Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          8OFyjoZ1HqJ1k3wBd875vlfWOGjRWvjrQpYts8dDVQ0=
Subject key identifier:   9C:37:3C:D5:0A:7E:2B:80:72:F4:1D:35:27:60:39:A3:CD:11:05:C7
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       019D38D30AD41E553A93E5DAF12F84B63A0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0EF6
Signing time:             Sun 29 Mar 2026 09:00:48 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:48 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:48 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: kFRzCxFVagL0oMGp8xOyDvErl+RtuTENtcDHNTTdu+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:0a:d4:1e:55:3a:93:e5:da:f1:2f:84:b6:3a:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: Mar 29 09:00:48 2026 GMT
            Not After : Mar 30 09:00:48 2026 GMT
        Subject: CN=9c373cd50a7e2b8072f41d35276039a3cd1105c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:80:9f:22:a6:df:9f:46:df:66:49:2f:63:fd:
                    08:91:b0:cb:ce:6b:c3:59:66:d6:36:e1:9d:4e:98:
                    00:ce:02:18:82:4b:95:4b:97:af:a5:dc:f2:a2:f8:
                    96:1f:cd:da:f4:e0:bc:bf:cf:73:89:6e:c7:57:25:
                    3a:14:8b:27:a0:17:54:c4:b3:b0:11:ac:de:2b:c3:
                    f6:52:13:17:29:a9:bc:e0:af:ff:16:25:bf:b8:8a:
                    9a:f2:8c:94:cc:b5:ff:83:07:1f:51:44:aa:c0:70:
                    b1:86:28:b5:9c:53:0e:ec:52:6a:73:a3:cc:95:c5:
                    01:3d:8e:15:35:12:c9:9f:c7:a6:27:e5:0d:74:96:
                    19:89:b1:eb:a7:57:b8:fa:f4:9f:41:9b:e5:79:1c:
                    20:58:c3:e3:0d:04:f6:b3:60:6b:f4:75:2a:01:0b:
                    8e:92:d0:f7:20:3a:1e:4c:91:60:52:41:fa:99:e1:
                    d2:98:4c:65:01:57:6a:fc:f5:bc:18:a3:3b:bd:8e:
                    5b:ec:d6:29:08:d1:4a:d8:e0:48:e5:44:5f:93:87:
                    43:e2:b2:bf:23:1c:eb:87:d7:f5:54:33:eb:28:f1:
                    42:71:f1:aa:ff:0b:54:a0:56:cf:1d:dc:06:b8:87:
                    e6:19:80:38:21:b5:a6:01:f2:ee:e1:2d:0d:7b:ba:
                    44:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:37:3C:D5:0A:7E:2B:80:72:F4:1D:35:27:60:39:A3:CD:11:05:C7
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:cb:9f:db:30:04:3d:ef:54:ff:31:8d:1c:cc:71:5e:ef:75:
         14:a5:7e:0d:3f:b0:dc:7b:49:3d:2a:99:cd:cd:5b:4a:7c:27:
         85:fb:41:54:77:e0:43:8f:94:dc:4c:36:47:3b:fa:77:c6:57:
         bc:78:9e:12:fd:da:b4:17:11:9c:57:3d:de:e8:63:87:7f:dd:
         c8:41:bc:6b:73:3b:d4:ef:94:0c:44:ba:67:07:1e:0b:e7:93:
         b4:89:b0:7b:34:3a:b6:6c:d7:18:1a:25:62:0c:66:21:fe:e5:
         18:ff:ae:4b:87:cb:10:b6:26:1f:74:6b:f4:f2:8d:a8:ab:ec:
         97:c3:7c:be:22:e5:7e:33:74:cd:8a:4b:af:36:ef:c1:65:f9:
         78:7a:10:92:13:e2:1c:ca:77:5f:cb:02:56:dd:6d:b6:b1:03:
         38:03:7d:3b:06:01:88:bc:4d:d2:30:50:7a:b2:ae:0a:c8:88:
         19:ba:35:46:27:1c:bc:f6:09:c9:dd:c6:48:c9:1d:54:87:d0:
         a8:8f:06:e5:37:43:cb:01:05:4f:e3:cf:85:9e:9a:5f:4f:e5:
         b5:12:c1:2a:b8:f5:34:e0:7d:db:41:24:5e:ec:8a:ce:56:85:
         79:f9:48:b3:07:4e:ac:8d:6f:07:84:9b:8d:7d:97:fb:66:e1:
         87:cd:14:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040wrUHlU6k+Xa8S+EtjoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjYwMzI5MDkwMDQ4WhcNMjYwMzMwMDkwMDQ4WjAzMTEwLwYDVQQD
Eyg5YzM3M2NkNTBhN2UyYjgwNzJmNDFkMzUyNzYwMzlhM2NkMTEwNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqICfIqbfn0bfZkkvY/0IkbDLzmvD
WWbWNuGdTpgAzgIYgkuVS5evpdzyoviWH83a9OC8v89ziW7HVyU6FIsnoBdUxLOw
EazeK8P2UhMXKam84K//FiW/uIqa8oyUzLX/gwcfUUSqwHCxhii1nFMO7FJqc6PM
lcUBPY4VNRLJn8emJ+UNdJYZibHrp1e4+vSfQZvleRwgWMPjDQT2s2Br9HUqAQuO
ktD3IDoeTJFgUkH6meHSmExlAVdq/PW8GKM7vY5b7NYpCNFK2OBI5URfk4dD4rK/
Ixzrh9f1VDPrKPFCcfGq/wtUoFbPHdwGuIfmGYA4IbWmAfLu4S0Ne7pEmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJw3PNUKfiuAcvQdNSdgOaPNEQXHMB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf8uf2zAE
Pe9U/zGNHMxxXu91FKV+DT+w3HtJPSqZzc1bSnwnhftBVHfgQ4+U3Ew2Rzv6d8ZX
vHieEv3atBcRnFc93uhjh3/dyEG8a3M71O+UDES6ZwceC+eTtImwezQ6tmzXGBol
YgxmIf7lGP+uS4fLELYmH3Rr9PKNqKvsl8N8viLlfjN0zYpLrzbvwWX5eHoQkhPi
HMp3X8sCVt1ttrEDOAN9OwYBiLxN0jBQerKuCsiIGbo1RiccvPYJyd3GSMkdVIfQ
qI8G5TdDywEFT+PPhZ6aX0/ltRLBKrj1NOB920EkXuyKzlaFeflIswdOrI1vB4Sb
jX2X+2bhh80Uyw==
-----END CERTIFICATE-----