Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.mft
File:                     ejiftI-wXUgfHyORlMU30Vs1cAk.mft (raw, json)
Hash identifier:          /HIW089lJxGpbdB/58DDdXlro2IsKeTUKoGOZUIiqP8=
Subject key identifier:   BD:55:74:D6:60:BC:08:A4:DA:80:65:72:64:27:70:C1:E4:83:A1:F2
Authority key identifier: 7A:38:9F:B4:8F:B0:5D:48:1F:1F:23:91:94:C5:37:D1:5B:35:70:09
Certificate issuer:       /CN=7a389fb48fb05d481f1f239194c537d15b357009
Certificate serial:       019D390A5670C1A6E84BA4585841B4A1C3DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ejiftI-wXUgfHyORlMU30Vs1cAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.mft
Manifest number:          0F32
Signing time:             Sun 29 Mar 2026 10:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 10:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 10:01:11 +0000
Files and hashes:         1: ejiftI-wXUgfHyORlMU30Vs1cAk.crl (hash: TSsRA2+rmcZMoV2aodppB6/BqkYXkgLVTFZZA/YXSas=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ejiftI-wXUgfHyORlMU30Vs1cAk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:56:70:c1:a6:e8:4b:a4:58:58:41:b4:a1:c3:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a389fb48fb05d481f1f239194c537d15b357009
        Validity
            Not Before: Mar 29 10:01:11 2026 GMT
            Not After : Mar 30 10:01:11 2026 GMT
        Subject: CN=bd5574d660bc08a4da806572642770c1e483a1f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3b:7c:ed:ee:46:39:4b:a3:69:5f:7c:56:44:
                    6e:6d:e7:ec:b0:69:29:b1:a8:5c:29:6b:a7:99:4d:
                    ae:9e:09:d7:93:b4:b2:7c:ef:ce:8f:cc:dd:e0:c2:
                    a5:d3:cb:c4:c8:3e:6b:f3:75:14:cd:4e:18:fe:cb:
                    c7:d8:85:80:8f:d7:a4:d7:b9:54:3c:74:55:65:73:
                    4f:12:d3:50:39:a3:63:b3:a4:04:f1:57:36:73:56:
                    77:91:a3:c2:aa:80:4d:ea:43:e2:45:dc:b9:07:bf:
                    96:80:14:b2:17:4c:0a:d0:3f:0f:88:77:3a:10:1e:
                    d7:8b:72:81:12:18:5e:ee:13:73:42:6a:d0:80:1a:
                    8a:21:6f:4b:63:e2:19:04:01:20:e1:fd:e5:25:5f:
                    69:e1:2f:fa:f6:f1:0b:b4:0b:71:54:51:97:c2:ed:
                    26:93:c4:bf:55:9d:ce:1a:7e:e8:79:cb:6e:b7:09:
                    5d:09:6f:90:98:bb:c8:a7:ab:28:73:ec:0e:91:4a:
                    42:ed:d0:11:03:16:bd:11:37:6e:2b:93:1e:31:9f:
                    f9:16:bd:16:11:fc:d5:65:e8:ab:6e:3b:92:ed:82:
                    20:4a:c9:00:64:d4:e5:49:8c:f3:56:56:c2:15:7d:
                    ce:d0:a9:01:5c:0a:ef:1a:a3:0c:06:bd:cd:d5:41:
                    82:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:55:74:D6:60:BC:08:A4:DA:80:65:72:64:27:70:C1:E4:83:A1:F2
            X509v3 Authority Key Identifier:
                keyid:7A:38:9F:B4:8F:B0:5D:48:1F:1F:23:91:94:C5:37:D1:5B:35:70:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejiftI-wXUgfHyORlMU30Vs1cAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:92:1b:72:8c:ea:48:9b:0c:b8:9d:46:1f:d4:54:20:97:04:
         02:bd:be:d4:dd:2f:53:62:ed:c2:db:57:75:fa:50:3a:25:82:
         f5:4a:4d:b7:a3:18:89:db:44:65:69:4f:0e:24:7d:cd:18:5b:
         c3:a5:62:0d:a8:fd:0c:55:54:0c:14:08:86:bc:82:6f:a3:de:
         d7:4a:2d:18:82:bf:f8:96:bb:22:62:cb:ed:e8:85:44:bb:2d:
         04:23:05:a9:ca:2d:13:e2:13:49:81:9b:e4:1b:c8:9e:0c:aa:
         fb:78:1b:73:42:67:ed:4e:4b:18:82:7b:c9:bd:8a:fc:1b:a1:
         df:c1:41:f8:16:c1:47:fa:1f:56:b0:d3:ac:e8:aa:ae:84:ec:
         4f:46:39:83:da:47:30:8c:a4:61:06:b2:bc:2b:23:bd:6b:f9:
         e5:81:8d:3a:4f:b4:62:6b:81:59:0a:79:32:69:39:0d:04:b5:
         63:ff:76:c6:98:cc:5f:f8:b6:2e:f2:20:a6:e9:17:08:c3:04:
         64:16:86:81:bc:23:9d:2c:16:25:d3:59:46:aa:f9:d0:ec:53:
         c5:59:2b:75:5f:ad:23:0c:e6:40:ed:95:11:98:85:4a:dd:60:
         02:f9:26:90:e5:bf:f9:0a:ac:5e:bc:0c:e3:4c:f2:b6:4d:7a:
         cb:a5:92:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ClZwwaboS6RYWEG0ocPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzg5ZmI0OGZiMDVkNDgxZjFmMjM5MTk0YzUzN2QxNWIz
NTcwMDkwHhcNMjYwMzI5MTAwMTExWhcNMjYwMzMwMTAwMTExWjAzMTEwLwYDVQQD
EyhiZDU1NzRkNjYwYmMwOGE0ZGE4MDY1NzI2NDI3NzBjMWU0ODNhMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDt87e5GOUujaV98VkRubefssGkp
sahcKWunmU2ungnXk7SyfO/Oj8zd4MKl08vEyD5r83UUzU4Y/svH2IWAj9ek17lU
PHRVZXNPEtNQOaNjs6QE8Vc2c1Z3kaPCqoBN6kPiRdy5B7+WgBSyF0wK0D8PiHc6
EB7Xi3KBEhhe7hNzQmrQgBqKIW9LY+IZBAEg4f3lJV9p4S/69vELtAtxVFGXwu0m
k8S/VZ3OGn7oectutwldCW+QmLvIp6soc+wOkUpC7dARAxa9ETduK5MeMZ/5Fr0W
EfzVZeirbjuS7YIgSskAZNTlSYzzVlbCFX3O0KkBXArvGqMMBr3N1UGCkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL1VdNZgvAik2oBlcmQncMHkg6HyMB8GA1UdIwQY
MBaAFHo4n7SPsF1IHx8jkZTFN9FbNXAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWppZnRJLXdYVWdmSHlPUmxNVTMwVnMxY0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYjEwNjQtNmQyNi00NTU1LTlmYTUt
YTFhMDhlYmY0ZWVhLzEvZWppZnRJLXdYVWdmSHlPUmxNVTMwVnMxY0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYjEwNjQtNmQyNi00NTU1LTlmYTUtYTFhMDhlYmY0ZWVh
LzEvZWppZnRJLXdYVWdmSHlPUmxNVTMwVnMxY0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUZIbcozq
SJsMuJ1GH9RUIJcEAr2+1N0vU2LtwttXdfpQOiWC9UpNt6MYidtEZWlPDiR9zRhb
w6ViDaj9DFVUDBQIhryCb6Pe10otGIK/+Ja7ImLL7eiFRLstBCMFqcotE+ITSYGb
5BvIngyq+3gbc0Jn7U5LGIJ7yb2K/Buh38FB+BbBR/ofVrDTrOiqroTsT0Y5g9pH
MIykYQayvCsjvWv55YGNOk+0YmuBWQp5Mmk5DQS1Y/92xpjMX/i2LvIgpukXCMME
ZBaGgbwjnSwWJdNZRqr50OxTxVkrdV+tIwzmQO2VEZiFSt1gAvkmkOW/+QqsXrwM
40zytk16y6WSlA==
-----END CERTIFICATE-----