Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
File:                     7fBEw2PXiOdDNOE24DzH_R5JohY.mft (raw, json)
Hash identifier:          z2yXqkYy2rEbRunRLj222Q/wr+iHVYAsKTY8fWrg4s8=
Subject key identifier:   21:68:A7:85:89:95:5E:15:70:66:F8:34:D9:63:D1:D5:0D:33:F1:76
Authority key identifier: ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16
Certificate issuer:       /CN=edf044c363d788e74334e136e03cc7fd1e49a216
Certificate serial:       019CAB6AEC37000C7B42AB8A0C87440BE590
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
Manifest number:          0ABC
Signing time:             Sun 01 Mar 2026 22:00:37 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:37 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:37 +0000
Files and hashes:         1: 7fBEw2PXiOdDNOE24DzH_R5JohY.crl (hash: yj073OkoVLw+Cnu+UjirNb9Yv16NEpNEbVBRmCTsLQg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:ec:37:00:0c:7b:42:ab:8a:0c:87:44:0b:e5:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edf044c363d788e74334e136e03cc7fd1e49a216
        Validity
            Not Before: Mar  1 22:00:37 2026 GMT
            Not After : Mar  2 22:00:37 2026 GMT
        Subject: CN=2168a78589955e157066f834d963d1d50d33f176
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e1:97:cb:b6:45:8b:00:9b:f9:d2:88:65:ca:
                    f4:2c:99:03:6f:4a:13:b6:19:3e:15:00:ba:2d:16:
                    eb:fe:54:81:15:92:da:df:2f:18:00:28:8c:9d:de:
                    ba:02:93:b9:e6:9a:1c:67:41:dc:04:63:ad:4a:59:
                    5d:3b:2d:dd:b6:39:74:75:96:60:99:a2:26:ef:36:
                    61:7d:d1:06:12:3f:1d:97:fe:4d:a3:4f:7c:e1:35:
                    ff:43:0d:5e:13:80:23:45:c7:82:eb:8e:37:46:fd:
                    df:8d:33:22:ca:86:78:70:01:55:75:54:d2:01:55:
                    6d:be:20:f4:1b:58:eb:05:0a:66:10:4c:6d:f7:84:
                    ed:b7:fd:e7:f6:ab:f5:7b:b4:2d:a8:d0:d2:99:af:
                    55:66:d6:e7:f6:c6:d2:eb:ae:5e:19:34:7a:89:31:
                    ed:7b:88:57:af:c2:12:94:2d:b9:ed:fb:b3:a1:66:
                    e1:04:cc:01:11:87:dc:0c:12:ca:80:9f:02:bb:33:
                    52:e3:de:72:54:7c:0b:68:16:d7:9d:35:be:6c:11:
                    f3:11:fa:20:37:20:50:90:60:0d:3f:77:d0:b2:36:
                    d2:2b:27:2f:2d:86:53:a3:69:60:47:f2:46:59:ae:
                    b8:f1:b9:13:02:42:a2:74:28:0b:82:c0:f8:bf:61:
                    5f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:68:A7:85:89:95:5E:15:70:66:F8:34:D9:63:D1:D5:0D:33:F1:76
            X509v3 Authority Key Identifier:
                keyid:ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:ca:b7:cd:b3:c6:ad:8d:a6:df:43:12:91:e7:86:ae:f0:99:
         a1:30:1a:c1:3c:38:1f:c2:4e:b6:fb:34:95:e3:56:68:5a:fd:
         00:59:3e:21:98:07:50:6b:26:aa:16:5c:06:8a:e3:01:c2:0c:
         26:69:5d:31:f1:bf:e3:1b:50:d9:8e:da:4c:5d:f9:97:d6:ec:
         74:51:5e:84:97:34:2c:33:94:bd:97:ef:02:7a:0d:3d:96:b9:
         dc:74:39:5e:ba:c0:b1:74:3d:01:42:86:fa:3f:85:d8:2f:b9:
         aa:ff:17:e6:a1:c5:18:bf:65:94:50:4d:2b:10:34:58:f6:49:
         f6:24:4e:35:46:fa:5e:dc:08:e4:e2:f6:c3:26:29:e3:b1:68:
         f8:9e:f3:56:e1:1c:88:41:4a:ec:ed:f1:d5:19:91:9e:0a:b2:
         f3:6d:f3:7c:53:84:66:d4:f3:29:fd:b6:7a:e9:a5:5b:e3:62:
         c8:d7:6c:fb:e7:42:3d:04:ea:bf:4c:87:46:57:5d:d1:a6:7e:
         74:a2:00:f6:5f:fd:b0:dc:69:e4:16:87:92:50:27:1c:16:a1:
         e3:de:cd:3a:5c:7c:1f:b9:6e:4c:84:41:7f:2c:66:b2:04:18:
         34:13:16:64:28:33:ec:8a:cf:cc:ab:cf:51:5a:e8:82:2b:db:
         ee:8f:e8:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrauw3AAx7QquKDIdEC+WQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZjA0NGMzNjNkNzg4ZTc0MzM0ZTEzNmUwM2NjN2ZkMWU0
OWEyMTYwHhcNMjYwMzAxMjIwMDM3WhcNMjYwMzAyMjIwMDM3WjAzMTEwLwYDVQQD
EygyMTY4YTc4NTg5OTU1ZTE1NzA2NmY4MzRkOTYzZDFkNTBkMzNmMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+GXy7ZFiwCb+dKIZcr0LJkDb0oT
thk+FQC6LRbr/lSBFZLa3y8YACiMnd66ApO55pocZ0HcBGOtSlldOy3dtjl0dZZg
maIm7zZhfdEGEj8dl/5No0984TX/Qw1eE4AjRceC6443Rv3fjTMiyoZ4cAFVdVTS
AVVtviD0G1jrBQpmEExt94Ttt/3n9qv1e7QtqNDSma9VZtbn9sbS665eGTR6iTHt
e4hXr8ISlC257fuzoWbhBMwBEYfcDBLKgJ8CuzNS495yVHwLaBbXnTW+bBHzEfog
NyBQkGANP3fQsjbSKycvLYZTo2lgR/JGWa648bkTAkKidCgLgsD4v2FfTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFop4WJlV4VcGb4NNlj0dUNM/F2MB8GA1UdIwQY
MBaAFO3wRMNj14jnQzThNuA8x/0eSaIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQt
MmZlMTU5NGRkYzljLzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQtMmZlMTU5NGRkYzlj
LzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABsq3zbPG
rY2m30MSkeeGrvCZoTAawTw4H8JOtvs0leNWaFr9AFk+IZgHUGsmqhZcBorjAcIM
JmldMfG/4xtQ2Y7aTF35l9bsdFFehJc0LDOUvZfvAnoNPZa53HQ5XrrAsXQ9AUKG
+j+F2C+5qv8X5qHFGL9llFBNKxA0WPZJ9iRONUb6XtwI5OL2wyYp47Fo+J7zVuEc
iEFK7O3x1RmRngqy823zfFOEZtTzKf22eumlW+NiyNds++dCPQTqv0yHRldd0aZ+
dKIA9l/9sNxp5BaHklAnHBah497NOlx8H7luTIRBfyxmsgQYNBMWZCgz7IrPzKvP
UVrogivb7o/oHQ==
-----END CERTIFICATE-----