Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          RMgixC8FNUlCt8eO+kUxpyLXMbhdeV2FHpvdGelQszg=
Subject key identifier:   BE:0D:F5:17:FF:17:CA:0B:B4:DD:04:2E:4E:B6:95:88:DA:79:25:10
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       019CAD5A38210D29D3FD9BCE59F54218A84F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          0B28
Signing time:             Mon 02 Mar 2026 07:01:36 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:36 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:36 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: 2IcYV7Hn7I09tkjPz9dkonZP+vNQ3lWoFx+AL4H5fVA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:38:21:0d:29:d3:fd:9b:ce:59:f5:42:18:a8:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: Mar  2 07:01:36 2026 GMT
            Not After : Mar  3 07:01:36 2026 GMT
        Subject: CN=be0df517ff17ca0bb4dd042e4eb69588da792510
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:25:ae:eb:9a:42:56:bb:ed:c4:13:06:e8:fd:
                    4f:42:a2:fd:f4:79:51:2b:8b:f0:bb:1e:2f:ba:b0:
                    6f:56:36:09:8c:07:68:54:64:e7:71:ed:ce:4e:84:
                    d9:2f:9e:8d:2f:2f:2e:31:7c:52:22:3f:a5:d8:20:
                    21:32:93:10:6d:4b:c6:14:81:eb:9b:ce:1e:d2:f0:
                    17:e9:27:8d:91:41:5c:12:61:13:e5:82:91:3a:b4:
                    fa:e9:9d:26:b0:df:04:3c:94:c5:de:ca:b8:08:81:
                    ee:66:b2:fd:86:36:c8:b5:5d:2f:6e:e3:b7:81:05:
                    18:e8:1f:09:b9:c1:3c:e4:72:87:aa:f9:53:57:5b:
                    1e:62:39:ed:b8:26:12:4f:ee:29:7f:e2:d9:cc:25:
                    db:7d:fd:31:75:91:bd:b7:17:8c:27:2d:0f:a3:b2:
                    8e:a8:3d:1d:d8:8b:3c:8f:d5:09:ef:13:1b:01:23:
                    e8:b8:89:ac:47:5f:bc:4c:8a:26:47:06:9b:24:c3:
                    da:3c:17:ac:40:48:e1:e5:e3:8b:81:3f:f8:8e:f9:
                    2f:74:2e:9e:0a:54:6a:61:7c:1f:c3:09:eb:76:f8:
                    db:6e:f1:4c:7e:8a:61:9e:ac:e8:c3:91:0e:9e:22:
                    c0:f4:19:89:6b:b9:d4:b1:de:a6:de:dd:0b:eb:c2:
                    d7:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:0D:F5:17:FF:17:CA:0B:B4:DD:04:2E:4E:B6:95:88:DA:79:25:10
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:bb:99:6c:04:2e:3a:2a:ba:84:57:e7:9f:c4:35:f1:6d:6e:
         0b:24:3c:49:74:20:e9:94:c1:20:ab:24:9c:92:e0:ff:34:6d:
         7d:fd:ef:af:0d:67:7a:66:a9:b8:14:56:37:19:86:cc:ce:12:
         c9:20:a6:35:cb:1b:73:a3:55:63:ea:cf:84:4b:74:a0:58:d5:
         ba:82:fd:2f:81:b0:60:61:a4:9b:e0:1e:ee:a1:5f:74:95:32:
         83:d4:01:59:f9:6a:c5:3c:8c:ec:ae:d8:02:1a:c0:10:ed:1c:
         be:8e:60:b2:21:c4:60:f6:1e:a2:9f:98:03:f3:b1:f2:f2:70:
         2f:8b:05:46:a6:86:ab:55:4a:5a:73:b6:b8:dd:99:8f:53:9a:
         52:b8:3b:0b:c7:db:cf:65:7a:a3:ae:48:29:44:a4:d5:2a:6c:
         41:21:7c:bb:00:40:30:d9:b9:4b:97:2c:fc:bb:ab:28:96:8b:
         fe:00:79:6c:5b:23:52:52:48:52:f2:fd:89:e7:0c:d5:42:d0:
         9b:54:d4:2e:b6:e4:54:a8:b6:3c:8c:66:90:63:f1:98:49:88:
         9e:c0:61:cc:50:af:8f:ed:ee:ca:f8:38:10:d4:c5:03:f8:ca:
         fd:30:e8:e7:f4:bd:93:a5:bb:9c:87:56:ca:bb:f9:ae:bf:84:
         f1:13:40:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWjghDSnT/ZvOWfVCGKhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjYwMzAyMDcwMTM2WhcNMjYwMzAzMDcwMTM2WjAzMTEwLwYDVQQD
EyhiZTBkZjUxN2ZmMTdjYTBiYjRkZDA0MmU0ZWI2OTU4OGRhNzkyNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyWu65pCVrvtxBMG6P1PQqL99HlR
K4vwux4vurBvVjYJjAdoVGTnce3OToTZL56NLy8uMXxSIj+l2CAhMpMQbUvGFIHr
m84e0vAX6SeNkUFcEmET5YKROrT66Z0msN8EPJTF3sq4CIHuZrL9hjbItV0vbuO3
gQUY6B8JucE85HKHqvlTV1seYjntuCYST+4pf+LZzCXbff0xdZG9txeMJy0Po7KO
qD0d2Is8j9UJ7xMbASPouImsR1+8TIomRwabJMPaPBesQEjh5eOLgT/4jvkvdC6e
ClRqYXwfwwnrdvjbbvFMfophnqzow5EOniLA9BmJa7nUsd6m3t0L68LXOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4N9Rf/F8oLtN0ELk62lYjaeSUQMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlLuZbAQu
Oiq6hFfnn8Q18W1uCyQ8SXQg6ZTBIKsknJLg/zRtff3vrw1nemapuBRWNxmGzM4S
ySCmNcsbc6NVY+rPhEt0oFjVuoL9L4GwYGGkm+Ae7qFfdJUyg9QBWflqxTyM7K7Y
AhrAEO0cvo5gsiHEYPYeop+YA/Ox8vJwL4sFRqaGq1VKWnO2uN2Zj1OaUrg7C8fb
z2V6o65IKUSk1SpsQSF8uwBAMNm5S5cs/LurKJaL/gB5bFsjUlJIUvL9iecM1ULQ
m1TULrbkVKi2PIxmkGPxmEmInsBhzFCvj+3uyvg4ENTFA/jK/TDo5/S9k6W7nIdW
yrv5rr+E8RNA4A==
-----END CERTIFICATE-----