Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          ZRRiYx3hrxnoanpShqMKXUV+g/ODlsTO0pxrSGZm4JA=
Subject key identifier:   F4:80:DC:B6:D2:1C:D1:D5:48:C6:B6:0A:39:F4:43:D9:D1:09:D1:DC
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       019E2F9657725CE413AAB0AEDA7CD12BD16F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          0BF0
Signing time:             Sat 16 May 2026 07:00:42 +0000
Manifest this update:     Sat 16 May 2026 07:00:42 +0000
Manifest next update:     Sun 17 May 2026 07:00:42 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: rlYiv2XnL+LppSKMInbFjuii//I1Bw/H8WO8pRcbhv4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:57:72:5c:e4:13:aa:b0:ae:da:7c:d1:2b:d1:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: May 16 07:00:42 2026 GMT
            Not After : May 17 07:00:42 2026 GMT
        Subject: CN=f480dcb6d21cd1d548c6b60a39f443d9d109d1dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ee:05:d8:61:b0:c7:cf:41:76:4b:92:8b:c1:
                    64:66:e6:2b:cc:61:2c:b5:05:6b:75:3c:25:48:0d:
                    95:41:e6:6d:5e:23:ff:bb:7b:7e:07:b7:a2:3d:f9:
                    43:66:f2:1a:60:9c:d4:7d:e2:f0:18:a0:70:6a:be:
                    53:d8:24:ef:4e:a0:9c:1c:69:ec:9f:59:10:57:f8:
                    41:c6:de:ac:5a:15:5c:ac:f9:6b:c9:19:43:b7:cc:
                    f8:4b:74:48:3d:d0:02:b0:06:a5:70:1b:8f:1b:63:
                    c9:3f:cf:58:dd:fe:75:e7:90:f8:e2:78:70:72:d0:
                    fe:bd:25:85:f6:97:12:b7:94:9c:fe:3d:17:a6:2c:
                    3a:1b:98:1a:f6:3e:36:a6:4e:72:d2:49:5f:9e:84:
                    23:e7:9d:e9:e9:d8:f0:69:f4:af:6c:42:78:80:7f:
                    7b:a7:f5:85:07:cd:26:0d:bc:2c:b6:96:e6:fe:0e:
                    92:18:9f:b4:a7:4e:a3:c8:30:c5:f4:5f:49:f7:4b:
                    5e:19:4a:79:48:29:c9:a9:3d:dc:a2:7a:39:20:23:
                    33:67:ce:2a:31:91:a2:b1:94:88:3c:bc:94:42:09:
                    9f:fa:e9:a6:8e:49:18:1b:e6:87:1c:a9:29:ce:89:
                    0a:8e:f7:16:93:f7:f2:7f:a6:6a:4c:a3:87:33:f2:
                    c1:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:80:DC:B6:D2:1C:D1:D5:48:C6:B6:0A:39:F4:43:D9:D1:09:D1:DC
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:d9:46:36:63:95:fa:d3:09:d4:98:1f:f3:61:49:a7:6b:94:
         dd:e9:7a:da:40:04:a7:f2:db:a4:ac:65:af:e5:05:bc:37:40:
         03:2e:4a:0d:c8:03:e9:80:d2:d4:a7:48:56:e1:e2:f3:05:fb:
         bb:00:c0:a2:e7:34:7c:68:2f:fd:88:8b:c0:ad:79:1a:b9:c6:
         ee:96:4e:05:48:7b:06:25:8f:a0:4c:56:46:67:37:7a:6f:d1:
         d2:91:06:3c:c7:74:b4:af:21:e0:ab:e6:bb:16:8d:f3:bf:e9:
         e3:be:d5:27:75:95:08:6b:e1:22:70:f0:da:a5:55:23:36:0f:
         d0:27:cb:5c:af:0b:4e:8d:bd:94:b1:f4:d7:e3:d5:a3:d4:69:
         af:fa:f6:f4:2c:87:2c:79:20:fe:ae:70:40:9e:ca:a7:e1:29:
         71:86:f0:d4:3b:62:72:d0:1f:2a:7b:4c:0c:15:c1:94:49:15:
         14:72:36:07:bb:eb:22:67:08:f0:dc:64:b7:f9:91:9e:a0:5f:
         af:62:78:f0:71:7f:c4:19:69:42:a5:b9:85:9a:09:bc:22:87:
         d7:1a:a6:b9:24:63:6a:6a:c8:18:0f:9a:0f:40:62:6a:77:56:
         5c:e2:0d:73:c1:2d:c9:ad:e3:f3:ed:64:df:ed:8c:d5:cd:1c:
         5e:c6:34:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlldyXOQTqrCu2nzRK9FvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjYwNTE2MDcwMDQyWhcNMjYwNTE3MDcwMDQyWjAzMTEwLwYDVQQD
EyhmNDgwZGNiNmQyMWNkMWQ1NDhjNmI2MGEzOWY0NDNkOWQxMDlkMWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+4F2GGwx89BdkuSi8FkZuYrzGEs
tQVrdTwlSA2VQeZtXiP/u3t+B7eiPflDZvIaYJzUfeLwGKBwar5T2CTvTqCcHGns
n1kQV/hBxt6sWhVcrPlryRlDt8z4S3RIPdACsAalcBuPG2PJP89Y3f5155D44nhw
ctD+vSWF9pcSt5Sc/j0Xpiw6G5ga9j42pk5y0klfnoQj553p6djwafSvbEJ4gH97
p/WFB80mDbwstpbm/g6SGJ+0p06jyDDF9F9J90teGUp5SCnJqT3cono5ICMzZ84q
MZGisZSIPLyUQgmf+ummjkkYG+aHHKkpzokKjvcWk/fyf6ZqTKOHM/LBZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSA3LbSHNHVSMa2Cjn0Q9nRCdHcMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgdlGNmOV
+tMJ1Jgf82FJp2uU3el62kAEp/LbpKxlr+UFvDdAAy5KDcgD6YDS1KdIVuHi8wX7
uwDAouc0fGgv/YiLwK15GrnG7pZOBUh7BiWPoExWRmc3em/R0pEGPMd0tK8h4Kvm
uxaN87/p477VJ3WVCGvhInDw2qVVIzYP0CfLXK8LTo29lLH01+PVo9Rpr/r29CyH
LHkg/q5wQJ7Kp+EpcYbw1DtictAfKntMDBXBlEkVFHI2B7vrImcI8Nxkt/mRnqBf
r2J48HF/xBlpQqW5hZoJvCKH1xqmuSRjamrIGA+aD0BiandWXOINc8Etya3j8+1k
3+2M1c0cXsY0jA==
-----END CERTIFICATE-----