Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
File:                     7fBEw2PXiOdDNOE24DzH_R5JohY.mft (raw, json)
Hash identifier:          7KYDTW4Yojlk5NnK2sCRkENB+Ya5Rynhp9sEZBk2/lA=
Subject key identifier:   AB:66:72:9F:E6:B6:D5:05:FB:5D:81:0F:B8:8C:95:9F:F1:07:C3:E6
Authority key identifier: ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16
Certificate issuer:       /CN=edf044c363d788e74334e136e03cc7fd1e49a216
Certificate serial:       019DA48A86A1E3E367E9ED4C5F74651582D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
Manifest number:          0B3D
Signing time:             Sun 19 Apr 2026 07:00:34 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:34 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:34 +0000
Files and hashes:         1: 7fBEw2PXiOdDNOE24DzH_R5JohY.crl (hash: IjJmvxJw7GyLd04TJh90zBu2L9Bk1bAZkqwLzEUXCIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:86:a1:e3:e3:67:e9:ed:4c:5f:74:65:15:82:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edf044c363d788e74334e136e03cc7fd1e49a216
        Validity
            Not Before: Apr 19 07:00:34 2026 GMT
            Not After : Apr 20 07:00:34 2026 GMT
        Subject: CN=ab66729fe6b6d505fb5d810fb88c959ff107c3e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:8b:40:dc:37:41:a2:4f:bc:04:b7:f6:c2:37:
                    d0:77:cc:39:7f:61:3e:cc:d8:db:6e:81:6a:3f:80:
                    5f:b0:2e:b2:6e:08:74:79:39:23:e7:da:f1:6c:75:
                    cd:3e:d9:dc:5d:cb:74:42:06:f1:73:00:a2:48:00:
                    be:59:d3:c8:2a:a7:0c:75:c6:3e:84:f7:d4:7e:8f:
                    eb:ed:24:15:ec:72:c0:61:a5:c8:e1:92:09:eb:59:
                    33:b6:12:36:1e:59:29:24:ae:2a:de:ae:64:5b:fd:
                    a5:ca:56:20:92:e9:49:ac:5b:fd:66:1c:21:a7:ea:
                    9c:96:f0:97:e2:34:c3:ef:86:fa:ed:b1:58:97:36:
                    a0:93:c6:aa:37:33:ef:6e:93:17:af:cd:7d:07:4b:
                    49:1d:2d:c7:27:47:e6:05:e1:40:7b:4a:a7:59:2a:
                    8d:25:4e:47:44:25:b3:1d:db:c6:33:45:da:5e:92:
                    aa:79:e1:71:ee:40:cf:ca:79:d4:04:54:d4:e2:12:
                    eb:d1:74:ef:cc:17:81:fa:d0:f1:9a:67:17:4d:cf:
                    cf:00:47:ba:de:fd:af:dc:4b:0f:32:f0:11:f7:76:
                    78:80:9b:75:89:66:df:d4:25:9c:76:34:e6:83:b4:
                    55:fc:70:93:b5:e4:17:67:dc:a0:6c:73:fd:a9:bb:
                    f6:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:66:72:9F:E6:B6:D5:05:FB:5D:81:0F:B8:8C:95:9F:F1:07:C3:E6
            X509v3 Authority Key Identifier:
                keyid:ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:ff:02:6e:a3:0d:c2:40:c0:08:27:5c:a4:2f:8d:7a:10:fa:
         84:c1:1a:21:14:cb:a2:8d:2d:c3:7c:de:1b:05:85:fc:8d:93:
         bd:c1:a7:a6:d8:13:26:e6:a9:f7:2b:6f:2d:f8:39:fd:8f:10:
         90:0c:f9:6a:11:49:f2:c0:ab:37:79:b7:65:ab:27:cb:7a:d8:
         81:29:5b:6c:ac:95:29:14:31:33:d2:8f:a3:8b:39:74:1d:b5:
         bb:9d:6f:db:7e:75:cb:cc:51:08:76:b0:e9:94:54:dd:ad:71:
         2a:59:77:02:68:dd:99:c0:2b:df:b5:62:90:6f:18:19:82:da:
         4a:47:4e:18:6e:db:d1:a2:18:da:21:a5:66:66:61:dc:87:7e:
         92:3b:d4:81:c6:e5:dc:4a:75:66:f5:21:4a:d8:1e:bd:9b:2f:
         c3:95:d9:94:7b:6e:d2:e6:42:3a:29:dd:b8:68:9a:d5:8d:cd:
         e8:85:62:c2:d5:69:84:4e:89:f5:da:5c:52:0b:ef:f3:fb:43:
         58:f5:f9:43:c2:0e:d7:1d:96:8e:0a:80:4b:fc:96:66:9c:4b:
         b9:30:a9:c5:77:e5:7e:e8:06:f0:14:9b:d2:0a:50:ab:18:10:
         4d:2d:b3:e6:33:2b:d8:a5:e8:1d:1b:72:56:c0:95:1d:c7:1a:
         52:ba:1a:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kioah4+Nn6e1MX3RlFYLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZjA0NGMzNjNkNzg4ZTc0MzM0ZTEzNmUwM2NjN2ZkMWU0
OWEyMTYwHhcNMjYwNDE5MDcwMDM0WhcNMjYwNDIwMDcwMDM0WjAzMTEwLwYDVQQD
EyhhYjY2NzI5ZmU2YjZkNTA1ZmI1ZDgxMGZiODhjOTU5ZmYxMDdjM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArotA3DdBok+8BLf2wjfQd8w5f2E+
zNjbboFqP4BfsC6ybgh0eTkj59rxbHXNPtncXct0QgbxcwCiSAC+WdPIKqcMdcY+
hPfUfo/r7SQV7HLAYaXI4ZIJ61kzthI2HlkpJK4q3q5kW/2lylYgkulJrFv9Zhwh
p+qclvCX4jTD74b67bFYlzagk8aqNzPvbpMXr819B0tJHS3HJ0fmBeFAe0qnWSqN
JU5HRCWzHdvGM0XaXpKqeeFx7kDPynnUBFTU4hLr0XTvzBeB+tDxmmcXTc/PAEe6
3v2v3EsPMvAR93Z4gJt1iWbf1CWcdjTmg7RV/HCTteQXZ9ygbHP9qbv2DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtmcp/mttUF+12BD7iMlZ/xB8PmMB8GA1UdIwQY
MBaAFO3wRMNj14jnQzThNuA8x/0eSaIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQt
MmZlMTU5NGRkYzljLzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQtMmZlMTU5NGRkYzlj
LzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGP8CbqMN
wkDACCdcpC+NehD6hMEaIRTLoo0tw3zeGwWF/I2TvcGnptgTJuap9ytvLfg5/Y8Q
kAz5ahFJ8sCrN3m3Zasny3rYgSlbbKyVKRQxM9KPo4s5dB21u51v2351y8xRCHaw
6ZRU3a1xKll3AmjdmcAr37VikG8YGYLaSkdOGG7b0aIY2iGlZmZh3Id+kjvUgcbl
3Ep1ZvUhStgevZsvw5XZlHtu0uZCOinduGia1Y3N6IViwtVphE6J9dpcUgvv8/tD
WPX5Q8IO1x2WjgqAS/yWZpxLuTCpxXflfugG8BSb0gpQqxgQTS2z5jMr2KXoHRty
VsCVHccaUroalw==
-----END CERTIFICATE-----