Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          Eko1woN94ItKTAundj2pGm67FTJ2tEWrD/5jcRgD6bA=
Subject key identifier:   DA:CA:33:A2:39:15:16:1F:A5:72:B3:72:BD:2A:A6:A7:34:14:48:E2
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       019E30731C04877367D038293959BDA6706B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          0FEF
Signing time:             Sat 16 May 2026 11:01:50 +0000
Manifest this update:     Sat 16 May 2026 11:01:50 +0000
Manifest next update:     Sun 17 May 2026 11:01:50 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: ofmuktdoHKl4n4xoLhae190Wv0yPN+H1p/DN5/favxQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 11:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:73:1c:04:87:73:67:d0:38:29:39:59:bd:a6:70:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: May 16 11:01:50 2026 GMT
            Not After : May 17 11:01:50 2026 GMT
        Subject: CN=daca33a23915161fa572b372bd2aa6a7341448e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:c9:d6:94:f5:8e:bc:c9:67:11:33:dd:07:61:
                    87:76:8b:ba:12:2c:c6:2f:28:23:a0:e7:09:01:e5:
                    94:ad:5f:c6:c1:f3:ff:81:1e:51:84:bc:0d:bf:1c:
                    b9:d3:4f:47:6f:6a:13:33:b5:6b:47:41:4b:8d:2a:
                    d3:6f:58:61:47:b8:60:34:a4:89:c7:87:59:f3:da:
                    ba:7d:9c:bb:fa:12:3c:5c:36:e4:88:d5:cc:f5:b3:
                    d8:4b:2f:46:46:eb:1e:7f:66:a0:39:19:25:66:a6:
                    83:db:44:dd:09:b4:ef:cc:01:7a:4c:ee:97:40:e7:
                    21:fb:66:ee:f6:16:1f:41:e9:28:0b:20:c6:cd:14:
                    59:12:9f:e2:84:ec:e0:97:c9:2b:2b:16:e1:98:0e:
                    5b:df:df:9f:b3:0f:51:a5:2c:12:1a:9c:e5:06:f6:
                    f0:88:a4:1b:73:f8:f6:47:52:e1:26:72:9f:42:63:
                    f9:33:32:cd:c1:22:c6:91:18:b2:57:f8:37:c1:ca:
                    21:9d:79:27:09:44:05:61:ba:48:97:79:b6:42:97:
                    6b:c7:17:61:24:8d:53:63:28:bd:d0:af:56:a5:8b:
                    91:57:99:ef:68:d4:71:d5:8a:13:f4:63:32:87:80:
                    6f:9b:59:d5:72:ea:eb:31:25:9f:c5:d7:f2:22:1d:
                    2d:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:CA:33:A2:39:15:16:1F:A5:72:B3:72:BD:2A:A6:A7:34:14:48:E2
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:b3:b9:2f:6a:6e:8a:49:ba:11:08:a7:e9:bc:e4:79:65:e4:
         aa:b8:49:81:7b:c0:51:f0:3f:35:13:7e:1b:5b:d8:50:28:40:
         bd:01:7d:3f:1f:80:44:9f:cb:6a:74:ca:42:b6:8c:a2:13:96:
         ac:2f:9b:75:39:7b:f2:bd:ca:e4:7f:b6:83:e4:1d:9f:1e:0c:
         1d:aa:6b:d3:20:8c:35:54:cb:b7:08:65:1c:a8:84:91:10:42:
         93:71:31:ad:f5:06:09:06:73:b8:68:51:6d:44:5a:8b:73:19:
         69:a6:fb:f6:c8:1b:4d:55:e6:cb:c3:7d:87:d4:e7:17:39:94:
         9c:1a:64:1c:66:9e:84:2c:42:bc:87:4f:df:ea:72:76:3b:6e:
         7f:fc:26:96:71:c6:ec:55:f3:a7:9d:d6:14:a4:c7:73:ae:c4:
         80:b9:90:61:49:d5:b2:96:ca:3a:5d:cd:e8:f2:ac:98:16:26:
         02:99:3f:50:12:ab:d6:e1:70:5c:75:6a:51:dc:ae:91:99:98:
         27:a3:ca:70:2c:58:f6:5b:3c:ad:78:79:03:5d:9f:dd:15:7c:
         19:bb:fd:92:c7:ed:d2:0d:e9:5c:9b:05:92:1f:2b:f9:5a:f9:
         b3:b0:c9:46:44:c1:6c:5b:ad:0b:d4:a6:3d:b1:15:69:db:67:
         e1:ec:bb:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wcxwEh3Nn0DgpOVm9pnBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjYwNTE2MTEwMTUwWhcNMjYwNTE3MTEwMTUwWjAzMTEwLwYDVQQD
EyhkYWNhMzNhMjM5MTUxNjFmYTU3MmIzNzJiZDJhYTZhNzM0MTQ0OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcnWlPWOvMlnETPdB2GHdou6EizG
LygjoOcJAeWUrV/GwfP/gR5RhLwNvxy5009Hb2oTM7VrR0FLjSrTb1hhR7hgNKSJ
x4dZ89q6fZy7+hI8XDbkiNXM9bPYSy9GRusef2agORklZqaD20TdCbTvzAF6TO6X
QOch+2bu9hYfQekoCyDGzRRZEp/ihOzgl8krKxbhmA5b39+fsw9RpSwSGpzlBvbw
iKQbc/j2R1LhJnKfQmP5MzLNwSLGkRiyV/g3wcohnXknCUQFYbpIl3m2Qpdrxxdh
JI1TYyi90K9WpYuRV5nvaNRx1YoT9GMyh4Bvm1nVcurrMSWfxdfyIh0t3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrKM6I5FRYfpXKzcr0qpqc0FEjiMB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFrO5L2pu
ikm6EQin6bzkeWXkqrhJgXvAUfA/NRN+G1vYUChAvQF9Px+ARJ/LanTKQraMohOW
rC+bdTl78r3K5H+2g+Qdnx4MHapr0yCMNVTLtwhlHKiEkRBCk3ExrfUGCQZzuGhR
bURai3MZaab79sgbTVXmy8N9h9TnFzmUnBpkHGaehCxCvIdP3+pydjtuf/wmlnHG
7FXzp53WFKTHc67EgLmQYUnVspbKOl3N6PKsmBYmApk/UBKr1uFwXHVqUdyukZmY
J6PKcCxY9ls8rXh5A12f3RV8Gbv9ksft0g3pXJsFkh8r+Vr5s7DJRkTBbFutC9Sm
PbEVadtn4ey72g==
-----END CERTIFICATE-----