Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
File:                     7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft (raw, json)
Hash identifier:          pFDjCPxJuuP2QIPs0tYIrnMLj36H8+wMTv46i5x3Xcw=
Subject key identifier:   23:E5:39:7C:2C:5C:BB:B4:1C:30:0E:CD:15:A2:AB:5B:5B:DA:ED:2B
Authority key identifier: EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48
Certificate issuer:       /CN=ecf5d512f91044b786a15589a624a8d8cb929e48
Certificate serial:       019E2F97015A56F0D66C541CA9A4A5117A96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
Manifest number:          15C1
Signing time:             Sat 16 May 2026 07:01:25 +0000
Manifest this update:     Sat 16 May 2026 07:01:25 +0000
Manifest next update:     Sun 17 May 2026 07:01:25 +0000
Files and hashes:         1: 7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl (hash: hX/t2wJFer51fqc1xvNiNBfK5XKPK+qop/BfIAimlgk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:97:01:5a:56:f0:d6:6c:54:1c:a9:a4:a5:11:7a:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecf5d512f91044b786a15589a624a8d8cb929e48
        Validity
            Not Before: May 16 07:01:25 2026 GMT
            Not After : May 17 07:01:25 2026 GMT
        Subject: CN=23e5397c2c5cbbb41c300ecd15a2ab5b5bdaed2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:24:73:88:24:3b:06:e8:d9:3f:b1:2e:be:5f:
                    56:ab:ab:e9:39:c6:88:d3:23:77:c4:d3:92:d3:5c:
                    94:18:57:0f:09:7c:d9:25:89:ff:2b:32:a9:e4:43:
                    8e:c1:1f:12:9a:f6:c6:11:82:5a:5e:55:5e:ab:66:
                    77:25:82:3d:36:c2:b6:1b:67:80:6c:d2:2f:d5:ff:
                    b2:44:82:9a:fe:48:7e:c6:c2:ad:a4:3d:08:2f:75:
                    80:40:c3:70:72:5c:75:6e:df:ee:64:67:95:8d:ba:
                    1e:75:23:5d:fc:54:53:13:d7:8b:1b:7a:4b:b2:37:
                    a2:13:b5:1a:1c:96:71:01:7c:93:d9:3c:ae:d1:1a:
                    5a:97:72:c6:b7:4e:33:0b:6d:c9:f5:e0:57:ba:2e:
                    52:ca:81:32:66:d4:a5:0f:78:13:0c:2d:56:8f:e4:
                    ca:c4:d6:7a:03:42:11:fd:44:0e:b2:c5:1a:0b:31:
                    34:2b:3e:af:55:d0:bb:1b:60:bf:91:cd:98:df:93:
                    5f:a4:c6:89:cf:64:64:58:d0:94:3a:4b:b9:77:36:
                    8e:d9:cd:64:c7:28:5e:73:7e:d0:37:ea:73:e1:b8:
                    6f:0f:72:dc:7d:25:b3:ea:5d:05:25:4d:a5:02:a2:
                    1b:7c:f0:f4:b7:2b:19:10:bd:d1:b7:a5:50:fc:ee:
                    13:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:E5:39:7C:2C:5C:BB:B4:1C:30:0E:CD:15:A2:AB:5B:5B:DA:ED:2B
            X509v3 Authority Key Identifier:
                keyid:EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:18:32:69:64:a4:1a:96:98:ba:a1:18:89:6b:26:c7:84:11:
         e5:c0:eb:dd:18:92:94:8a:dd:92:88:83:50:90:79:5f:fd:1e:
         4e:db:13:cd:78:a6:dd:86:10:31:f4:9f:bc:67:bb:12:d9:99:
         d8:86:1c:43:2d:a7:2e:b9:86:be:7c:57:a8:68:c3:cf:50:d0:
         94:35:e0:7c:18:78:44:d2:25:6d:55:f9:a7:60:24:3d:ad:a9:
         db:3c:d4:2a:39:d1:9f:9c:98:a5:eb:54:98:7a:7c:23:f1:80:
         53:ac:35:72:90:c0:f8:22:a6:c6:76:1a:74:86:6a:4c:75:67:
         fe:f9:bd:44:28:bf:f7:65:0b:19:f7:22:2f:51:6e:3e:00:69:
         68:c6:86:87:05:e2:48:2c:13:7b:45:ec:11:0e:ed:d4:2d:ff:
         13:f4:2f:fd:58:c2:aa:81:e2:4c:44:48:34:74:89:01:d6:fd:
         fa:ce:b6:16:fe:8a:98:55:21:ea:3d:bc:c1:99:f1:d9:b5:c9:
         3b:76:d0:d1:14:e5:36:fd:07:b9:55:85:ad:fe:34:32:26:97:
         18:52:94:b2:d1:3b:bc:1a:62:33:a9:6d:ff:ec:93:9a:1b:9e:
         b4:2b:c7:ed:07:d4:6e:ef:72:99:0b:d5:51:a4:f3:bd:64:74:
         c1:d1:fb:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlwFaVvDWbFQcqaSlEXqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjVkNTEyZjkxMDQ0Yjc4NmExNTU4OWE2MjRhOGQ4Y2I5
MjllNDgwHhcNMjYwNTE2MDcwMTI1WhcNMjYwNTE3MDcwMTI1WjAzMTEwLwYDVQQD
EygyM2U1Mzk3YzJjNWNiYmI0MWMzMDBlY2QxNWEyYWI1YjViZGFlZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCRziCQ7BujZP7Euvl9Wq6vpOcaI
0yN3xNOS01yUGFcPCXzZJYn/KzKp5EOOwR8SmvbGEYJaXlVeq2Z3JYI9NsK2G2eA
bNIv1f+yRIKa/kh+xsKtpD0IL3WAQMNwclx1bt/uZGeVjboedSNd/FRTE9eLG3pL
sjeiE7UaHJZxAXyT2Tyu0Rpal3LGt04zC23J9eBXui5SyoEyZtSlD3gTDC1Wj+TK
xNZ6A0IR/UQOssUaCzE0Kz6vVdC7G2C/kc2Y35NfpMaJz2RkWNCUOku5dzaO2c1k
xyhec37QN+pz4bhvD3LcfSWz6l0FJU2lAqIbfPD0tysZEL3Rt6VQ/O4TzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPlOXwsXLu0HDAOzRWiq1tb2u0rMB8GA1UdIwQY
MBaAFOz11RL5EES3hqFViaYkqNjLkp5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUt
YzE0ODFkZjdkYTQxLzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUtYzE0ODFkZjdkYTQx
LzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYBgyaWSk
GpaYuqEYiWsmx4QR5cDr3RiSlIrdkoiDUJB5X/0eTtsTzXim3YYQMfSfvGe7EtmZ
2IYcQy2nLrmGvnxXqGjDz1DQlDXgfBh4RNIlbVX5p2AkPa2p2zzUKjnRn5yYpetU
mHp8I/GAU6w1cpDA+CKmxnYadIZqTHVn/vm9RCi/92ULGfciL1FuPgBpaMaGhwXi
SCwTe0XsEQ7t1C3/E/Qv/VjCqoHiTERINHSJAdb9+s62Fv6KmFUh6j28wZnx2bXJ
O3bQ0RTlNv0HuVWFrf40MiaXGFKUstE7vBpiM6lt/+yTmhuetCvH7QfUbu9ymQvV
UaTzvWR0wdH7KQ==
-----END CERTIFICATE-----