Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
File:                     f35evW-kacXjcL_BBsTUqtHh25Q.mft (raw, json)
Hash identifier:          kEZGzNFgnXFPZlCDLO8RkoLr8Jd7bsl7QRfkTDnvgjQ=
Subject key identifier:   7F:A7:1D:9C:6B:9A:4D:2C:13:36:9E:62:89:10:BD:74:43:BB:43:DD
Authority key identifier: 7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94
Certificate issuer:       /CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
Certificate serial:       019D3AC194FA97D6BE57FDD553977499574B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
Manifest number:          10F8
Signing time:             Sun 29 Mar 2026 18:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 18:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 18:00:58 +0000
Files and hashes:         1: f35evW-kacXjcL_BBsTUqtHh25Q.crl (hash: 3XmcJTv6qBnhqiEjdyNKG+8LmlPirzhocKiGWx6hnpU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:c1:94:fa:97:d6:be:57:fd:d5:53:97:74:99:57:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
        Validity
            Not Before: Mar 29 18:00:58 2026 GMT
            Not After : Mar 30 18:00:58 2026 GMT
        Subject: CN=7fa71d9c6b9a4d2c13369e628910bd7443bb43dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:38:73:a9:07:32:96:91:0b:63:49:b2:f8:3e:
                    25:c0:e3:e1:0d:a3:a6:94:5d:5a:d5:2f:9b:d4:ba:
                    9c:f6:f5:f4:9a:22:4a:d3:8f:26:66:7d:b5:26:cd:
                    f3:9d:f2:23:f7:aa:0c:5a:1d:ac:0f:db:c3:15:5b:
                    01:8a:7d:14:de:41:56:fe:aa:39:ab:fa:55:8c:36:
                    19:3d:1c:d0:b6:c4:55:3a:f3:f9:f2:c4:c1:a4:96:
                    4b:1b:0f:9a:5d:31:fe:41:2b:b2:5c:f0:09:94:62:
                    b0:62:e0:e5:ea:af:33:53:91:79:c2:73:6d:a9:04:
                    16:04:dd:fe:de:d1:98:19:35:8f:ff:18:8a:a0:e8:
                    95:b5:8a:f3:28:8f:f2:80:4f:5f:96:40:3a:27:d3:
                    6c:bf:8c:41:b3:4a:84:bc:fe:97:f3:22:d3:41:9a:
                    19:54:7e:ed:c2:b3:77:eb:5e:3d:b4:34:6e:f1:ac:
                    91:5e:bf:61:32:df:ea:1e:7c:9c:ed:38:20:03:66:
                    a8:3c:42:da:4e:0e:a2:b4:6b:70:77:50:23:79:57:
                    91:11:ae:11:4d:3f:35:e5:bf:74:14:f1:a1:f2:f6:
                    e0:b3:30:e2:f8:ef:f9:4c:fb:6c:51:12:37:31:1d:
                    42:2e:56:84:be:2a:11:ca:36:67:d1:57:3b:aa:be:
                    10:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:A7:1D:9C:6B:9A:4D:2C:13:36:9E:62:89:10:BD:74:43:BB:43:DD
            X509v3 Authority Key Identifier:
                keyid:7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:7c:94:87:27:4c:01:6c:8a:bd:a7:48:fa:4e:6f:eb:d7:d4:
         d1:e8:df:c4:87:7f:85:b3:ae:31:2b:5e:e4:11:97:e7:75:d4:
         7b:72:1d:b3:64:11:6f:96:dc:d8:b2:9c:0a:b7:21:e2:2b:b5:
         15:90:15:cb:fa:59:91:81:5b:b5:59:31:0c:ae:1c:2a:f3:15:
         e0:16:88:d2:17:21:0b:4e:0b:9f:96:ac:23:46:78:07:61:48:
         f7:49:78:53:ea:63:41:ed:19:e7:f1:73:68:8b:97:60:da:25:
         18:14:4b:95:75:a6:e1:1a:e2:b8:c3:3d:35:55:2d:84:7e:62:
         91:49:ef:49:f0:d2:3d:6d:94:59:2e:e0:a4:a7:b6:6d:74:0d:
         6c:b7:a8:3a:c6:78:5d:88:60:93:99:70:e7:db:20:6f:31:0c:
         ff:13:04:49:14:98:98:5c:43:5e:43:6d:64:fc:13:3e:ef:7f:
         a1:d4:11:31:5e:a6:a5:5e:5a:5c:c6:bf:36:cb:d2:33:f8:8e:
         62:64:85:7a:f0:ce:82:47:af:b1:1e:8a:de:3f:eb:13:6f:bd:
         2c:ea:6a:20:bc:b5:53:29:61:7a:41:fe:66:32:6e:8b:a0:34:
         27:eb:f2:39:2e:50:d1:df:02:eb:42:82:fa:e6:ea:3b:c9:b7:
         bd:4d:88:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06wZT6l9a+V/3VU5d0mVdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmN2U1ZWJkNmZhNDY5YzVlMzcwYmZjMTA2YzRkNGFhZDFl
MWRiOTQwHhcNMjYwMzI5MTgwMDU4WhcNMjYwMzMwMTgwMDU4WjAzMTEwLwYDVQQD
Eyg3ZmE3MWQ5YzZiOWE0ZDJjMTMzNjllNjI4OTEwYmQ3NDQzYmI0M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArThzqQcylpELY0my+D4lwOPhDaOm
lF1a1S+b1Lqc9vX0miJK048mZn21Js3znfIj96oMWh2sD9vDFVsBin0U3kFW/qo5
q/pVjDYZPRzQtsRVOvP58sTBpJZLGw+aXTH+QSuyXPAJlGKwYuDl6q8zU5F5wnNt
qQQWBN3+3tGYGTWP/xiKoOiVtYrzKI/ygE9flkA6J9Nsv4xBs0qEvP6X8yLTQZoZ
VH7twrN36149tDRu8ayRXr9hMt/qHnyc7TggA2aoPELaTg6itGtwd1AjeVeREa4R
TT815b90FPGh8vbgszDi+O/5TPtsURI3MR1CLlaEvioRyjZn0Vc7qr4QmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+nHZxrmk0sEzaeYokQvXRDu0PdMB8GA1UdIwQY
MBaAFH9+Xr1vpGnF43C/wQbE1KrR4duUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMt
OTgyY2ZiMzU5YWVlLzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMtOTgyY2ZiMzU5YWVl
LzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj3yUhydM
AWyKvadI+k5v69fU0ejfxId/hbOuMSte5BGX53XUe3Ids2QRb5bc2LKcCrch4iu1
FZAVy/pZkYFbtVkxDK4cKvMV4BaI0hchC04Ln5asI0Z4B2FI90l4U+pjQe0Z5/Fz
aIuXYNolGBRLlXWm4RriuMM9NVUthH5ikUnvSfDSPW2UWS7gpKe2bXQNbLeoOsZ4
XYhgk5lw59sgbzEM/xMESRSYmFxDXkNtZPwTPu9/odQRMV6mpV5aXMa/NsvSM/iO
YmSFevDOgkevsR6K3j/rE2+9LOpqILy1UylhekH+ZjJui6A0J+vyOS5Q0d8C60KC
+ubqO8m3vU2IXQ==
-----END CERTIFICATE-----