Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
File:                     X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft (raw, json)
Hash identifier:          mXxdMVn+yueUD2RH58Xm2M2FHsECzZDvUZtIHtYkfLc=
Subject key identifier:   A2:23:3B:F4:51:CD:7E:59:20:5F:BF:A8:84:B3:9E:00:2A:A0:88:46
Authority key identifier: 5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C
Certificate issuer:       /CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c
Certificate serial:       019D37891F02AD77E8421C06627BD6968B93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
Manifest number:          0EA9
Signing time:             Sun 29 Mar 2026 03:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:26 +0000
Files and hashes:         1: X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl (hash: EPUSh2RwIq/1V6S8fAzdMBLuU98jpfrS445hc57BmII=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:1f:02:ad:77:e8:42:1c:06:62:7b:d6:96:8b:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c
        Validity
            Not Before: Mar 29 03:00:26 2026 GMT
            Not After : Mar 30 03:00:26 2026 GMT
        Subject: CN=a2233bf451cd7e59205fbfa884b39e002aa08846
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:9b:6f:b3:36:4f:c0:c0:e1:be:ad:3f:2a:d4:
                    a5:10:41:a4:2b:3a:48:c1:c9:10:a2:78:48:a3:24:
                    13:ca:54:bd:7c:99:c4:9c:09:9d:af:0c:29:4c:ab:
                    26:cf:3c:7c:a0:24:44:b8:a2:30:75:1a:2b:30:3d:
                    bb:0c:48:91:8c:3b:a9:33:4d:3b:9d:ed:0d:d6:0b:
                    92:57:52:b5:e8:7d:7e:9c:78:7f:b4:89:d7:05:b9:
                    d5:be:df:10:11:23:a4:da:9e:bc:48:e2:a0:44:a4:
                    9d:2d:77:bb:ba:f0:c6:8d:93:fb:23:81:c1:39:8a:
                    a1:f0:aa:d1:1c:35:34:13:dd:cf:13:19:79:57:78:
                    bd:85:c5:91:52:4a:5c:ea:f2:69:a5:3c:32:d7:db:
                    78:10:a3:9d:98:5d:a3:2d:a3:d1:fa:bd:71:0d:54:
                    7a:03:5a:fd:8e:48:2e:df:3b:43:e1:78:f2:77:c4:
                    22:9d:a6:7a:3d:c1:90:39:79:80:40:4c:a0:2e:ca:
                    c3:24:1e:42:c9:71:21:ad:d9:6c:7d:40:f1:e4:18:
                    48:6e:27:91:2e:a6:bc:91:9b:08:16:30:05:26:45:
                    a9:88:70:69:b2:34:85:23:4d:a0:87:e2:86:22:17:
                    be:d3:02:25:61:14:69:87:c7:48:e8:7f:11:cd:1d:
                    c8:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:23:3B:F4:51:CD:7E:59:20:5F:BF:A8:84:B3:9E:00:2A:A0:88:46
            X509v3 Authority Key Identifier:
                keyid:5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:e1:94:4c:ad:b1:3d:3b:83:e3:c0:a7:96:c9:e2:44:ab:c4:
         7d:4d:ca:e4:40:c0:97:82:b4:fa:48:49:f0:64:33:35:8d:d4:
         d0:fc:48:bd:51:4a:d1:45:5e:12:5f:23:26:34:46:90:a2:8e:
         dc:61:4e:69:d7:c2:46:6f:ea:ac:7d:e5:c9:d6:0c:d1:d9:14:
         10:6d:d0:b5:34:10:7a:6a:07:69:82:a9:88:fd:d3:38:1e:ef:
         72:fc:1c:7a:d3:bd:4d:37:d7:4a:01:41:6f:4a:55:21:6e:e8:
         e1:ba:a0:a7:eb:16:b8:22:d4:8a:8e:87:b6:0c:4e:fc:14:75:
         a0:48:aa:3c:18:35:d5:ee:0e:ab:e9:5c:a9:92:95:1d:af:21:
         ec:e7:fe:7b:ed:2e:08:31:b0:53:15:de:90:5f:1e:53:8a:58:
         4b:d3:e4:b3:4d:f8:d7:9d:87:fb:2e:6b:d4:af:b7:53:6b:ca:
         69:44:ef:3c:3b:87:cf:7f:8b:db:24:cf:d6:3b:a0:9e:1e:59:
         c9:58:3d:9b:b6:e1:35:d4:e4:03:44:7e:c6:d9:e7:df:ec:2f:
         11:ec:fa:6e:66:2c:82:9b:16:95:b2:7d:25:cf:a5:ac:92:fb:
         29:32:7c:24:49:4a:bb:db:ae:dd:cb:a7:84:f2:31:69:c4:68:
         ce:b1:e5:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iR8CrXfoQhwGYnvWlouTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYjc0NjZkOGU5MmIyMWM3YjFhYTEzNWYzMGVmZTZlNzNl
MWY4NmMwHhcNMjYwMzI5MDMwMDI2WhcNMjYwMzMwMDMwMDI2WjAzMTEwLwYDVQQD
EyhhMjIzM2JmNDUxY2Q3ZTU5MjA1ZmJmYTg4NGIzOWUwMDJhYTA4ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZtvszZPwMDhvq0/KtSlEEGkKzpI
wckQonhIoyQTylS9fJnEnAmdrwwpTKsmzzx8oCREuKIwdRorMD27DEiRjDupM007
ne0N1guSV1K16H1+nHh/tInXBbnVvt8QESOk2p68SOKgRKSdLXe7uvDGjZP7I4HB
OYqh8KrRHDU0E93PExl5V3i9hcWRUkpc6vJppTwy19t4EKOdmF2jLaPR+r1xDVR6
A1r9jkgu3ztD4Xjyd8QinaZ6PcGQOXmAQEygLsrDJB5CyXEhrdlsfUDx5BhIbieR
Lqa8kZsIFjAFJkWpiHBpsjSFI02gh+KGIhe+0wIlYRRph8dI6H8RzR3IwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKIjO/RRzX5ZIF+/qISzngAqoIhGMB8GA1UdIwQY
MBaAFF+3Rm2OkrIcexqhNfMO/m5z4fhsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAt
MGI5MjY3OWQzNjI1LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAtMGI5MjY3OWQzNjI1
LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfOGUTK2x
PTuD48CnlsniRKvEfU3K5EDAl4K0+khJ8GQzNY3U0PxIvVFK0UVeEl8jJjRGkKKO
3GFOadfCRm/qrH3lydYM0dkUEG3QtTQQemoHaYKpiP3TOB7vcvwcetO9TTfXSgFB
b0pVIW7o4bqgp+sWuCLUio6HtgxO/BR1oEiqPBg11e4Oq+lcqZKVHa8h7Of+e+0u
CDGwUxXekF8eU4pYS9Pks034152H+y5r1K+3U2vKaUTvPDuHz3+L2yTP1jugnh5Z
yVg9m7bhNdTkA0R+xtnn3+wvEez6bmYsgpsWlbJ9Jc+lrJL7KTJ8JElKu9uu3cun
hPIxacRozrHl0w==
-----END CERTIFICATE-----