Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          IKbY0edZTFQXjUQY6rU6k4EmWDzfvSET3/6yJHPFqK0=
Subject key identifier:   B6:1A:95:40:4D:33:9A:59:F2:08:58:A1:2F:2E:C5:9D:67:7A:80:51
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       019CAA587C18C4575CECDA07145149FCDA32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          0F25
Signing time:             Sun 01 Mar 2026 17:00:51 +0000
Manifest this update:     Sun 01 Mar 2026 17:00:51 +0000
Manifest next update:     Mon 02 Mar 2026 17:00:51 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: MRywfykdyy3K936o1Wa1Hc6XkfV2Wt7MzNoQunPl0Ts=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:7c:18:c4:57:5c:ec:da:07:14:51:49:fc:da:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Mar  1 17:00:51 2026 GMT
            Not After : Mar  2 17:00:51 2026 GMT
        Subject: CN=b61a95404d339a59f20858a12f2ec59d677a8051
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ec:21:61:a0:d4:b9:cb:fb:40:ed:86:3c:7c:
                    74:f0:f4:79:11:ee:25:cc:d2:45:e9:a1:c1:b0:4c:
                    47:d7:c9:bc:a4:f6:71:31:36:1d:fe:22:e5:bd:f9:
                    cb:f4:36:47:01:49:92:a0:98:ac:32:15:60:a2:ba:
                    da:5a:c2:a7:54:2a:ab:ca:a7:af:78:e0:b3:0b:b5:
                    e9:84:9c:46:40:a0:6e:27:df:33:3a:dd:59:ca:a9:
                    34:5f:66:df:50:5a:30:9d:59:d9:66:60:9e:d8:04:
                    43:77:6e:7e:1d:b6:84:b9:31:da:42:89:20:e2:3b:
                    ea:48:a3:e3:69:21:99:f7:1e:5c:8c:0e:74:55:29:
                    a8:fd:f2:59:e8:19:49:12:1e:25:80:bb:88:d7:5e:
                    85:cb:ed:17:0f:9e:a8:12:88:74:f5:13:9d:e2:a6:
                    7a:6b:9e:35:fd:70:ec:27:f8:8d:87:9b:0a:88:b7:
                    f3:5f:78:4a:9f:d5:6c:c7:0c:8e:ce:af:65:d4:64:
                    f8:e5:1c:35:95:99:c9:cb:6f:06:60:c0:f2:70:f8:
                    8a:75:11:fb:32:db:4f:e0:53:00:ee:07:a0:80:00:
                    e0:34:9e:4e:b6:b7:13:c0:fc:3e:54:7d:c2:f0:ff:
                    8d:7c:e9:1a:cd:2d:bb:37:dc:d8:5d:39:fb:a4:f8:
                    f0:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:1A:95:40:4D:33:9A:59:F2:08:58:A1:2F:2E:C5:9D:67:7A:80:51
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:14:9e:f6:87:58:f3:32:70:15:f4:3a:5d:1a:55:7b:68:e7:
         c8:35:1e:64:73:2d:48:44:1e:07:45:04:a2:0b:66:8a:88:4a:
         63:1a:60:3e:51:e0:c1:6e:26:32:fd:85:50:43:e7:89:80:f0:
         a1:73:ca:7d:bb:03:6a:92:00:07:52:f6:81:44:60:be:9f:25:
         3a:c1:58:5c:5a:bf:df:a9:c7:c9:cd:7a:dd:6a:25:50:a2:62:
         12:1b:8e:e8:e6:53:e9:8d:aa:b6:c9:3a:04:9b:cc:8e:00:a7:
         3a:19:5b:c4:66:b2:1c:52:8b:f2:fe:a8:06:5e:82:80:11:fb:
         7d:60:f2:17:00:53:cb:16:e6:0a:d3:ce:be:4f:a4:e8:f7:fd:
         5a:86:7b:42:f8:d8:2c:52:50:5c:42:42:76:23:28:b4:b4:46:
         55:65:35:61:95:48:98:be:52:61:8d:92:8a:98:2d:21:5b:09:
         b3:ce:d6:0f:7a:5b:bf:bf:0c:0a:bc:b6:77:4b:77:ab:0e:5d:
         76:c3:83:56:48:6b:93:19:d4:2c:c8:97:a9:ed:e3:ef:b3:31:
         5b:c2:dc:02:18:82:cf:fe:72:ec:f5:fe:96:4b:10:d7:44:d0:
         5d:92:74:25:c9:fa:24:6f:28:49:5f:b4:d5:22:67:67:a5:5a:
         86:db:05:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWHwYxFdc7NoHFFFJ/NoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjYwMzAxMTcwMDUxWhcNMjYwMzAyMTcwMDUxWjAzMTEwLwYDVQQD
EyhiNjFhOTU0MDRkMzM5YTU5ZjIwODU4YTEyZjJlYzU5ZDY3N2E4MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuwhYaDUucv7QO2GPHx08PR5Ee4l
zNJF6aHBsExH18m8pPZxMTYd/iLlvfnL9DZHAUmSoJisMhVgorraWsKnVCqryqev
eOCzC7XphJxGQKBuJ98zOt1Zyqk0X2bfUFownVnZZmCe2ARDd25+HbaEuTHaQokg
4jvqSKPjaSGZ9x5cjA50VSmo/fJZ6BlJEh4lgLuI116Fy+0XD56oEoh09ROd4qZ6
a541/XDsJ/iNh5sKiLfzX3hKn9VsxwyOzq9l1GT45Rw1lZnJy28GYMDycPiKdRH7
MttP4FMA7geggADgNJ5OtrcTwPw+VH3C8P+NfOkazS27N9zYXTn7pPjwYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYalUBNM5pZ8ghYoS8uxZ1neoBRMB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtBSe9odY
8zJwFfQ6XRpVe2jnyDUeZHMtSEQeB0UEogtmiohKYxpgPlHgwW4mMv2FUEPniYDw
oXPKfbsDapIAB1L2gURgvp8lOsFYXFq/36nHyc163WolUKJiEhuO6OZT6Y2qtsk6
BJvMjgCnOhlbxGayHFKL8v6oBl6CgBH7fWDyFwBTyxbmCtPOvk+k6Pf9WoZ7QvjY
LFJQXEJCdiMotLRGVWU1YZVImL5SYY2SipgtIVsJs87WD3pbv78MCry2d0t3qw5d
dsODVkhrkxnULMiXqe3j77MxW8LcAhiCz/5y7PX+lksQ10TQXZJ0Jcn6JG8oSV+0
1SJnZ6VahtsFcQ==
-----END CERTIFICATE-----