Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft
File:                     7ix0WZPMS28UcK6rRhTwhdSuQKk.mft (raw, json)
Hash identifier:          qofwXfp8tegrpk8LYpnA6mwHOqHuEtqVxpogjQRDYnc=
Subject key identifier:   7F:95:EB:27:5C:A9:41:D2:E3:3C:2F:EC:EA:D8:46:DC:CB:DC:36:74
Authority key identifier: EE:2C:74:59:93:CC:4B:6F:14:70:AE:AB:46:14:F0:85:D4:AE:40:A9
Certificate issuer:       /CN=ee2c745993cc4b6f1470aeab4614f085d4ae40a9
Certificate serial:       019CAC46D749DCD6E95B8FEB3B1B6FC70204
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7ix0WZPMS28UcK6rRhTwhdSuQKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft
Manifest number:          14D9
Signing time:             Mon 02 Mar 2026 02:00:49 +0000
Manifest this update:     Mon 02 Mar 2026 02:00:49 +0000
Manifest next update:     Tue 03 Mar 2026 02:00:49 +0000
Files and hashes:         1: 7ix0WZPMS28UcK6rRhTwhdSuQKk.crl (hash: Hk1P3ZXZJHX4fBn+J0PeEzEYrPjlxQmQzIGCTIVkEcc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7ix0WZPMS28UcK6rRhTwhdSuQKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:46:d7:49:dc:d6:e9:5b:8f:eb:3b:1b:6f:c7:02:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee2c745993cc4b6f1470aeab4614f085d4ae40a9
        Validity
            Not Before: Mar  2 02:00:49 2026 GMT
            Not After : Mar  3 02:00:49 2026 GMT
        Subject: CN=7f95eb275ca941d2e33c2fecead846dccbdc3674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:4d:32:db:61:ee:ee:b8:5f:51:e5:5f:db:5e:
                    9e:62:7e:b5:39:7d:25:3e:96:46:d5:1e:6d:de:2b:
                    58:dc:c3:34:00:56:d5:2b:2c:f7:66:0a:53:38:57:
                    f3:62:06:dc:4f:43:37:d7:05:81:82:59:5a:94:17:
                    8e:7b:af:32:54:67:02:53:29:9c:4b:21:2a:46:c8:
                    dd:8d:59:9d:f7:97:bf:0e:38:9f:51:c4:81:a8:4e:
                    01:a0:40:45:72:db:26:fa:86:b4:1e:a1:57:2d:f2:
                    8e:33:e6:87:e2:a8:0e:93:f3:0e:cc:d2:d2:93:e1:
                    81:ca:4b:98:ca:95:96:db:26:fe:86:75:4a:08:5b:
                    0f:ef:86:7f:b7:d8:c7:93:e1:72:27:2a:18:c7:5d:
                    76:a1:31:a3:fa:a4:3e:9f:c1:0a:a9:f0:dc:f9:d0:
                    21:3e:95:4e:ad:64:2b:d1:2c:56:59:73:7a:88:c3:
                    a4:c0:ca:19:4f:7e:a8:33:01:f3:c9:d6:6f:fe:a3:
                    48:49:9c:7f:a3:0c:ce:7d:64:79:fd:a2:e7:a2:ce:
                    6f:ab:ee:33:9d:fd:84:26:5e:5d:dc:a9:ae:cb:a4:
                    ca:39:80:6b:1d:47:0e:d1:b1:0b:5f:ce:85:df:89:
                    04:f7:dc:7b:41:72:e0:5f:3f:9a:ea:09:ec:1a:ec:
                    48:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:95:EB:27:5C:A9:41:D2:E3:3C:2F:EC:EA:D8:46:DC:CB:DC:36:74
            X509v3 Authority Key Identifier:
                keyid:EE:2C:74:59:93:CC:4B:6F:14:70:AE:AB:46:14:F0:85:D4:AE:40:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ix0WZPMS28UcK6rRhTwhdSuQKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:7b:91:87:88:52:6f:1c:ab:c0:3d:f1:9d:da:44:09:a1:9d:
         f7:b5:cd:d8:c5:83:ae:3f:0e:01:77:75:6e:9e:df:9d:a2:3c:
         e7:ed:76:81:86:b1:9e:b2:86:26:83:27:85:af:08:3b:0c:7c:
         61:29:ce:da:86:81:da:51:51:b6:69:a6:9d:e5:2b:16:05:be:
         e7:84:95:fb:d8:f3:d6:41:58:5a:c5:0d:69:0d:e2:23:b4:1e:
         93:5e:9e:7a:08:44:a9:d0:53:b5:19:03:e5:a3:4b:91:c0:fe:
         64:00:ce:e4:00:03:33:6d:66:c0:80:cf:44:69:ea:68:75:5c:
         be:bc:4f:1b:32:b8:f5:9b:95:a5:a9:3a:22:ee:6b:e8:ef:93:
         0d:0c:f8:b1:75:41:72:74:07:3c:f6:35:a3:1b:9b:a3:a0:69:
         eb:ad:52:28:dd:d8:6e:b1:9f:55:52:59:03:d2:30:22:7a:97:
         2f:09:37:bb:eb:5f:e2:57:a0:d2:d8:ef:2e:d3:8b:78:fb:96:
         6d:23:9a:cd:fc:90:4f:19:69:d1:d4:9e:eb:ba:7c:22:19:ad:
         cf:66:6f:c8:e5:d6:c4:7a:0e:21:67:1e:aa:58:8c:b1:f2:05:
         c9:50:91:12:c2:fc:4c:95:39:7d:84:47:ee:25:8a:36:ff:b5:
         71:ae:de:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRtdJ3NbpW4/rOxtvxwIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMmM3NDU5OTNjYzRiNmYxNDcwYWVhYjQ2MTRmMDg1ZDRh
ZTQwYTkwHhcNMjYwMzAyMDIwMDQ5WhcNMjYwMzAzMDIwMDQ5WjAzMTEwLwYDVQQD
Eyg3Zjk1ZWIyNzVjYTk0MWQyZTMzYzJmZWNlYWQ4NDZkY2NiZGMzNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE0y22Hu7rhfUeVf216eYn61OX0l
PpZG1R5t3itY3MM0AFbVKyz3ZgpTOFfzYgbcT0M31wWBgllalBeOe68yVGcCUymc
SyEqRsjdjVmd95e/DjifUcSBqE4BoEBFctsm+oa0HqFXLfKOM+aH4qgOk/MOzNLS
k+GBykuYypWW2yb+hnVKCFsP74Z/t9jHk+FyJyoYx112oTGj+qQ+n8EKqfDc+dAh
PpVOrWQr0SxWWXN6iMOkwMoZT36oMwHzydZv/qNISZx/owzOfWR5/aLnos5vq+4z
nf2EJl5d3Kmuy6TKOYBrHUcO0bELX86F34kE99x7QXLgXz+a6gnsGuxIgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+V6ydcqUHS4zwv7OrYRtzL3DZ0MB8GA1UdIwQY
MBaAFO4sdFmTzEtvFHCuq0YU8IXUrkCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2l4MFdaUE1TMjhVY0s2clJoVHdoZFN1UUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8yZGI0ZDAtOTg4Mi00NTYzLWE1Nzgt
NzcyYzkxNzdkNTI5LzEvN2l4MFdaUE1TMjhVY0s2clJoVHdoZFN1UUtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8yZGI0ZDAtOTg4Mi00NTYzLWE1NzgtNzcyYzkxNzdkNTI5
LzEvN2l4MFdaUE1TMjhVY0s2clJoVHdoZFN1UUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgnuRh4hS
bxyrwD3xndpECaGd97XN2MWDrj8OAXd1bp7fnaI85+12gYaxnrKGJoMnha8IOwx8
YSnO2oaB2lFRtmmmneUrFgW+54SV+9jz1kFYWsUNaQ3iI7Qek16eeghEqdBTtRkD
5aNLkcD+ZADO5AADM21mwIDPRGnqaHVcvrxPGzK49ZuVpak6Iu5r6O+TDQz4sXVB
cnQHPPY1oxubo6Bp661SKN3YbrGfVVJZA9IwInqXLwk3u+tf4leg0tjvLtOLePuW
bSOazfyQTxlp0dSe67p8Ihmtz2ZvyOXWxHoOIWceqliMsfIFyVCREsL8TJU5fYRH
7iWKNv+1ca7eVQ==
-----END CERTIFICATE-----