1:e9:36:4d:3d:14:ea:4e:8d:5e:
         14:56:b1:d6:4c:f4:9f:2c:5d:4b:b5:13:1c:8b:5c:83:0b:6f:
         75:41:c2:ab:e3:c8:5b:1a:c6:19:49:2d:ba:c6:ef:55:06:55:
         43:19:97:2a:fb:7e:8b:8b:0f:86:e7:6a:ca:fa:ec:46:6b:12:
         24:e1:e0:38:0a:e7:4d:58:81:5a:b4:37:e8:be:6e:97:61:3f:
         dd:6f:f2:76:75:ee:d1:80:3f:e2:45:3a:96:71:9f:88:cd:c7:
         17:1c:41:23:80:9e:48:90:f4:b1:37:f1:78:ad:66:a6:13:bb:
         df:17:29:e1:fe:08:87:6f:79:f8:b8:9b:51:0a:1e:ac:fb:34:
         fc:63:a6:06:3e:8e:8e:03:60:36:03:90:6b:cc:cb:d1:14:bd:
         28:4c:1c:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA+UXRjEnGOIdFXCc51fNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjYwMzI1MjIwMDU5WhcNMjYwMzI2MjIwMDU5WjAzMTEwLwYDVQQD
Eyg3YmI3MzFhMTU5NGNkODMwZWNiNmVlMjcyNDczMDBjZDk4ZGMzODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2K6q3pgL3qfhutHTNeZeT8CEKVMd
tMCvvxpR7nRyNOWl14AsBp1WFNEaCJ5cB90nRFz6zHfq9q65nxjvwQ1+5AT175Wy
wMZ11MiB7K92oYKnSDVRAbTj2XInYHk2yEx9OKiW+YW0pi4QcXwhZxvwj4Al7XH6
Mbcu8ANNl2uG9w12ejaRmzjZD1OI/3fzL5n94nPPfeoIm/aH0AQ/6UpF1FK4YHqy
e/P3GdVHo48PNj1NL/elh4ZvAe01bT2uRF9oVKI3Cxb9WObD1JjaHoyLSYi9Wjwe
wb9Ten/kfAq6nZ49xIQo8KFIsFQQIBfYe6h1cXw4z8Sw+NgMsdBtZ+XSwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHu3MaFZTNgw7LbuJyRzAM2Y3DhFMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhPtViuXT
EPQzPULG1sL1XbUviUwoK9Vl3lvw1VVqpVzctLCl1Ft3peQUm58VTzrWGkmNrboz
YKXRbw1Rrvnp/u2Y5fwwasKIHqR0XdPDukQTryC5snvzANPzmZ9I3ZDmCFPx6TZN
PRTqTo1eFFax1kz0nyxdS7UTHItcgwtvdUHCq+PIWxrGGUktusbvVQZVQxmXKvt+
i4sPhudqyvrsRmsSJOHgOArnTViBWrQ36L5ul2E/3W/ydnXu0YA/4kU6lnGfiM3H
FxxBI4CeSJD0sTfxeK1mphO73xcp4f4Ih295+LibUQoerPs0/GOmBj6OjgNgNgOQ
a8zL0RS9KEwcXQ==
-----END CERTIFICATE-----