Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
File:                     eYCaQAStlYNQpkbViavLPP3z7S4.mft (raw, json)
Hash identifier:          s4etSoIyL4W0jls78CfE7n0a/mQ9rgiXVVr/HSsROcY=
Subject key identifier:   CF:7C:BB:FF:92:DA:E6:9F:96:7B:50:D0:7B:75:DD:79:E3:0B:CB:F9
Authority key identifier: 79:80:9A:40:04:AD:95:83:50:A6:46:D5:89:AB:CB:3C:FD:F3:ED:2E
Certificate issuer:       /CN=79809a4004ad958350a646d589abcb3cfdf3ed2e
Certificate serial:       019D3941217F6DC5C79E5D46E0EE6BB0952E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
Manifest number:          0A12
Signing time:             Sun 29 Mar 2026 11:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:02 +0000
Files and hashes:         1: eYCaQAStlYNQpkbViavLPP3z7S4.crl (hash: Qfzm6Uf4TSFd+f/AgEmyry42s9VSiqLGEqj1h7qlJ+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 11:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:21:7f:6d:c5:c7:9e:5d:46:e0:ee:6b:b0:95:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79809a4004ad958350a646d589abcb3cfdf3ed2e
        Validity
            Not Before: Mar 29 11:01:02 2026 GMT
            Not After : Mar 30 11:01:02 2026 GMT
        Subject: CN=cf7cbbff92dae69f967b50d07b75dd79e30bcbf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:dd:b8:95:f9:bf:26:4c:b3:84:b0:4d:f8:55:
                    2e:41:c1:e2:9c:02:87:dd:76:ce:b1:c4:cb:4b:e8:
                    61:63:a6:c5:9f:e7:92:7a:83:fc:13:db:af:73:3a:
                    c4:f7:6e:98:55:30:37:47:e8:c9:bd:59:cd:c0:2a:
                    3d:1a:88:f2:80:5e:22:f9:48:1e:be:5a:6b:ef:04:
                    bb:8e:36:05:8a:08:ba:e7:19:93:4a:c6:f0:a8:d9:
                    b3:ab:e4:0f:b3:ae:47:e2:69:b9:ad:eb:95:01:48:
                    47:38:41:bb:b8:3d:b6:15:97:d4:9d:b4:c2:66:db:
                    8e:bd:de:60:86:9a:99:12:5d:3c:a3:b3:39:10:04:
                    30:72:f4:ba:57:78:f7:07:94:e2:36:a9:2c:5b:b3:
                    dc:57:d7:71:9f:8c:c5:af:20:6e:bf:4a:75:4a:08:
                    45:e0:03:70:89:d5:48:1d:1d:79:06:b5:ff:c8:9b:
                    7a:44:be:e0:da:81:f4:95:63:17:57:50:cd:22:da:
                    d1:eb:38:8d:fb:bf:b7:4d:ba:ae:6c:20:36:a2:bb:
                    16:e3:27:c4:01:3d:61:6b:75:c9:fb:6a:92:df:b8:
                    c4:99:00:0f:76:99:eb:ba:56:09:09:81:03:aa:22:
                    38:89:96:f6:85:96:57:5f:7e:f1:a2:e1:40:ba:25:
                    00:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:7C:BB:FF:92:DA:E6:9F:96:7B:50:D0:7B:75:DD:79:E3:0B:CB:F9
            X509v3 Authority Key Identifier:
                keyid:79:80:9A:40:04:AD:95:83:50:A6:46:D5:89:AB:CB:3C:FD:F3:ED:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:81:4c:79:84:c7:2d:59:4c:6d:41:17:92:87:fb:ac:93:ed:
         4e:5a:7c:ba:a3:c7:13:0f:29:7a:a3:c9:6e:5f:a4:67:21:18:
         54:97:3b:ed:f3:3c:30:09:8e:54:68:b2:91:50:66:de:60:09:
         a1:df:aa:68:d4:78:8a:1a:84:28:06:22:e6:14:de:44:95:8f:
         ae:12:da:43:cf:e2:79:a8:93:24:b1:8e:99:2b:4b:99:c8:c3:
         de:9e:ee:eb:e8:d9:db:cc:fa:a6:55:7e:41:c8:19:d4:a6:1d:
         18:4b:7f:58:72:d2:c3:40:96:22:2d:86:76:60:4b:56:58:e5:
         4f:f1:3f:47:4e:e2:fe:03:70:10:55:8b:11:2c:64:32:62:c9:
         1a:38:91:08:ae:44:62:25:90:a4:83:1c:b7:9c:25:6e:df:20:
         22:8c:03:44:07:31:77:63:66:44:da:dd:aa:bc:06:20:83:1f:
         a3:9f:d4:59:11:31:ef:60:d3:71:13:b2:5b:0e:4f:1a:4e:1d:
         3d:59:16:14:27:39:b3:8a:fe:9d:1f:95:69:88:b5:e1:54:6a:
         2e:d4:55:1f:ee:9a:6e:57:9f:fc:5d:53:ed:32:83:53:10:45:
         d1:04:46:6f:55:ec:9e:52:44:bc:f4:ef:3d:b1:79:29:b2:b9:
         82:09:d0:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QSF/bcXHnl1G4O5rsJUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ODA5YTQwMDRhZDk1ODM1MGE2NDZkNTg5YWJjYjNjZmRm
M2VkMmUwHhcNMjYwMzI5MTEwMTAyWhcNMjYwMzMwMTEwMTAyWjAzMTEwLwYDVQQD
EyhjZjdjYmJmZjkyZGFlNjlmOTY3YjUwZDA3Yjc1ZGQ3OWUzMGJjYmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxN24lfm/JkyzhLBN+FUuQcHinAKH
3XbOscTLS+hhY6bFn+eSeoP8E9uvczrE926YVTA3R+jJvVnNwCo9GojygF4i+Uge
vlpr7wS7jjYFigi65xmTSsbwqNmzq+QPs65H4mm5reuVAUhHOEG7uD22FZfUnbTC
ZtuOvd5ghpqZEl08o7M5EAQwcvS6V3j3B5TiNqksW7PcV9dxn4zFryBuv0p1SghF
4ANwidVIHR15BrX/yJt6RL7g2oH0lWMXV1DNItrR6ziN+7+3TbqubCA2orsW4yfE
AT1ha3XJ+2qS37jEmQAPdpnrulYJCYEDqiI4iZb2hZZXX37xouFAuiUAOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM98u/+S2uaflntQ0Ht13XnjC8v5MB8GA1UdIwQY
MBaAFHmAmkAErZWDUKZG1Ymryzz98+0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81YjQ1ZjgtOWEzMC00MWQzLWI2MTEt
ZDVhYTY0NzdlZmRlLzEvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81YjQ1ZjgtOWEzMC00MWQzLWI2MTEtZDVhYTY0NzdlZmRl
LzEvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUoFMeYTH
LVlMbUEXkof7rJPtTlp8uqPHEw8peqPJbl+kZyEYVJc77fM8MAmOVGiykVBm3mAJ
od+qaNR4ihqEKAYi5hTeRJWPrhLaQ8/ieaiTJLGOmStLmcjD3p7u6+jZ28z6plV+
QcgZ1KYdGEt/WHLSw0CWIi2GdmBLVljlT/E/R07i/gNwEFWLESxkMmLJGjiRCK5E
YiWQpIMct5wlbt8gIowDRAcxd2NmRNrdqrwGIIMfo5/UWREx72DTcROyWw5PGk4d
PVkWFCc5s4r+nR+VaYi14VRqLtRVH+6ablef/F1T7TKDUxBF0QRGb1XsnlJEvPTv
PbF5KbK5ggnQlg==
-----END CERTIFICATE-----