Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.mft
File:                     eZX5HpmCJQFfRwY8Mo4MUB1otZ0.mft (raw, json)
Hash identifier:          ZLW0rRsqrF3N4hupDrW7xqVxCrPR5H6v0C7bznTySeQ=
Subject key identifier:   FC:E0:C3:35:21:3C:E6:7E:D2:7E:91:44:13:BD:0F:C7:CC:14:1F:FB
Authority key identifier: 79:95:F9:1E:99:82:25:01:5F:47:06:3C:32:8E:0C:50:1D:68:B5:9D
Certificate issuer:       /CN=7995f91e998225015f47063c328e0c501d68b59d
Certificate serial:       019CAB6AE50C2495EDCFF3361F066CE00603
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.mft
Manifest number:          131E
Signing time:             Sun 01 Mar 2026 22:00:35 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:35 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:35 +0000
Files and hashes:         1: eZX5HpmCJQFfRwY8Mo4MUB1otZ0.crl (hash: fz4r6sSkL5bSTucVePJ2b10M9L/+GGHX9gJvIicB4Fk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:e5:0c:24:95:ed:cf:f3:36:1f:06:6c:e0:06:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7995f91e998225015f47063c328e0c501d68b59d
        Validity
            Not Before: Mar  1 22:00:35 2026 GMT
            Not After : Mar  2 22:00:35 2026 GMT
        Subject: CN=fce0c335213ce67ed27e914413bd0fc7cc141ffb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:00:fa:4d:1f:da:f0:39:b5:f3:3f:1b:47:2e:
                    c6:40:c8:76:a2:04:ca:ea:cc:d8:97:f1:b2:e5:52:
                    83:ad:82:e5:c9:91:f2:aa:46:80:11:ab:3f:cd:02:
                    4f:47:17:5d:0a:a6:15:6e:b5:29:3d:84:ec:cb:6c:
                    92:66:b1:49:1f:be:c2:88:ef:24:3b:c1:e4:3b:37:
                    73:a3:75:17:31:68:26:42:d9:41:e2:a1:c1:38:fb:
                    c7:30:50:12:4c:ad:fe:e8:e1:16:64:8f:93:5b:45:
                    b2:3e:27:31:80:02:c2:56:37:6f:c9:65:7e:e4:93:
                    1b:08:b6:cf:5c:93:dd:14:31:61:a9:6f:cd:6b:34:
                    74:18:c0:6c:c5:83:96:0c:c1:7e:63:60:5d:12:7b:
                    69:4f:e8:dd:3d:4d:b9:32:36:09:46:c1:94:b4:80:
                    59:f0:d6:09:56:8d:b8:81:06:7e:90:58:71:9d:c3:
                    b2:6e:cc:86:15:4d:0a:54:c7:7a:17:f4:da:44:65:
                    a1:6a:96:9a:55:33:26:62:66:05:48:c8:63:d2:d1:
                    05:02:b1:22:b3:97:cb:66:ed:09:e9:9b:cd:c2:9e:
                    b7:58:f7:ea:38:da:c6:16:9d:10:75:d5:5f:a3:b6:
                    00:cb:28:c0:7e:8a:7e:3e:84:02:c4:be:8e:8b:57:
                    b3:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:E0:C3:35:21:3C:E6:7E:D2:7E:91:44:13:BD:0F:C7:CC:14:1F:FB
            X509v3 Authority Key Identifier:
                keyid:79:95:F9:1E:99:82:25:01:5F:47:06:3C:32:8E:0C:50:1D:68:B5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b411f5-a7f8-4b84-85e3-a09d6c5d3552/1/eZX5HpmCJQFfRwY8Mo4MUB1otZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:82:3b:6f:5e:b1:c9:cc:c0:8f:c2:e9:d0:57:5b:6a:23:07:
         75:53:22:c2:a6:91:51:c4:aa:65:1c:64:5b:24:0b:4b:39:12:
         df:96:aa:e9:d2:97:da:99:b7:19:6a:6b:af:ce:2a:3b:ee:43:
         67:79:87:ff:8f:d3:12:7d:da:5a:24:86:17:3e:39:62:de:74:
         24:cf:d1:3b:05:47:64:05:62:f4:a8:da:f3:8c:6d:05:99:ef:
         f7:de:6d:9e:3b:3f:5f:7b:e9:9e:aa:a8:55:81:69:2f:32:99:
         6c:cb:85:cf:2d:75:c8:f1:46:7b:ff:d3:1d:e6:73:88:fc:55:
         ea:da:71:f8:48:e4:54:a5:e6:6e:44:84:da:e7:ed:2f:88:3d:
         31:f1:d8:ff:4f:d7:bb:88:ed:f1:c5:28:27:f8:76:1f:6e:68:
         77:0a:c5:26:c2:39:93:93:ca:63:31:99:06:b9:7c:f6:d1:bd:
         86:c3:1a:a6:d4:99:4d:1b:7b:b0:09:ed:e7:f7:3f:c6:3c:32:
         bf:cd:58:5e:0d:dc:d2:26:10:6f:47:fc:84:76:00:bd:ac:63:
         52:c5:f3:80:ee:db:1a:1c:47:01:3f:9a:ad:58:c1:9f:3c:90:
         05:8b:90:a5:f5:09:6e:64:4f:d1:23:ee:87:52:4e:52:9c:d7:
         48:59:48:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrauUMJJXtz/M2HwZs4AYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OTVmOTFlOTk4MjI1MDE1ZjQ3MDYzYzMyOGUwYzUwMWQ2
OGI1OWQwHhcNMjYwMzAxMjIwMDM1WhcNMjYwMzAyMjIwMDM1WjAzMTEwLwYDVQQD
EyhmY2UwYzMzNTIxM2NlNjdlZDI3ZTkxNDQxM2JkMGZjN2NjMTQxZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwD6TR/a8Dm18z8bRy7GQMh2ogTK
6szYl/Gy5VKDrYLlyZHyqkaAEas/zQJPRxddCqYVbrUpPYTsy2ySZrFJH77CiO8k
O8HkOzdzo3UXMWgmQtlB4qHBOPvHMFASTK3+6OEWZI+TW0WyPicxgALCVjdvyWV+
5JMbCLbPXJPdFDFhqW/NazR0GMBsxYOWDMF+Y2BdEntpT+jdPU25MjYJRsGUtIBZ
8NYJVo24gQZ+kFhxncOybsyGFU0KVMd6F/TaRGWhapaaVTMmYmYFSMhj0tEFArEi
s5fLZu0J6ZvNwp63WPfqONrGFp0QddVfo7YAyyjAfop+PoQCxL6Oi1ez3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzgwzUhPOZ+0n6RRBO9D8fMFB/7MB8GA1UdIwQY
MBaAFHmV+R6ZgiUBX0cGPDKODFAdaLWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVpYNUhwbUNKUUZmUndZOE1vNE1VQjFvdFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iNDExZjUtYTdmOC00Yjg0LTg1ZTMt
YTA5ZDZjNWQzNTUyLzEvZVpYNUhwbUNKUUZmUndZOE1vNE1VQjFvdFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iNDExZjUtYTdmOC00Yjg0LTg1ZTMtYTA5ZDZjNWQzNTUy
LzEvZVpYNUhwbUNKUUZmUndZOE1vNE1VQjFvdFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOYI7b16x
yczAj8Lp0FdbaiMHdVMiwqaRUcSqZRxkWyQLSzkS35aq6dKX2pm3GWprr84qO+5D
Z3mH/4/TEn3aWiSGFz45Yt50JM/ROwVHZAVi9Kja84xtBZnv995tnjs/X3vpnqqo
VYFpLzKZbMuFzy11yPFGe//THeZziPxV6tpx+EjkVKXmbkSE2uftL4g9MfHY/0/X
u4jt8cUoJ/h2H25odwrFJsI5k5PKYzGZBrl89tG9hsMaptSZTRt7sAnt5/c/xjwy
v81YXg3c0iYQb0f8hHYAvaxjUsXzgO7bGhxHAT+arVjBnzyQBYuQpfUJbmRP0SPu
h1JOUpzXSFlIjg==
-----END CERTIFICATE-----