Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          OmJDCpgGHf5sBg2COyn0UkmzPtnbD7ekvgswUp4PAfM=
Subject key identifier:   45:2A:B5:92:0C:19:34:5E:2D:9A:EC:B7:C7:1A:DF:95:56:4A:32:07
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       019E1E354F0B96E888C36F3C4AFDE6D9FBAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          0BE7
Signing time:             Tue 12 May 2026 22:01:10 +0000
Manifest this update:     Tue 12 May 2026 22:01:10 +0000
Manifest next update:     Wed 13 May 2026 22:01:10 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: Djt4Bq5pnPj2dvKqR2aUZKr6RmT4sJt+lbXduIwpC8I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:4f:0b:96:e8:88:c3:6f:3c:4a:fd:e6:d9:fb:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: May 12 22:01:10 2026 GMT
            Not After : May 13 22:01:10 2026 GMT
        Subject: CN=452ab5920c19345e2d9aecb7c71adf95564a3207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:60:9e:50:f4:2d:af:5f:d9:9c:de:40:93:23:
                    7a:79:6d:c7:07:0b:3d:ca:27:62:d3:e8:db:8e:5c:
                    c1:bb:5a:5d:d9:cd:78:7e:49:d9:80:9c:71:af:a9:
                    ae:34:fc:36:4e:af:a0:ea:33:23:5c:b8:df:c3:6e:
                    c0:68:61:95:99:1a:66:41:c5:d2:78:77:11:ef:03:
                    1e:d7:74:5f:77:ba:8d:ad:5d:89:ce:5a:35:13:73:
                    9d:ad:db:67:76:64:53:c0:e0:d6:0c:8c:dc:79:7c:
                    02:bd:95:28:df:0c:96:f1:51:43:5d:7d:2e:51:67:
                    42:7d:7d:38:f0:3c:20:4a:d9:eb:a6:77:74:31:a1:
                    b2:21:f8:bb:25:4d:59:2d:a6:1e:d9:16:5c:d6:f5:
                    80:17:0b:bc:28:38:20:e1:ea:d8:3e:7d:af:5e:a9:
                    c5:18:43:bf:ba:1f:07:c6:11:d2:72:23:25:fb:93:
                    9a:d4:aa:00:36:fc:21:c3:08:4d:93:30:e1:c6:3c:
                    9a:f1:fc:76:c7:b7:e3:84:f9:e3:fa:1a:97:f6:71:
                    be:30:d6:32:97:cf:9e:ae:59:33:36:6a:72:25:da:
                    0a:ad:fa:f4:58:46:b2:ab:4f:79:3d:5a:d0:d2:7e:
                    31:cd:b7:20:20:9e:96:27:b8:c4:74:7a:28:df:ce:
                    fc:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:2A:B5:92:0C:19:34:5E:2D:9A:EC:B7:C7:1A:DF:95:56:4A:32:07
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:08:3d:a8:33:95:0d:d3:b5:ec:e7:23:51:74:04:82:0e:33:
         ca:9d:b3:a0:48:84:9d:1f:2f:d4:c1:bb:a4:b5:eb:83:ec:5e:
         6b:dc:75:ee:bb:a8:80:e4:5f:90:e7:e0:cf:7d:76:a6:52:13:
         20:a9:a8:1b:d0:28:9c:46:b1:f4:ea:0e:c4:5e:22:4d:6f:66:
         95:c5:60:03:f9:02:5d:63:b5:59:31:42:73:c0:36:7c:f1:4d:
         e6:92:bc:a6:53:d5:54:0d:4a:8b:1b:e8:dd:64:59:f4:6d:7c:
         4b:af:c3:42:a4:c0:0b:47:ce:06:c2:96:d8:3c:60:96:05:1d:
         08:96:fe:61:3e:52:fe:27:ec:db:d6:8f:f0:96:07:6d:9a:18:
         1d:92:5f:f9:2b:da:49:19:1b:5d:8e:42:55:30:4e:0d:15:45:
         73:e2:f1:51:b7:5f:6f:3c:82:94:df:23:1c:81:ec:82:be:08:
         08:37:a5:55:a0:1f:52:70:03:8a:0e:d1:dd:f4:ba:2a:bc:c4:
         e8:0a:d0:ae:d7:53:69:66:6e:6e:e2:46:b1:54:c7:90:88:e5:
         c3:b2:4e:47:ce:c1:03:c1:4c:36:05:95:6c:cb:fe:f8:c9:29:
         39:c6:65:68:1c:0a:b5:85:a6:de:78:13:93:d1:17:3e:e2:b8:
         25:b1:e0:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNU8LluiIw288Sv3m2fuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjYwNTEyMjIwMTEwWhcNMjYwNTEzMjIwMTEwWjAzMTEwLwYDVQQD
Eyg0NTJhYjU5MjBjMTkzNDVlMmQ5YWVjYjdjNzFhZGY5NTU2NGEzMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2CeUPQtr1/ZnN5AkyN6eW3HBws9
yidi0+jbjlzBu1pd2c14fknZgJxxr6muNPw2Tq+g6jMjXLjfw27AaGGVmRpmQcXS
eHcR7wMe13Rfd7qNrV2Jzlo1E3OdrdtndmRTwODWDIzceXwCvZUo3wyW8VFDXX0u
UWdCfX048DwgStnrpnd0MaGyIfi7JU1ZLaYe2RZc1vWAFwu8KDgg4erYPn2vXqnF
GEO/uh8HxhHSciMl+5Oa1KoANvwhwwhNkzDhxjya8fx2x7fjhPnj+hqX9nG+MNYy
l8+erlkzNmpyJdoKrfr0WEayq095PVrQ0n4xzbcgIJ6WJ7jEdHoo3878SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUqtZIMGTReLZrst8ca35VWSjIHMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZQg9qDOV
DdO17OcjUXQEgg4zyp2zoEiEnR8v1MG7pLXrg+xea9x17ruogORfkOfgz312plIT
IKmoG9AonEax9OoOxF4iTW9mlcVgA/kCXWO1WTFCc8A2fPFN5pK8plPVVA1Kixvo
3WRZ9G18S6/DQqTAC0fOBsKW2DxglgUdCJb+YT5S/ifs29aP8JYHbZoYHZJf+Sva
SRkbXY5CVTBODRVFc+LxUbdfbzyClN8jHIHsgr4ICDelVaAfUnADig7R3fS6KrzE
6ArQrtdTaWZubuJGsVTHkIjlw7JOR87BA8FMNgWVbMv++MkpOcZlaBwKtYWm3ngT
k9EXPuK4JbHgAQ==
-----END CERTIFICATE-----