Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
File:                     e9g2worwknoDVYYlrt9v14ekkFw.mft (raw, json)
Hash identifier:          DCTtbTFWYB5X7zLMmvFktM/4+sFe68P9WSWJv8TSGak=
Subject key identifier:   80:40:4D:64:C7:6B:B7:10:16:7C:E2:91:0B:B1:AB:B4:CF:2F:31:21
Authority key identifier: 7B:D8:36:C2:8A:F0:92:7A:03:55:86:25:AE:DF:6F:D7:87:A4:90:5C
Certificate issuer:       /CN=7bd836c28af0927a03558625aedf6fd787a4905c
Certificate serial:       019D3A5372EAC527AD9BB84910CCDCD195BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
Manifest number:          17CA
Signing time:             Sun 29 Mar 2026 16:00:40 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:40 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:40 +0000
Files and hashes:         1: e9g2worwknoDVYYlrt9v14ekkFw.crl (hash: 2TKv2dsc+5q6Jr/A1T93wUhBu3MNmUZ52cxDgC6wpAM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:72:ea:c5:27:ad:9b:b8:49:10:cc:dc:d1:95:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bd836c28af0927a03558625aedf6fd787a4905c
        Validity
            Not Before: Mar 29 16:00:40 2026 GMT
            Not After : Mar 30 16:00:40 2026 GMT
        Subject: CN=80404d64c76bb710167ce2910bb1abb4cf2f3121
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:9a:c0:eb:4f:8b:aa:1b:f3:07:7d:f4:7e:b1:
                    d7:7c:90:3d:d2:6d:80:9e:29:f0:5e:df:94:41:5d:
                    2b:2a:c6:92:ec:dd:a0:84:15:c4:a2:a8:66:dc:6d:
                    f5:96:5c:11:4c:41:83:72:8a:86:6f:b5:e9:40:f8:
                    d4:ac:1c:7d:ef:e7:7b:ff:5e:ee:25:f2:22:c4:1f:
                    07:4c:69:42:d9:a9:89:f7:0a:df:3e:56:5a:db:7a:
                    45:1b:79:de:99:31:6e:c2:20:1c:83:4a:58:41:e5:
                    5e:4b:08:c8:c9:70:0c:b0:a6:87:34:70:d7:b5:b3:
                    a2:e4:9d:8b:7c:ca:07:32:45:fb:e4:86:bd:91:a9:
                    61:65:81:18:3b:70:06:62:e2:b8:42:52:0e:41:27:
                    2d:d3:a7:75:55:3e:7e:75:fc:3b:52:30:64:2c:2b:
                    39:4d:48:b6:1b:fe:a3:a4:5e:55:c5:fd:b6:c3:b8:
                    98:77:35:ac:b4:a8:9f:7b:7f:b4:3a:47:1f:c5:a3:
                    57:27:d4:cf:81:e4:e8:a2:f2:24:cd:0a:bd:04:90:
                    85:e3:4f:8e:1a:98:f7:4c:43:1b:aa:fb:cd:69:d9:
                    8f:10:a9:c9:c5:55:e9:14:ba:cb:78:74:b3:ad:4c:
                    bd:7e:98:af:04:39:a1:fb:5c:94:34:38:bf:da:ba:
                    b3:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:40:4D:64:C7:6B:B7:10:16:7C:E2:91:0B:B1:AB:B4:CF:2F:31:21
            X509v3 Authority Key Identifier:
                keyid:7B:D8:36:C2:8A:F0:92:7A:03:55:86:25:AE:DF:6F:D7:87:A4:90:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:e8:0e:26:50:09:85:7b:fe:82:f2:a7:6a:37:3b:80:90:63:
         ff:e2:80:d8:e0:54:c9:ff:69:16:cb:d7:6d:2a:8e:0e:d2:3e:
         02:29:16:35:98:b8:d1:49:9d:ab:49:e8:08:6d:6c:e2:2c:b4:
         b1:d2:2f:fb:d9:39:1e:db:30:ad:71:0a:af:bd:01:5e:e8:97:
         e0:b9:d5:97:ad:c3:e3:38:77:0a:73:fd:49:94:5e:c7:cc:51:
         94:9b:bd:47:74:a2:76:78:37:03:62:4f:24:1d:b4:ce:5c:54:
         42:a9:1e:81:b8:8d:9d:90:01:b7:a1:51:8f:45:d5:79:a3:71:
         d8:52:ae:0e:1d:af:e9:da:77:3e:f5:5b:51:6a:4e:28:67:de:
         e9:80:0e:8b:e6:de:26:e8:ec:d6:c7:bc:3d:8b:68:1d:2e:6e:
         b6:94:e3:fb:ae:0f:2a:a9:a1:ae:55:14:5d:89:42:3b:74:4f:
         48:10:87:bb:25:a5:df:23:7d:13:ec:1b:87:14:28:bc:d8:96:
         7b:ea:43:51:f2:89:64:94:aa:0b:8d:7e:00:6f:d8:af:66:74:
         2c:58:ee:a9:fe:95:45:b8:3e:e6:21:9a:a7:a0:d1:3c:d3:6e:
         fa:04:13:1d:05:0b:40:09:97:9e:d8:22:7f:84:f9:77:e6:c6:
         6b:9b:c3:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U3LqxSetm7hJEMzc0ZW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZDgzNmMyOGFmMDkyN2EwMzU1ODYyNWFlZGY2ZmQ3ODdh
NDkwNWMwHhcNMjYwMzI5MTYwMDQwWhcNMjYwMzMwMTYwMDQwWjAzMTEwLwYDVQQD
Eyg4MDQwNGQ2NGM3NmJiNzEwMTY3Y2UyOTEwYmIxYWJiNGNmMmYzMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkprA60+LqhvzB330frHXfJA90m2A
ninwXt+UQV0rKsaS7N2ghBXEoqhm3G31llwRTEGDcoqGb7XpQPjUrBx97+d7/17u
JfIixB8HTGlC2amJ9wrfPlZa23pFG3nemTFuwiAcg0pYQeVeSwjIyXAMsKaHNHDX
tbOi5J2LfMoHMkX75Ia9kalhZYEYO3AGYuK4QlIOQSct06d1VT5+dfw7UjBkLCs5
TUi2G/6jpF5Vxf22w7iYdzWstKife3+0OkcfxaNXJ9TPgeToovIkzQq9BJCF40+O
Gpj3TEMbqvvNadmPEKnJxVXpFLrLeHSzrUy9fpivBDmh+1yUNDi/2rqzmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIBATWTHa7cQFnzikQuxq7TPLzEhMB8GA1UdIwQY
MBaAFHvYNsKK8JJ6A1WGJa7fb9eHpJBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kZjcxNWItNzlhNi00NGE5LWFjOTct
YWRiMzE0YTU3NTNjLzEvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kZjcxNWItNzlhNi00NGE5LWFjOTctYWRiMzE0YTU3NTNj
LzEvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApegOJlAJ
hXv+gvKnajc7gJBj/+KA2OBUyf9pFsvXbSqODtI+AikWNZi40Umdq0noCG1s4iy0
sdIv+9k5HtswrXEKr70BXuiX4LnVl63D4zh3CnP9SZRex8xRlJu9R3Sidng3A2JP
JB20zlxUQqkegbiNnZABt6FRj0XVeaNx2FKuDh2v6dp3PvVbUWpOKGfe6YAOi+be
Jujs1se8PYtoHS5utpTj+64PKqmhrlUUXYlCO3RPSBCHuyWl3yN9E+wbhxQovNiW
e+pDUfKJZJSqC41+AG/Yr2Z0LFjuqf6VRbg+5iGap6DRPNNu+gQTHQULQAmXntgi
f4T5d+bGa5vDEw==
-----END CERTIFICATE-----