Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.mft
File:                     n7jb0z1dO8T6Nknt9_kU6uejiF0.mft (raw, json)
Hash identifier:          gdsJQNT+N9D1DyULH1OKJ+AzGaHT06GRCDsRozgsL10=
Subject key identifier:   81:BF:57:F9:A1:EC:95:11:DF:12:0C:77:CA:84:09:50:69:A1:5E:52
Authority key identifier: 9F:B8:DB:D3:3D:5D:3B:C4:FA:36:49:ED:F7:F9:14:EA:E7:A3:88:5D
Certificate issuer:       /CN=9fb8dbd33d5d3bc4fa3649edf7f914eae7a3885d
Certificate serial:       019CA97D35CC0BE7EB5A09234A36C691A848
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n7jb0z1dO8T6Nknt9_kU6uejiF0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.mft
Manifest number:          05B9
Signing time:             Sun 01 Mar 2026 13:01:21 +0000
Manifest this update:     Sun 01 Mar 2026 13:01:21 +0000
Manifest next update:     Mon 02 Mar 2026 13:01:21 +0000
Files and hashes:         1: n7jb0z1dO8T6Nknt9_kU6uejiF0.crl (hash: wtxRRcnodLcHfi+wAUpMrxa96FgYdYr6OmGkDjh6nNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/n7jb0z1dO8T6Nknt9_kU6uejiF0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7d:35:cc:0b:e7:eb:5a:09:23:4a:36:c6:91:a8:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9fb8dbd33d5d3bc4fa3649edf7f914eae7a3885d
        Validity
            Not Before: Mar  1 13:01:21 2026 GMT
            Not After : Mar  2 13:01:21 2026 GMT
        Subject: CN=81bf57f9a1ec9511df120c77ca84095069a15e52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:37:bb:f3:fa:b3:54:a8:31:4a:14:3a:b6:81:
                    ca:1c:ca:f5:bc:06:45:d7:2c:e0:05:53:f8:19:01:
                    3c:b0:25:40:81:ac:76:81:48:f3:0e:ae:24:52:0d:
                    2f:20:ce:89:d9:f6:14:75:f9:e9:08:44:df:80:e6:
                    50:8b:3f:fd:e8:74:ac:69:31:6f:a1:e2:40:af:5d:
                    a1:f8:18:ff:76:28:09:46:37:c6:65:eb:b2:da:ec:
                    de:78:74:ae:81:bb:bc:32:cd:a2:a9:70:1f:31:71:
                    f2:c1:40:a6:7a:6b:47:36:c8:c1:46:fe:51:b5:af:
                    99:07:14:56:c7:35:95:d5:80:f4:4b:73:03:3a:37:
                    9d:8a:73:3f:e0:53:af:29:42:52:97:0b:b0:2e:c8:
                    6c:1a:3c:38:02:e1:8e:86:57:b8:ff:b8:10:85:b5:
                    4c:3a:be:b8:cd:5d:0a:56:34:8f:aa:6f:ac:6f:ec:
                    4e:92:1a:b8:82:23:8f:51:a7:68:90:ba:6b:7c:67:
                    d9:b5:0a:82:02:e4:a6:4d:1d:fe:0f:7d:a6:2f:25:
                    17:98:27:a3:98:16:ce:38:f5:b0:bd:49:1a:5d:6d:
                    ec:33:ae:f6:57:6f:89:68:69:bf:c2:66:df:f3:64:
                    92:2f:7a:18:28:40:5b:63:2f:c7:b2:04:5c:23:a7:
                    22:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:BF:57:F9:A1:EC:95:11:DF:12:0C:77:CA:84:09:50:69:A1:5E:52
            X509v3 Authority Key Identifier:
                keyid:9F:B8:DB:D3:3D:5D:3B:C4:FA:36:49:ED:F7:F9:14:EA:E7:A3:88:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7jb0z1dO8T6Nknt9_kU6uejiF0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:46:05:cc:18:17:ce:db:0b:3a:89:23:ed:c7:f0:41:2c:ec:
         ba:2b:37:76:fe:aa:8d:68:27:8f:00:2c:b8:9c:9d:18:14:d6:
         77:04:72:f2:59:0f:2d:1b:f2:06:bb:2c:54:df:2e:60:5d:f2:
         db:79:a4:2e:29:c7:f7:b3:ad:4a:6c:76:ff:de:1e:94:10:d6:
         db:53:20:fe:54:8c:3a:d9:11:40:c4:3c:16:15:10:05:ee:1b:
         a7:f9:bd:41:d0:ab:04:5e:56:cd:94:20:6a:b1:3d:a6:6c:e1:
         e1:38:ff:af:19:b4:9e:0d:9e:0c:b9:c4:49:82:50:58:43:ed:
         93:87:a3:71:77:9c:7d:8e:3e:e8:85:ea:de:40:30:73:6c:7d:
         63:4c:d0:97:18:37:7b:92:b5:11:38:51:ce:fe:3b:da:5e:9c:
         a5:4c:ca:0c:79:88:80:b5:d6:70:5c:ab:2a:9b:e5:94:a1:f9:
         5e:de:42:da:3e:ca:76:fb:9e:34:3c:28:8e:b2:67:5d:f8:9f:
         9b:6d:51:72:1a:ab:7d:88:f5:cc:8d:fb:5c:09:6c:47:3f:4d:
         1d:45:a4:fb:40:cd:a5:10:60:e4:b0:4d:48:fa:12:1b:5e:68:
         41:f6:67:8f:fa:bc:d1:7b:20:0d:c1:0f:0a:63:d6:61:c6:ce:
         7a:ac:d7:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfTXMC+frWgkjSjbGkahIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjhkYmQzM2Q1ZDNiYzRmYTM2NDllZGY3ZjkxNGVhZTdh
Mzg4NWQwHhcNMjYwMzAxMTMwMTIxWhcNMjYwMzAyMTMwMTIxWjAzMTEwLwYDVQQD
Eyg4MWJmNTdmOWExZWM5NTExZGYxMjBjNzdjYTg0MDk1MDY5YTE1ZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTe78/qzVKgxShQ6toHKHMr1vAZF
1yzgBVP4GQE8sCVAgax2gUjzDq4kUg0vIM6J2fYUdfnpCETfgOZQiz/96HSsaTFv
oeJAr12h+Bj/digJRjfGZeuy2uzeeHSugbu8Ms2iqXAfMXHywUCmemtHNsjBRv5R
ta+ZBxRWxzWV1YD0S3MDOjedinM/4FOvKUJSlwuwLshsGjw4AuGOhle4/7gQhbVM
Or64zV0KVjSPqm+sb+xOkhq4giOPUadokLprfGfZtQqCAuSmTR3+D32mLyUXmCej
mBbOOPWwvUkaXW3sM672V2+JaGm/wmbf82SSL3oYKEBbYy/HsgRcI6ciDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIG/V/mh7JUR3xIMd8qECVBpoV5SMB8GA1UdIwQY
MBaAFJ+429M9XTvE+jZJ7ff5FOrno4hdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdqYjB6MWRPOFQ2TmtudDlfa1U2dWVqaUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hZDBmOGQtYTVlNy00MGIzLWI4YTgt
NzM2MmIxOWRlNzNlLzEvbjdqYjB6MWRPOFQ2TmtudDlfa1U2dWVqaUYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hZDBmOGQtYTVlNy00MGIzLWI4YTgtNzM2MmIxOWRlNzNl
LzEvbjdqYjB6MWRPOFQ2TmtudDlfa1U2dWVqaUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJUYFzBgX
ztsLOokj7cfwQSzsuis3dv6qjWgnjwAsuJydGBTWdwRy8lkPLRvyBrssVN8uYF3y
23mkLinH97OtSmx2/94elBDW21Mg/lSMOtkRQMQ8FhUQBe4bp/m9QdCrBF5WzZQg
arE9pmzh4Tj/rxm0ng2eDLnESYJQWEPtk4ejcXecfY4+6IXq3kAwc2x9Y0zQlxg3
e5K1EThRzv472l6cpUzKDHmIgLXWcFyrKpvllKH5Xt5C2j7KdvueNDwojrJnXfif
m21RchqrfYj1zI37XAlsRz9NHUWk+0DNpRBg5LBNSPoSG15oQfZnj/q80XsgDcEP
CmPWYcbOeqzX8g==
-----END CERTIFICATE-----