Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.mft
File:                     7zAIudH6IIoVT1hcruy7UsGyXOQ.mft (raw, json)
Hash identifier:          1Ri/0ZgD7mtEOpGAW9NPB0UCSoCmY6NpWP8JtU8yXGw=
Subject key identifier:   94:16:2A:58:89:37:13:F0:EE:14:3B:EC:A2:F1:81:AA:2D:8A:E2:E1
Authority key identifier: EF:30:08:B9:D1:FA:20:8A:15:4F:58:5C:AE:EC:BB:52:C1:B2:5C:E4
Certificate issuer:       /CN=ef3008b9d1fa208a154f585caeecbb52c1b25ce4
Certificate serial:       019D39E590C4CE7BB4A03445CCC484800A9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7zAIudH6IIoVT1hcruy7UsGyXOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.mft
Manifest number:          41
Signing time:             Sun 29 Mar 2026 14:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 14:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 14:00:39 +0000
Files and hashes:         1: 7zAIudH6IIoVT1hcruy7UsGyXOQ.crl (hash: UTdNA+MxBD2COcTQuFT9nVFB9MBX9R7duqyEX7hzsRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7zAIudH6IIoVT1hcruy7UsGyXOQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:e5:90:c4:ce:7b:b4:a0:34:45:cc:c4:84:80:0a:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef3008b9d1fa208a154f585caeecbb52c1b25ce4
        Validity
            Not Before: Mar 29 14:00:39 2026 GMT
            Not After : Mar 30 14:00:39 2026 GMT
        Subject: CN=94162a58893713f0ee143beca2f181aa2d8ae2e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c2:a7:30:d1:0a:92:83:a1:5e:19:4e:43:05:
                    be:fe:27:39:93:a1:67:56:c9:ce:cb:ac:8e:79:60:
                    98:06:9d:98:7c:70:ec:f2:95:5b:5f:52:bd:2c:5f:
                    cf:4a:8c:fc:62:8d:bd:f2:26:01:ed:b4:28:1c:3a:
                    f0:7b:35:8d:d1:24:3e:70:f2:6e:9c:bb:e7:87:ce:
                    a4:2e:05:bc:d9:18:ec:32:da:00:9d:6d:4e:7e:7e:
                    21:8d:8f:a8:7a:f3:ff:fd:f5:56:33:0a:dd:d2:97:
                    03:eb:9a:ef:a3:01:0d:46:3e:72:e9:06:52:73:2e:
                    7f:6d:10:b4:71:75:fb:40:df:35:0c:b1:ad:6a:19:
                    f9:1e:26:bb:a5:93:be:72:44:1f:17:22:1c:14:ef:
                    45:61:24:e6:12:40:e9:94:05:dc:dd:b9:29:05:f2:
                    9f:f7:06:40:f1:ff:fa:19:6f:7b:0c:05:3a:02:fd:
                    8d:ec:13:09:3a:ad:0a:fe:b2:35:57:5e:91:38:0e:
                    2a:fe:b0:82:80:8f:61:27:04:ed:b5:2b:f9:be:0b:
                    b0:20:cb:f8:90:9b:3a:26:59:d6:f2:34:ec:c0:0e:
                    2c:25:d1:f3:ae:10:27:dc:52:de:ce:29:5f:25:88:
                    d2:fd:57:7b:55:18:35:89:17:f2:c7:67:47:fb:e2:
                    8e:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:16:2A:58:89:37:13:F0:EE:14:3B:EC:A2:F1:81:AA:2D:8A:E2:E1
            X509v3 Authority Key Identifier:
                keyid:EF:30:08:B9:D1:FA:20:8A:15:4F:58:5C:AE:EC:BB:52:C1:B2:5C:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7zAIudH6IIoVT1hcruy7UsGyXOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:ce:17:2b:e3:c9:0f:e4:19:c0:81:80:85:6b:9a:82:df:87:
         9c:fa:9c:05:31:b4:97:4e:7f:58:0d:7b:94:a0:b0:fd:4f:97:
         95:f4:ed:3e:fa:96:e6:69:ce:89:5e:11:ef:9f:46:b1:5f:2d:
         15:63:b9:f1:9a:fc:d7:66:e7:58:87:01:bf:f1:ac:3c:4b:8a:
         82:3f:3e:39:da:37:11:96:3e:d1:8f:6d:c9:db:49:1b:32:09:
         8d:98:b1:14:2a:05:ed:91:9b:52:2d:c8:07:f9:d0:b3:37:d3:
         39:1c:59:1d:dd:f2:6d:d7:aa:17:40:63:97:be:38:23:da:98:
         8b:be:88:3d:8a:34:09:69:ff:e8:88:62:d1:ee:8b:39:a5:e3:
         13:8e:c8:68:d1:a7:69:a8:fd:b0:a7:8d:fb:7a:25:78:06:6d:
         d0:1c:71:a3:d4:e4:20:03:b1:70:94:3f:5b:53:60:68:3b:12:
         c9:a8:04:52:ff:53:27:fb:e1:a6:28:ec:e6:67:27:19:e5:82:
         15:5b:0a:91:3b:2f:69:01:70:66:4f:42:5f:ba:bd:85:11:f8:
         0c:28:85:aa:55:cb:d2:0d:d9:5d:90:f2:6b:78:f0:06:e4:d7:
         87:f3:c0:21:f6:ef:3e:45:4c:a4:f0:51:ca:d5:7a:6e:1e:30:
         5d:88:11:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055ZDEznu0oDRFzMSEgAqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMzAwOGI5ZDFmYTIwOGExNTRmNTg1Y2FlZWNiYjUyYzFi
MjVjZTQwHhcNMjYwMzI5MTQwMDM5WhcNMjYwMzMwMTQwMDM5WjAzMTEwLwYDVQQD
Eyg5NDE2MmE1ODg5MzcxM2YwZWUxNDNiZWNhMmYxODFhYTJkOGFlMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsKnMNEKkoOhXhlOQwW+/ic5k6Fn
VsnOy6yOeWCYBp2YfHDs8pVbX1K9LF/PSoz8Yo298iYB7bQoHDrwezWN0SQ+cPJu
nLvnh86kLgW82RjsMtoAnW1Ofn4hjY+oevP//fVWMwrd0pcD65rvowENRj5y6QZS
cy5/bRC0cXX7QN81DLGtahn5Hia7pZO+ckQfFyIcFO9FYSTmEkDplAXc3bkpBfKf
9wZA8f/6GW97DAU6Av2N7BMJOq0K/rI1V16ROA4q/rCCgI9hJwTttSv5vguwIMv4
kJs6JlnW8jTswA4sJdHzrhAn3FLezilfJYjS/Vd7VRg1iRfyx2dH++KOUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQWKliJNxPw7hQ77KLxgaotiuLhMB8GA1UdIwQY
MBaAFO8wCLnR+iCKFU9YXK7su1LBslzkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3pBSXVkSDZJSW9WVDFoY3J1eTdVc0d5WE9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC80MDg5Y2QtNWJhMC00ODNjLTg4M2Qt
YzhjMGZmNTVmNTJkLzEvN3pBSXVkSDZJSW9WVDFoY3J1eTdVc0d5WE9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC80MDg5Y2QtNWJhMC00ODNjLTg4M2QtYzhjMGZmNTVmNTJk
LzEvN3pBSXVkSDZJSW9WVDFoY3J1eTdVc0d5WE9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArM4XK+PJ
D+QZwIGAhWuagt+HnPqcBTG0l05/WA17lKCw/U+XlfTtPvqW5mnOiV4R759GsV8t
FWO58Zr812bnWIcBv/GsPEuKgj8+Odo3EZY+0Y9tydtJGzIJjZixFCoF7ZGbUi3I
B/nQszfTORxZHd3ybdeqF0Bjl744I9qYi76IPYo0CWn/6Ihi0e6LOaXjE47IaNGn
aaj9sKeN+3oleAZt0Bxxo9TkIAOxcJQ/W1NgaDsSyagEUv9TJ/vhpijs5mcnGeWC
FVsKkTsvaQFwZk9CX7q9hRH4DCiFqlXL0g3ZXZDya3jwBuTXh/PAIfbvPkVMpPBR
ytV6bh4wXYgRqQ==
-----END CERTIFICATE-----