Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft
File:                     ezR3xSqsENrC7dQXOrbZTV4k3vU.mft (raw, json)
Hash identifier:          T1ezUPFYtw1goP6UvJgSjLtBIlAr46qE8xUXdkSjo+A=
Subject key identifier:   EC:D0:CF:FB:52:90:39:4B:77:1A:D9:C9:D8:FA:6F:4F:4F:97:CA:EE
Authority key identifier: 7B:34:77:C5:2A:AC:10:DA:C2:ED:D4:17:3A:B6:D9:4D:5E:24:DE:F5
Certificate issuer:       /CN=7b3477c52aac10dac2edd4173ab6d94d5e24def5
Certificate serial:       019D3752325B6A7BB44E5771DB8084046946
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ezR3xSqsENrC7dQXOrbZTV4k3vU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft
Manifest number:          08AF
Signing time:             Sun 29 Mar 2026 02:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:26 +0000
Files and hashes:         1: ezR3xSqsENrC7dQXOrbZTV4k3vU.crl (hash: 1tqyZqH90C7RTJjLRFYbrYw21tykiwWr4ypp/UOwi/8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ezR3xSqsENrC7dQXOrbZTV4k3vU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:32:5b:6a:7b:b4:4e:57:71:db:80:84:04:69:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b3477c52aac10dac2edd4173ab6d94d5e24def5
        Validity
            Not Before: Mar 29 02:00:26 2026 GMT
            Not After : Mar 30 02:00:26 2026 GMT
        Subject: CN=ecd0cffb5290394b771ad9c9d8fa6f4f4f97caee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:70:b7:f6:b9:70:2a:23:ab:da:db:58:d4:ec:
                    f6:cb:89:5d:7f:2d:e7:1d:23:e1:d1:cd:4d:5b:ef:
                    46:0d:e7:9b:65:e4:ff:41:18:bd:02:81:8c:b1:19:
                    07:62:fa:63:bf:83:d8:a5:a8:c3:c6:1b:df:0a:44:
                    d1:ad:8f:fb:8f:22:58:0a:d0:4a:46:7a:62:a2:8a:
                    e3:c3:0f:3c:ad:b5:75:ea:9c:86:f0:53:cd:04:e2:
                    bd:7e:33:d1:6c:12:73:2d:ec:20:6a:2a:0d:c7:ea:
                    14:0a:fd:96:e0:ad:99:68:b7:45:88:52:9b:a4:a4:
                    cd:a1:00:e9:d6:b8:d4:ea:ef:9f:80:b3:1c:16:47:
                    19:0f:26:bc:d0:bf:fd:6c:6c:5a:d4:f5:c1:7d:11:
                    33:7f:ab:9d:40:66:9e:4f:96:24:86:8c:dc:b2:a7:
                    55:13:e1:de:37:ba:6f:48:8d:d9:dc:c0:e0:95:42:
                    87:18:59:e1:b8:0d:c4:77:40:67:fc:4d:d3:3a:b5:
                    d0:e1:18:b7:28:48:1e:3f:6e:8b:da:f4:7c:53:b5:
                    f8:1c:a0:b1:00:c1:18:73:c1:f4:6b:6f:da:a0:32:
                    62:56:37:92:cf:a6:d2:02:8c:1b:ed:65:0d:6e:cf:
                    d5:8e:cc:e9:5c:a4:50:58:be:af:9f:21:8e:0b:21:
                    ea:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:D0:CF:FB:52:90:39:4B:77:1A:D9:C9:D8:FA:6F:4F:4F:97:CA:EE
            X509v3 Authority Key Identifier:
                keyid:7B:34:77:C5:2A:AC:10:DA:C2:ED:D4:17:3A:B6:D9:4D:5E:24:DE:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ezR3xSqsENrC7dQXOrbZTV4k3vU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bca347-983a-4c1a-88b8-cc69a2386edc/1/ezR3xSqsENrC7dQXOrbZTV4k3vU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:a7:f8:6c:10:03:82:b8:cd:2d:26:3a:e2:d0:80:a8:a4:7c:
         d4:83:e7:25:5d:a6:4a:8d:70:c9:80:98:1c:82:4e:b7:12:cd:
         4f:b8:8f:d4:20:7b:f4:bd:38:e9:d5:4c:32:5e:95:58:c1:d3:
         80:1d:94:91:67:f8:a6:04:32:d9:b6:3b:3e:ee:13:2f:b2:12:
         bf:57:f0:3f:e6:4e:75:94:98:35:74:35:4c:f4:45:91:ad:0c:
         30:17:10:ce:0e:ca:9f:9e:f1:f4:c6:70:29:0f:fd:b7:39:0a:
         bc:b6:76:43:8f:df:c7:4a:22:e6:ec:c4:13:94:d0:88:87:9c:
         55:8f:6e:ea:9e:8e:d9:00:6b:74:ed:2c:fa:01:96:eb:9e:90:
         f9:24:84:fc:4e:b2:be:e0:d0:cf:d0:7a:92:36:47:48:ce:bc:
         11:82:9b:c5:94:8d:a2:3b:44:fc:fd:c9:88:7d:8a:3a:d4:1c:
         e3:18:1f:40:47:5b:ae:5e:96:e5:c1:ac:a5:60:6f:76:c7:b7:
         27:9b:e0:0e:b6:2e:26:77:b7:54:6a:08:2f:a8:94:36:85:d2:
         3a:53:01:23:b1:f0:32:c6:f2:fb:27:c6:ed:ba:52:e8:9c:cf:
         b0:18:56:d5:7d:30:6b:ea:5d:ed:8b:c9:47:98:90:0a:67:85:
         fc:23:82:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UjJbanu0Tldx24CEBGlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMzQ3N2M1MmFhYzEwZGFjMmVkZDQxNzNhYjZkOTRkNWUy
NGRlZjUwHhcNMjYwMzI5MDIwMDI2WhcNMjYwMzMwMDIwMDI2WjAzMTEwLwYDVQQD
EyhlY2QwY2ZmYjUyOTAzOTRiNzcxYWQ5YzlkOGZhNmY0ZjRmOTdjYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HC39rlwKiOr2ttY1Oz2y4ldfy3n
HSPh0c1NW+9GDeebZeT/QRi9AoGMsRkHYvpjv4PYpajDxhvfCkTRrY/7jyJYCtBK
Rnpioorjww88rbV16pyG8FPNBOK9fjPRbBJzLewgaioNx+oUCv2W4K2ZaLdFiFKb
pKTNoQDp1rjU6u+fgLMcFkcZDya80L/9bGxa1PXBfREzf6udQGaeT5YkhozcsqdV
E+HeN7pvSI3Z3MDglUKHGFnhuA3Ed0Bn/E3TOrXQ4Ri3KEgeP26L2vR8U7X4HKCx
AMEYc8H0a2/aoDJiVjeSz6bSAowb7WUNbs/VjszpXKRQWL6vnyGOCyHq4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzQz/tSkDlLdxrZydj6b09Pl8ruMB8GA1UdIwQY
MBaAFHs0d8UqrBDawu3UFzq22U1eJN71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXpSM3hTcXNFTnJDN2RRWE9yYlpUVjRrM3ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iY2EzNDctOTgzYS00YzFhLTg4Yjgt
Y2M2OWEyMzg2ZWRjLzEvZXpSM3hTcXNFTnJDN2RRWE9yYlpUVjRrM3ZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iY2EzNDctOTgzYS00YzFhLTg4YjgtY2M2OWEyMzg2ZWRj
LzEvZXpSM3hTcXNFTnJDN2RRWE9yYlpUVjRrM3ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM6f4bBAD
grjNLSY64tCAqKR81IPnJV2mSo1wyYCYHIJOtxLNT7iP1CB79L046dVMMl6VWMHT
gB2UkWf4pgQy2bY7Pu4TL7ISv1fwP+ZOdZSYNXQ1TPRFka0MMBcQzg7Kn57x9MZw
KQ/9tzkKvLZ2Q4/fx0oi5uzEE5TQiIecVY9u6p6O2QBrdO0s+gGW656Q+SSE/E6y
vuDQz9B6kjZHSM68EYKbxZSNojtE/P3JiH2KOtQc4xgfQEdbrl6W5cGspWBvdse3
J5vgDrYuJne3VGoIL6iUNoXSOlMBI7HwMsby+yfG7bpS6JzPsBhW1X0wa+pd7YvJ
R5iQCmeF/COCMg==
-----END CERTIFICATE-----