Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          w4GL9Nd+iwWr3PmanXsDDjsO+9rFQ4/ZGzo6fk9phrg=
Subject key identifier:   2B:22:CD:24:F5:00:6E:2C:96:9F:53:06:B8:70:07:47:4B:2B:86:57
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       019D3A5404D1A909FE6E6316CE6889C7057D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          0B71
Signing time:             Sun 29 Mar 2026 16:01:17 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:17 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:17 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: EZmOJs20zjha3pNp/s5fIvR3rx0ZADsMRtgY8WLxrsQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:04:d1:a9:09:fe:6e:63:16:ce:68:89:c7:05:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: Mar 29 16:01:17 2026 GMT
            Not After : Mar 30 16:01:17 2026 GMT
        Subject: CN=2b22cd24f5006e2c969f5306b87007474b2b8657
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:9c:9c:67:a0:05:88:cb:67:4a:ac:4f:5c:0e:
                    a6:68:07:1c:9d:ea:28:00:52:e2:6b:2e:14:16:86:
                    dd:c7:78:ae:00:64:88:02:3f:e2:90:09:a2:0f:9b:
                    94:58:18:c7:48:28:75:e5:dd:2f:19:e7:5a:fd:2e:
                    41:2d:cb:3d:70:b1:a6:88:b7:4b:64:1f:b8:68:72:
                    5b:22:4e:19:49:ab:ba:57:90:d4:e7:92:32:c1:06:
                    99:99:03:5e:aa:49:20:6a:05:af:86:f8:58:47:62:
                    e2:91:06:d5:c5:5c:38:e9:b8:88:5a:d7:4e:60:2f:
                    cb:00:f2:ec:dd:cb:70:96:87:04:99:97:c0:74:69:
                    10:44:39:85:89:72:2a:f4:19:10:a0:13:8d:7e:b5:
                    38:1a:88:d7:58:12:21:37:29:ce:c6:08:82:d3:cc:
                    95:c6:50:4f:07:9a:16:25:d0:b4:06:a4:09:d8:aa:
                    94:ff:ba:c9:b7:9e:d2:c8:31:fe:29:4c:33:a8:60:
                    32:d3:a0:70:f8:93:4a:13:25:c1:7c:dc:c6:07:dc:
                    f7:9c:bf:52:11:df:6a:56:2b:3f:5e:a8:32:24:3a:
                    0f:ab:32:21:b3:e2:ad:35:be:e2:62:80:30:c3:61:
                    c0:f7:3f:0b:7c:6c:06:c3:e8:d1:8f:36:0a:de:c3:
                    14:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:22:CD:24:F5:00:6E:2C:96:9F:53:06:B8:70:07:47:4B:2B:86:57
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:7e:b3:ed:6d:b3:3b:21:4d:75:18:7c:49:28:50:12:92:66:
         2b:fa:8f:67:c9:3f:8b:66:43:85:95:13:1c:eb:13:48:14:d6:
         71:fb:ab:b2:06:c2:83:62:e6:54:be:ac:3e:18:b6:58:40:4c:
         01:cd:28:45:18:fd:86:a1:cc:5c:ba:d7:87:5c:99:b8:a2:11:
         d8:b7:f1:cd:58:61:ab:6e:4c:ab:7b:a6:44:f6:e6:81:e4:7c:
         2c:ad:38:fc:5c:b7:4b:ca:67:50:35:22:5c:3e:12:01:4b:72:
         82:e6:b7:9d:4b:45:b5:f0:1c:c2:35:78:2d:ca:d7:c9:ab:d9:
         57:14:09:23:26:a8:9e:d8:d6:a6:24:a9:af:1f:c1:40:47:29:
         ca:57:eb:cd:10:68:b3:78:d9:ca:fe:e0:06:4c:9e:91:52:87:
         b0:3f:a9:5b:2f:95:48:a8:43:7f:8c:1b:f9:bf:92:a8:25:3c:
         9c:f5:de:44:71:b0:81:00:05:51:5f:38:48:9a:8a:04:6b:95:
         3d:95:2e:8d:08:88:ee:9a:6b:0b:c5:cb:cd:1c:4e:df:4a:07:
         cb:f2:ed:7d:9e:4a:bb:97:05:f5:1d:44:99:53:e8:39:84:cb:
         4a:ce:33:19:49:9a:9a:d7:66:a5:ca:3e:39:09:50:ad:77:34:
         f3:41:9b:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VATRqQn+bmMWzmiJxwV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjYwMzI5MTYwMTE3WhcNMjYwMzMwMTYwMTE3WjAzMTEwLwYDVQQD
EygyYjIyY2QyNGY1MDA2ZTJjOTY5ZjUzMDZiODcwMDc0NzRiMmI4NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8pycZ6AFiMtnSqxPXA6maAccneoo
AFLiay4UFobdx3iuAGSIAj/ikAmiD5uUWBjHSCh15d0vGeda/S5BLcs9cLGmiLdL
ZB+4aHJbIk4ZSau6V5DU55IywQaZmQNeqkkgagWvhvhYR2LikQbVxVw46biIWtdO
YC/LAPLs3ctwlocEmZfAdGkQRDmFiXIq9BkQoBONfrU4GojXWBIhNynOxgiC08yV
xlBPB5oWJdC0BqQJ2KqU/7rJt57SyDH+KUwzqGAy06Bw+JNKEyXBfNzGB9z3nL9S
Ed9qVis/XqgyJDoPqzIhs+KtNb7iYoAww2HA9z8LfGwGw+jRjzYK3sMUzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCsizST1AG4slp9TBrhwB0dLK4ZXMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeX6z7W2z
OyFNdRh8SShQEpJmK/qPZ8k/i2ZDhZUTHOsTSBTWcfursgbCg2LmVL6sPhi2WEBM
Ac0oRRj9hqHMXLrXh1yZuKIR2LfxzVhhq25Mq3umRPbmgeR8LK04/Fy3S8pnUDUi
XD4SAUtygua3nUtFtfAcwjV4LcrXyavZVxQJIyaontjWpiSprx/BQEcpylfrzRBo
s3jZyv7gBkyekVKHsD+pWy+VSKhDf4wb+b+SqCU8nPXeRHGwgQAFUV84SJqKBGuV
PZUujQiI7pprC8XLzRxO30oHy/LtfZ5Ku5cF9R1EmVPoOYTLSs4zGUmamtdmpco+
OQlQrXc080Gbhw==
-----END CERTIFICATE-----