Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft
File:                     fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft (raw, json)
Hash identifier:          7dk29B6ofM43hlGxy+Tgn2zJDqaLLtz51t2EJv4ubLU=
Subject key identifier:   15:B5:09:DA:59:7C:43:79:E9:18:5C:97:1A:0A:59:F3:AE:8B:EC:92
Authority key identifier: 7C:82:30:28:AE:FF:C5:99:AE:FF:A5:DE:5B:90:CC:AD:33:49:7D:B9
Certificate issuer:       /CN=7c823028aeffc599aeffa5de5b90ccad33497db9
Certificate serial:       019CAF489775537002CF40B6600916CB8FCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fIIwKK7_xZmu_6XeW5DMrTNJfbk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft
Manifest number:          07D7
Signing time:             Mon 02 Mar 2026 16:01:35 +0000
Manifest this update:     Mon 02 Mar 2026 16:01:35 +0000
Manifest next update:     Tue 03 Mar 2026 16:01:35 +0000
Files and hashes:         1: fIIwKK7_xZmu_6XeW5DMrTNJfbk.crl (hash: 1igGDrLm9RQ/yzh6umLAiWe2gn9bR4g22lQBTipTpy4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fIIwKK7_xZmu_6XeW5DMrTNJfbk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:48:97:75:53:70:02:cf:40:b6:60:09:16:cb:8f:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c823028aeffc599aeffa5de5b90ccad33497db9
        Validity
            Not Before: Mar  2 16:01:35 2026 GMT
            Not After : Mar  3 16:01:35 2026 GMT
        Subject: CN=15b509da597c4379e9185c971a0a59f3ae8bec92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ba:ae:1d:ef:4c:ab:16:87:2c:91:1c:6d:29:
                    0d:30:6e:0c:fb:d3:1c:ce:c9:ec:52:58:27:a3:38:
                    26:bf:99:6d:ad:af:85:4a:d6:85:b7:84:94:8b:a8:
                    19:04:1b:30:1e:3a:be:b4:33:6e:b4:3f:d9:a7:74:
                    d6:87:29:87:5a:8f:b4:2c:7f:d4:0d:56:c6:e2:b1:
                    c3:4f:44:ef:71:b6:a9:20:45:1f:ce:3a:16:b6:e5:
                    eb:70:16:0b:8a:78:20:5a:f5:fe:5d:92:46:fa:ec:
                    92:fa:c5:6a:3b:dc:b5:94:49:54:43:a1:2b:b2:91:
                    b9:22:fa:78:d7:0b:82:0d:e4:a1:f5:d8:4c:2f:78:
                    96:42:26:1c:e4:71:78:6b:59:83:72:3e:14:41:70:
                    52:8f:eb:e9:f6:94:6d:07:0b:29:d4:8f:b6:b3:eb:
                    08:1d:32:19:21:97:68:d1:a2:7a:6e:31:8e:63:6b:
                    ea:7a:dd:d7:71:b7:92:51:8f:54:b9:fd:0d:c9:73:
                    68:68:48:6d:8a:38:f0:8f:03:10:1c:73:cf:5c:f4:
                    34:48:40:16:99:a4:e6:f4:22:37:84:7d:26:5f:8b:
                    d2:cb:fa:5d:4e:52:8d:98:6d:24:62:0c:20:3a:07:
                    3c:6f:5b:d9:73:81:16:44:df:44:2b:5b:c3:69:a5:
                    5b:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:B5:09:DA:59:7C:43:79:E9:18:5C:97:1A:0A:59:F3:AE:8B:EC:92
            X509v3 Authority Key Identifier:
                keyid:7C:82:30:28:AE:FF:C5:99:AE:FF:A5:DE:5B:90:CC:AD:33:49:7D:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fIIwKK7_xZmu_6XeW5DMrTNJfbk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:45:ad:33:5a:e1:81:4d:14:e2:7f:e0:d9:a0:ce:3a:e6:c7:
         64:de:9f:a0:b7:cb:0e:c9:a1:96:a8:1f:a2:09:9c:e3:d4:7a:
         a0:8e:a0:5a:dd:56:32:8c:97:b9:66:09:3a:2c:90:f1:ee:2f:
         fb:9b:2f:30:6d:64:14:29:ca:d1:e7:e5:76:4f:3a:05:5f:21:
         1f:a5:7f:54:dd:78:7c:83:7d:20:c3:99:31:e8:aa:58:11:ba:
         bf:ef:c4:e9:3a:cd:0c:c6:a3:f5:bb:03:a1:24:f3:8c:33:e8:
         15:22:61:4a:3d:2b:77:ec:78:4c:ba:f3:9a:f2:33:5d:19:f4:
         ef:67:68:43:5e:57:d1:f6:fe:d7:e5:f5:2b:0a:32:27:87:65:
         a2:74:7e:39:07:d9:4e:4d:a7:55:e6:60:18:da:11:28:41:e8:
         95:28:3d:dd:72:99:84:71:3e:22:32:b6:47:af:a1:f8:c5:22:
         24:e4:37:c4:e4:9b:f4:b7:23:30:78:4b:68:95:a7:d2:78:e0:
         03:6a:0f:53:da:5f:4c:dc:71:04:a4:43:71:16:87:1e:e7:c9:
         cf:92:46:c5:ba:7f:c1:7c:83:dd:36:bd:c6:05:84:0a:6f:73:
         f4:de:9d:d8:2e:85:d6:53:a6:38:a5:72:62:5d:b0:e1:f6:e8:
         28:6b:42:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvSJd1U3ACz0C2YAkWy4/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjODIzMDI4YWVmZmM1OTlhZWZmYTVkZTViOTBjY2FkMzM0
OTdkYjkwHhcNMjYwMzAyMTYwMTM1WhcNMjYwMzAzMTYwMTM1WjAzMTEwLwYDVQQD
EygxNWI1MDlkYTU5N2M0Mzc5ZTkxODVjOTcxYTBhNTlmM2FlOGJlYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibquHe9MqxaHLJEcbSkNMG4M+9Mc
zsnsUlgnozgmv5ltra+FStaFt4SUi6gZBBswHjq+tDNutD/Zp3TWhymHWo+0LH/U
DVbG4rHDT0TvcbapIEUfzjoWtuXrcBYLinggWvX+XZJG+uyS+sVqO9y1lElUQ6Er
spG5Ivp41wuCDeSh9dhML3iWQiYc5HF4a1mDcj4UQXBSj+vp9pRtBwsp1I+2s+sI
HTIZIZdo0aJ6bjGOY2vqet3XcbeSUY9Uuf0NyXNoaEhtijjwjwMQHHPPXPQ0SEAW
maTm9CI3hH0mX4vSy/pdTlKNmG0kYgwgOgc8b1vZc4EWRN9EK1vDaaVbGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBW1CdpZfEN56RhclxoKWfOui+ySMB8GA1UdIwQY
MBaAFHyCMCiu/8WZrv+l3luQzK0zSX25MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZklJd0tLN194Wm11XzZYZVc1RE1yVE5KZmJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMmI5NWQtMGIyNi00MDJkLTk2ZWMt
Njg2OTFkYWJiZGYzLzEvZklJd0tLN194Wm11XzZYZVc1RE1yVE5KZmJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lMmI5NWQtMGIyNi00MDJkLTk2ZWMtNjg2OTFkYWJiZGYz
LzEvZklJd0tLN194Wm11XzZYZVc1RE1yVE5KZmJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUWtM1rh
gU0U4n/g2aDOOubHZN6foLfLDsmhlqgfogmc49R6oI6gWt1WMoyXuWYJOiyQ8e4v
+5svMG1kFCnK0efldk86BV8hH6V/VN14fIN9IMOZMeiqWBG6v+/E6TrNDMaj9bsD
oSTzjDPoFSJhSj0rd+x4TLrzmvIzXRn072doQ15X0fb+1+X1KwoyJ4dlonR+OQfZ
Tk2nVeZgGNoRKEHolSg93XKZhHE+IjK2R6+h+MUiJOQ3xOSb9LcjMHhLaJWn0njg
A2oPU9pfTNxxBKRDcRaHHufJz5JGxbp/wXyD3Ta9xgWECm9z9N6d2C6F1lOmOKVy
Yl2w4fboKGtCPA==
-----END CERTIFICATE-----