Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft
File:                     R7cYcu1kXJZm1VEavHjwfE06uKw.mft (raw, json)
Hash identifier:          uaAZroAue8GjR2GyGA2WQan0NW7+rMmOc0RUagrzvII=
Subject key identifier:   B5:F8:CE:20:4A:64:43:7B:E0:3B:E0:94:AE:97:AB:42:27:33:47:3C
Authority key identifier: 47:B7:18:72:ED:64:5C:96:66:D5:51:1A:BC:78:F0:7C:4D:3A:B8:AC
Certificate issuer:       /CN=47b71872ed645c9666d5511abc78f07c4d3ab8ac
Certificate serial:       019D39E56A972172FF1AB3C881FF0F26AFFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R7cYcu1kXJZm1VEavHjwfE06uKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft
Manifest number:          0534
Signing time:             Sun 29 Mar 2026 14:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 14:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 14:00:29 +0000
Files and hashes:         1: R7cYcu1kXJZm1VEavHjwfE06uKw.crl (hash: bA6R5K7BstirTDdFTTZYzQ5hOG2rUT855WztYgMWArE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R7cYcu1kXJZm1VEavHjwfE06uKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 14:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:e5:6a:97:21:72:ff:1a:b3:c8:81:ff:0f:26:af:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47b71872ed645c9666d5511abc78f07c4d3ab8ac
        Validity
            Not Before: Mar 29 14:00:29 2026 GMT
            Not After : Mar 30 14:00:29 2026 GMT
        Subject: CN=b5f8ce204a64437be03be094ae97ab422733473c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:8c:e5:0b:11:0a:ba:b8:9d:f3:d9:7a:1d:fe:
                    79:75:25:5b:39:90:18:78:26:1b:2a:8c:2d:9a:6f:
                    58:d1:fb:3b:ca:6d:e5:3e:bb:91:d4:2b:a5:58:12:
                    29:66:49:0d:87:1d:e5:0e:fc:69:84:f4:d9:12:89:
                    62:b8:0d:84:ce:d2:92:d4:4a:2c:08:8b:e4:08:1d:
                    b7:e5:31:dd:c3:c0:9d:88:73:35:d5:36:d1:49:15:
                    1e:30:48:29:a3:5f:4b:42:40:62:0e:87:04:09:1b:
                    85:7d:fa:b6:c0:19:5e:26:12:9e:4a:15:cb:21:5f:
                    36:27:22:78:77:a4:91:02:7f:8c:29:6e:36:dd:3c:
                    a3:59:92:d8:10:dc:02:b0:41:25:ea:05:ce:fc:06:
                    52:2c:2c:5e:42:66:f8:68:26:66:58:65:b5:d1:b7:
                    e5:a8:e0:7f:9b:94:26:ea:6f:15:11:cd:b5:56:ff:
                    33:53:db:fe:77:47:f3:c0:8b:07:85:57:b0:c4:d6:
                    3f:ee:3e:9b:b8:66:8d:b1:62:fd:c8:4d:39:b4:df:
                    f5:c4:f1:5f:30:11:13:40:9f:e0:87:a7:12:af:79:
                    e3:0c:ee:a6:65:9b:80:68:9d:e2:a8:f1:da:95:30:
                    6d:0d:0d:eb:f6:fa:fe:0b:e2:c4:7f:a2:ac:61:d4:
                    92:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:F8:CE:20:4A:64:43:7B:E0:3B:E0:94:AE:97:AB:42:27:33:47:3C
            X509v3 Authority Key Identifier:
                keyid:47:B7:18:72:ED:64:5C:96:66:D5:51:1A:BC:78:F0:7C:4D:3A:B8:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7cYcu1kXJZm1VEavHjwfE06uKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:ec:4c:7b:5e:25:da:e5:74:77:2b:3d:ac:ce:61:bf:de:07:
         a4:44:51:7b:1f:2b:f9:4d:d1:0e:bf:0b:ca:6d:ae:07:ec:df:
         04:b9:1b:65:80:67:28:d6:b4:a9:64:4c:0f:48:d5:0b:93:3f:
         8d:5a:78:d8:17:08:85:fa:f1:d6:b0:1f:10:e7:f3:41:de:81:
         6b:0f:52:97:6d:85:fc:48:8f:35:84:40:5c:3b:46:35:ac:05:
         2a:20:1b:4a:ab:5c:43:9e:65:19:55:40:21:55:30:fb:13:13:
         c9:22:be:b3:67:6b:e7:ef:c6:e9:9f:99:45:30:18:dc:ba:57:
         4e:0e:db:9c:a3:64:9f:d3:38:d4:a0:8c:63:ab:fa:5c:82:f6:
         ab:fc:d2:29:91:7e:43:81:72:1f:b3:7c:5d:d7:27:a2:b5:da:
         c9:9b:f9:0d:12:e1:04:f6:be:54:d6:1d:d5:54:71:6b:4a:27:
         8d:8b:d3:fd:ef:bd:42:bb:37:c7:dd:00:c4:8b:16:8c:37:83:
         10:8e:f3:54:ec:2a:b1:b8:76:55:70:a6:6a:90:24:8c:48:ac:
         0c:71:02:9f:cb:75:3f:17:bd:f1:f3:fc:b5:42:e0:79:93:b6:
         05:38:56:98:e7:55:2a:71:04:e7:37:b9:dd:fa:1e:60:6f:50:
         c9:29:05:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055WqXIXL/GrPIgf8PJq//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjcxODcyZWQ2NDVjOTY2NmQ1NTExYWJjNzhmMDdjNGQz
YWI4YWMwHhcNMjYwMzI5MTQwMDI5WhcNMjYwMzMwMTQwMDI5WjAzMTEwLwYDVQQD
EyhiNWY4Y2UyMDRhNjQ0MzdiZTAzYmUwOTRhZTk3YWI0MjI3MzM0NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4zlCxEKurid89l6Hf55dSVbOZAY
eCYbKowtmm9Y0fs7ym3lPruR1CulWBIpZkkNhx3lDvxphPTZEoliuA2EztKS1Eos
CIvkCB235THdw8CdiHM11TbRSRUeMEgpo19LQkBiDocECRuFffq2wBleJhKeShXL
IV82JyJ4d6SRAn+MKW423TyjWZLYENwCsEEl6gXO/AZSLCxeQmb4aCZmWGW10bfl
qOB/m5Qm6m8VEc21Vv8zU9v+d0fzwIsHhVewxNY/7j6buGaNsWL9yE05tN/1xPFf
MBETQJ/gh6cSr3njDO6mZZuAaJ3iqPHalTBtDQ3r9vr+C+LEf6KsYdSSMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLX4ziBKZEN74DvglK6Xq0InM0c8MB8GA1UdIwQY
MBaAFEe3GHLtZFyWZtVRGrx48HxNOrisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdjWWN1MWtYSlptMVZFYXZIandmRTA2dUt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85MDliN2ItZDQxMy00MmUxLWE2MGEt
ZWM4NGRkNWM2OWJmLzEvUjdjWWN1MWtYSlptMVZFYXZIandmRTA2dUt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85MDliN2ItZDQxMy00MmUxLWE2MGEtZWM4NGRkNWM2OWJm
LzEvUjdjWWN1MWtYSlptMVZFYXZIandmRTA2dUt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHOxMe14l
2uV0dys9rM5hv94HpERRex8r+U3RDr8Lym2uB+zfBLkbZYBnKNa0qWRMD0jVC5M/
jVp42BcIhfrx1rAfEOfzQd6Baw9Sl22F/EiPNYRAXDtGNawFKiAbSqtcQ55lGVVA
IVUw+xMTySK+s2dr5+/G6Z+ZRTAY3LpXTg7bnKNkn9M41KCMY6v6XIL2q/zSKZF+
Q4FyH7N8XdcnorXayZv5DRLhBPa+VNYd1VRxa0onjYvT/e+9Qrs3x90AxIsWjDeD
EI7zVOwqsbh2VXCmapAkjEisDHECn8t1Pxe98fP8tULgeZO2BThWmOdVKnEE5ze5
3foeYG9QySkFZQ==
-----END CERTIFICATE-----