Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          YN0QDAlqdKVgU4J6DD7VlPyCjWuzyCQEZO3L2UHlOSs=
Subject key identifier:   EF:5C:AA:88:A9:55:83:3F:8B:AA:DD:86:B7:C2:51:FC:37:23:41:13
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       019D3940761E2EF103BCC4BF24DD98D1A686
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          0F6F
Signing time:             Sun 29 Mar 2026 11:00:18 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:18 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:18 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: VwiUSu0Cd+zhXL5zrl0Ig5K3wW2aRTm3o3CyVt1VqbE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:76:1e:2e:f1:03:bc:c4:bf:24:dd:98:d1:a6:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Mar 29 11:00:18 2026 GMT
            Not After : Mar 30 11:00:18 2026 GMT
        Subject: CN=ef5caa88a955833f8baadd86b7c251fc37234113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:31:0f:63:42:93:e3:de:c9:84:c7:2b:ab:3e:
                    94:e0:41:3d:ac:05:1d:26:e6:83:2d:e8:f4:13:af:
                    3f:71:65:4f:3b:6a:dc:ed:a0:9d:8c:47:d7:ec:55:
                    b3:55:42:18:6f:9d:f3:5b:e8:cd:9e:93:06:5e:c5:
                    12:d8:34:7c:b3:46:4d:6f:72:45:e1:62:2c:3a:14:
                    05:08:79:bf:09:61:d2:39:02:66:81:7c:c7:d3:63:
                    4c:f3:49:a0:a8:e4:93:25:97:41:db:07:93:12:be:
                    dc:87:0b:f8:25:e3:02:22:c1:34:11:67:cc:d7:38:
                    99:93:d5:f0:70:5a:10:90:20:99:f9:ce:b3:02:1d:
                    c7:b4:51:be:e2:db:c0:c5:0f:ce:66:5e:2f:27:a5:
                    0d:fe:48:05:d9:b7:32:c7:31:ef:17:d5:9c:57:c4:
                    b0:24:aa:ed:be:ee:00:2c:08:d2:b0:a1:b5:e9:34:
                    ef:83:a9:0a:75:5f:e0:d4:cb:dc:fe:ab:d1:65:fa:
                    61:3f:dd:e8:46:9c:be:2e:4b:05:67:38:72:12:85:
                    85:68:24:44:13:2e:e1:ab:56:42:68:e1:18:5c:04:
                    1d:60:06:88:1f:8d:96:9a:65:ac:e0:4e:41:66:27:
                    c3:ef:51:f1:f7:f9:0a:b6:90:0e:11:e7:18:62:bd:
                    88:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:5C:AA:88:A9:55:83:3F:8B:AA:DD:86:B7:C2:51:FC:37:23:41:13
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:5f:03:28:20:f1:09:30:e1:63:ef:eb:9d:6f:77:bc:9f:ca:
         fd:9b:54:bd:2e:cb:a5:4a:7f:cd:48:9a:9d:35:5d:ba:c9:35:
         d0:1e:dd:c3:41:71:fe:0b:f7:c1:46:00:db:f7:2e:ed:38:65:
         fb:df:94:b6:0c:a2:00:7b:5a:a4:8d:50:01:d4:5a:9d:b1:6c:
         db:e1:4c:23:3a:80:fc:b8:5b:cd:12:de:d7:8f:c8:57:8f:97:
         15:33:dc:34:5e:80:e9:5c:2c:0c:a1:bc:66:94:6b:9b:f0:80:
         31:a3:26:14:2e:04:4e:5a:b3:d9:87:e5:9f:1d:e6:be:0b:cc:
         1f:63:c0:df:75:f7:12:a3:ff:c1:88:e3:57:7f:0b:d8:a5:4b:
         88:43:c2:3a:a3:6f:aa:0a:bf:69:62:5e:2e:3f:83:31:a9:c1:
         a8:45:77:67:c0:9b:c3:d8:e4:ce:38:a1:69:c8:1c:ab:5c:41:
         b0:da:93:7f:51:f8:6b:09:51:53:9e:eb:01:57:bd:97:4f:82:
         0a:dd:61:fc:4a:3d:74:92:c5:02:94:66:ee:d8:d0:e4:c0:66:
         79:d8:be:d0:23:3b:8c:d7:ad:13:5e:b2:c5:96:33:79:99:12:
         b8:5a:f6:c4:48:67:6f:50:f7:a0:88:6e:3d:6c:d9:4c:ad:69:
         2f:e4:a6:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QHYeLvEDvMS/JN2Y0aaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjYwMzI5MTEwMDE4WhcNMjYwMzMwMTEwMDE4WjAzMTEwLwYDVQQD
EyhlZjVjYWE4OGE5NTU4MzNmOGJhYWRkODZiN2MyNTFmYzM3MjM0MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjEPY0KT497JhMcrqz6U4EE9rAUd
JuaDLej0E68/cWVPO2rc7aCdjEfX7FWzVUIYb53zW+jNnpMGXsUS2DR8s0ZNb3JF
4WIsOhQFCHm/CWHSOQJmgXzH02NM80mgqOSTJZdB2weTEr7chwv4JeMCIsE0EWfM
1ziZk9XwcFoQkCCZ+c6zAh3HtFG+4tvAxQ/OZl4vJ6UN/kgF2bcyxzHvF9WcV8Sw
JKrtvu4ALAjSsKG16TTvg6kKdV/g1Mvc/qvRZfphP93oRpy+LksFZzhyEoWFaCRE
Ey7hq1ZCaOEYXAQdYAaIH42WmmWs4E5BZifD71Hx9/kKtpAOEecYYr2IOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9cqoipVYM/i6rdhrfCUfw3I0ETMB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIl8DKCDx
CTDhY+/rnW93vJ/K/ZtUvS7LpUp/zUianTVdusk10B7dw0Fx/gv3wUYA2/cu7Thl
+9+UtgyiAHtapI1QAdRanbFs2+FMIzqA/LhbzRLe14/IV4+XFTPcNF6A6VwsDKG8
ZpRrm/CAMaMmFC4ETlqz2Yflnx3mvgvMH2PA33X3EqP/wYjjV38L2KVLiEPCOqNv
qgq/aWJeLj+DManBqEV3Z8Cbw9jkzjihacgcq1xBsNqTf1H4awlRU57rAVe9l0+C
Ct1h/Eo9dJLFApRm7tjQ5MBmedi+0CM7jNetE16yxZYzeZkSuFr2xEhnb1D3oIhu
PWzZTK1pL+SmPQ==
-----END CERTIFICATE-----