Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          d1q8mYb/hKCFz7PHWjFCjKcPm+cOEzuV07lStlaCVIQ=
Subject key identifier:   5D:44:A4:8B:5B:E3:44:1B:84:9D:08:92:B2:A1:47:27:E6:88:84:2F
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       019D99CFF584C2B219994CBC22E642D1D2F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          0FA1
Signing time:             Fri 17 Apr 2026 05:00:35 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:35 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:35 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: jQ+hAE29VEaYA6/rdFheRqtMVxeqOj2UMLyU+PJXGeA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:cf:f5:84:c2:b2:19:99:4c:bc:22:e6:42:d1:d2:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Apr 17 05:00:35 2026 GMT
            Not After : Apr 18 05:00:35 2026 GMT
        Subject: CN=5d44a48b5be3441b849d0892b2a14727e688842f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:40:31:a3:c7:8b:ec:bc:5d:be:b9:fc:5d:5a:
                    4e:e4:98:11:fc:7a:c2:cd:4d:a8:87:cc:de:4a:fe:
                    c4:38:b2:85:6b:8a:2f:57:48:44:ea:4d:66:af:29:
                    0f:59:e1:fb:61:82:e5:f0:72:19:b5:fb:da:8c:a9:
                    0a:1d:ae:e6:34:8f:0f:af:4a:41:95:48:49:f9:6c:
                    dc:03:be:00:6a:35:90:3f:e4:bb:08:2c:c3:81:fb:
                    0d:ff:e9:b1:9c:19:fe:e5:3c:ee:8f:20:23:04:79:
                    24:90:82:8e:da:d3:e8:b8:96:9d:c3:46:04:08:49:
                    8a:44:31:65:fb:fe:49:8d:e5:98:bb:b3:5b:b0:d6:
                    b6:7f:fe:c2:6f:c9:f8:83:39:ec:98:3c:1d:f6:a5:
                    6f:49:39:00:a1:8a:6e:2f:c2:54:16:a9:48:cf:03:
                    ab:3e:8f:6d:87:13:87:e8:6e:af:df:39:c8:d6:d5:
                    e1:2c:92:f1:e1:0e:89:3b:f1:a4:f3:bc:ad:62:13:
                    5f:0a:e3:61:0d:ff:9e:c1:e1:4b:01:26:e5:19:90:
                    50:9b:01:f3:05:36:b6:11:88:df:95:20:ee:9c:43:
                    43:0e:a1:24:e5:36:5f:fb:81:0b:df:a7:df:41:18:
                    1e:db:c3:5c:c5:43:47:4b:da:e5:8c:ea:36:e7:40:
                    f4:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:44:A4:8B:5B:E3:44:1B:84:9D:08:92:B2:A1:47:27:E6:88:84:2F
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:6c:b8:16:1d:f8:2e:a0:17:5e:c9:87:80:c6:4e:08:e2:69:
         a7:83:bc:6b:56:a5:2b:66:28:de:b6:79:66:24:9c:b6:e3:43:
         a8:91:69:7d:09:59:d3:ad:a4:a4:2d:6b:87:41:db:25:eb:4f:
         6f:0b:25:86:a4:04:a1:5a:e4:99:9d:40:c8:9b:c9:42:5f:19:
         63:f1:ae:16:6c:1a:46:91:27:2d:e7:6d:6e:8b:95:a7:b0:c4:
         8e:87:64:99:59:0e:8d:2c:27:a6:60:93:04:16:f4:1b:52:0d:
         3b:3d:3c:01:40:54:7d:04:8f:d0:ac:eb:92:e7:d9:3b:d6:11:
         70:c8:df:68:db:2c:0b:35:d7:e2:d5:0a:6e:99:cd:a3:de:8d:
         f7:7d:e8:04:d5:67:96:c6:b3:6e:ed:3c:bb:d0:18:5b:36:7f:
         a5:1c:79:29:67:12:ba:a4:60:4e:68:e0:59:45:4b:1a:11:9a:
         a4:02:f1:4b:77:ad:5f:10:1b:4d:ab:a1:e1:ca:df:90:b7:a5:
         ad:d5:b7:f3:a9:0e:55:68:7a:8f:a1:d3:90:35:70:d0:87:fc:
         df:f4:2e:51:00:24:b4:82:5b:71:33:f3:9d:1d:72:b0:3a:0d:
         e0:37:de:97:42:0e:e3:b4:e7:b8:9a:80:16:a1:ec:d1:27:f7:
         c9:bf:0e:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz/WEwrIZmUy8IuZC0dLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjYwNDE3MDUwMDM1WhcNMjYwNDE4MDUwMDM1WjAzMTEwLwYDVQQD
Eyg1ZDQ0YTQ4YjViZTM0NDFiODQ5ZDA4OTJiMmExNDcyN2U2ODg4NDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0Axo8eL7Lxdvrn8XVpO5JgR/HrC
zU2oh8zeSv7EOLKFa4ovV0hE6k1mrykPWeH7YYLl8HIZtfvajKkKHa7mNI8Pr0pB
lUhJ+WzcA74AajWQP+S7CCzDgfsN/+mxnBn+5TzujyAjBHkkkIKO2tPouJadw0YE
CEmKRDFl+/5JjeWYu7NbsNa2f/7Cb8n4gznsmDwd9qVvSTkAoYpuL8JUFqlIzwOr
Po9thxOH6G6v3znI1tXhLJLx4Q6JO/Gk87ytYhNfCuNhDf+eweFLASblGZBQmwHz
BTa2EYjflSDunENDDqEk5TZf+4EL36ffQRge28NcxUNHS9rljOo250D0QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1EpItb40QbhJ0IkrKhRyfmiIQvMB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPGy4Fh34
LqAXXsmHgMZOCOJpp4O8a1alK2Yo3rZ5ZiSctuNDqJFpfQlZ062kpC1rh0HbJetP
bwslhqQEoVrkmZ1AyJvJQl8ZY/GuFmwaRpEnLedtbouVp7DEjodkmVkOjSwnpmCT
BBb0G1INOz08AUBUfQSP0KzrkufZO9YRcMjfaNssCzXX4tUKbpnNo96N933oBNVn
lsazbu08u9AYWzZ/pRx5KWcSuqRgTmjgWUVLGhGapALxS3etXxAbTauh4crfkLel
rdW386kOVWh6j6HTkDVw0If83/QuUQAktIJbcTPznR1ysDoN4Dfel0IO47TnuJqA
FqHs0Sf3yb8OqQ==
-----END CERTIFICATE-----