Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          xYU/UfJfJcM0iFgR595uTdG0DOOEb6DxgmW+XncYV3E=
Subject key identifier:   E0:BD:1D:C0:F4:D7:54:32:DE:E6:4E:50:21:B7:E7:9F:9A:DD:0C:5B
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       019F17C28247DE7132C9ACF9F0747473DEEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0FEE
Signing time:             Tue 30 Jun 2026 09:00:50 +0000
Manifest this update:     Tue 30 Jun 2026 09:00:50 +0000
Manifest next update:     Wed 01 Jul 2026 09:00:50 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: U6mOE9iXLvdTDBF7srWIh3h+yF/ojbp3y4yzl5Ei/vE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 09:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:c2:82:47:de:71:32:c9:ac:f9:f0:74:74:73:de:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: Jun 30 09:00:50 2026 GMT
            Not After : Jul  1 09:00:50 2026 GMT
        Subject: CN=e0bd1dc0f4d75432dee64e5021b7e79f9add0c5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:35:91:e8:05:d3:b1:44:5b:fb:59:cf:63:4d:
                    90:4c:ef:56:47:95:fc:1a:34:78:68:90:82:23:a6:
                    dd:fb:d9:55:73:aa:11:ed:7c:77:94:82:24:3c:06:
                    68:4d:32:c0:93:15:ad:d9:95:14:e0:ff:02:9d:58:
                    b6:cc:18:23:03:8a:bd:be:b3:e3:9c:1b:c7:22:ae:
                    12:9b:d9:85:97:ae:28:9d:40:26:da:0a:69:c9:55:
                    bd:5c:50:e0:30:ab:71:f1:e1:19:7f:81:37:90:62:
                    84:27:bd:ab:3e:05:8e:26:36:60:03:cf:a0:f3:25:
                    6f:1d:6b:a2:05:2b:eb:2b:39:7b:83:32:77:a6:39:
                    7d:91:29:4e:11:92:12:df:53:24:f8:cf:49:ae:9e:
                    c7:1e:4d:8a:4a:bb:22:17:68:1c:9c:f2:a5:34:49:
                    82:96:04:48:eb:2d:57:2e:85:9b:32:95:94:ca:a0:
                    e1:f0:e0:e6:74:87:28:64:a2:93:4b:d0:f5:15:a4:
                    75:5e:98:85:50:2f:b0:fb:4c:d3:89:23:dc:90:69:
                    2a:87:b1:14:89:b8:39:68:07:14:6b:6e:57:30:81:
                    09:84:0d:15:e7:25:31:ee:ce:fe:1c:31:4f:60:ac:
                    ac:f2:d6:eb:ae:3e:07:a8:0e:c1:5f:15:22:c9:66:
                    f2:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:BD:1D:C0:F4:D7:54:32:DE:E6:4E:50:21:B7:E7:9F:9A:DD:0C:5B
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:84:31:53:cc:9a:d2:1e:78:c8:f1:90:a3:91:3c:2d:5e:31:
         06:18:40:7e:28:e8:de:59:c8:84:7b:28:20:a8:f1:30:1b:1a:
         ff:0f:6f:1a:2c:d9:41:17:7f:03:e3:4f:3f:a4:b8:9f:33:65:
         f0:8a:1f:06:6b:c9:52:60:a5:b7:39:4b:b1:e4:f6:28:0b:c9:
         57:78:17:f2:1d:fe:2f:00:9f:3f:77:b5:0c:52:4d:ab:4e:87:
         a7:06:fb:b7:f3:06:44:2e:ba:07:5f:08:b7:17:86:87:42:89:
         4f:5b:4e:48:a3:fa:06:1e:77:05:aa:6a:b0:e4:f0:1f:2f:b0:
         f5:22:02:23:13:34:76:16:25:6e:c6:1c:21:4c:60:4a:a1:8e:
         d8:42:7e:45:0f:22:06:b2:7c:12:ae:73:0e:20:89:70:92:ca:
         6c:73:72:33:8e:f1:37:a7:08:fb:71:42:7c:9d:02:07:13:2d:
         bf:67:bd:6d:bd:fc:a1:4b:a4:7d:89:73:43:e5:09:a0:52:7e:
         78:3f:33:1f:a7:83:20:22:bd:5e:44:67:84:98:a8:33:bc:7f:
         aa:da:e1:3d:8c:56:4d:c4:99:c3:50:57:f2:66:3d:9b:48:4a:
         be:ff:cb:5a:0e:24:46:16:af:82:a5:b1:71:cb:c5:c5:4a:3f:
         b4:c9:3a:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XwoJH3nEyyaz58HR0c97vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjYwNjMwMDkwMDUwWhcNMjYwNzAxMDkwMDUwWjAzMTEwLwYDVQQD
EyhlMGJkMWRjMGY0ZDc1NDMyZGVlNjRlNTAyMWI3ZTc5ZjlhZGQwYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzWR6AXTsURb+1nPY02QTO9WR5X8
GjR4aJCCI6bd+9lVc6oR7Xx3lIIkPAZoTTLAkxWt2ZUU4P8CnVi2zBgjA4q9vrPj
nBvHIq4Sm9mFl64onUAm2gppyVW9XFDgMKtx8eEZf4E3kGKEJ72rPgWOJjZgA8+g
8yVvHWuiBSvrKzl7gzJ3pjl9kSlOEZIS31Mk+M9Jrp7HHk2KSrsiF2gcnPKlNEmC
lgRI6y1XLoWbMpWUyqDh8ODmdIcoZKKTS9D1FaR1XpiFUC+w+0zTiSPckGkqh7EU
ibg5aAcUa25XMIEJhA0V5yUx7s7+HDFPYKys8tbrrj4HqA7BXxUiyWbyHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOC9HcD011Qy3uZOUCG355+a3QxbMB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmYQxU8ya
0h54yPGQo5E8LV4xBhhAfijo3lnIhHsoIKjxMBsa/w9vGizZQRd/A+NPP6S4nzNl
8IofBmvJUmCltzlLseT2KAvJV3gX8h3+LwCfP3e1DFJNq06Hpwb7t/MGRC66B18I
txeGh0KJT1tOSKP6Bh53BapqsOTwHy+w9SICIxM0dhYlbsYcIUxgSqGO2EJ+RQ8i
BrJ8Eq5zDiCJcJLKbHNyM47xN6cI+3FCfJ0CBxMtv2e9bb38oUukfYlzQ+UJoFJ+
eD8zH6eDICK9XkRnhJioM7x/qtrhPYxWTcSZw1BX8mY9m0hKvv/LWg4kRhavgqWx
ccvFxUo/tMk6kA==
-----END CERTIFICATE-----