Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          Gd8NBmG3ssUyCMmvvkBOGJf7H4EaAbQq5kNwNIGMkXY=
Subject key identifier:   F3:09:05:6C:81:C5:EE:15:16:42:2A:DB:41:98:A0:22:BD:3D:37:71
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       019D98F41684994212E61B728FD361329642
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          0BA2
Signing time:             Fri 17 Apr 2026 01:00:26 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:26 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:26 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: D6XJaqfQesy6YnkdpkOlBUwmsObjlbquGFrRjR1gmUk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:16:84:99:42:12:e6:1b:72:8f:d3:61:32:96:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: Apr 17 01:00:26 2026 GMT
            Not After : Apr 18 01:00:26 2026 GMT
        Subject: CN=f309056c81c5ee1516422adb4198a022bd3d3771
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:57:ba:a5:d8:7d:88:bf:c9:a6:5c:19:7e:53:
                    28:12:07:60:5c:22:68:99:df:27:e9:a8:ca:f4:18:
                    87:bd:ff:de:2d:df:90:7c:92:22:6d:09:1e:cb:b9:
                    c8:81:8d:0f:2f:23:60:55:c0:bc:ea:f5:48:65:2b:
                    65:3d:8e:5f:82:da:bf:29:e8:ea:75:16:9b:ad:6f:
                    1d:64:c0:10:67:51:6d:39:3b:75:ef:2f:6d:de:30:
                    49:7d:3c:74:b6:ca:0a:de:3b:cf:4b:0e:1c:3b:94:
                    e6:82:18:06:40:14:49:b3:aa:28:67:f4:0b:61:30:
                    db:a2:cf:a5:25:dd:68:a9:f7:14:32:e4:eb:c1:1e:
                    e8:df:02:5a:1e:6b:a0:b1:10:2f:b4:dd:15:f4:d8:
                    c3:82:13:fa:63:3c:3b:e8:4b:87:e5:80:1a:05:d8:
                    04:68:54:42:b2:72:b0:ea:cb:a2:f3:b6:03:ea:06:
                    46:d0:e7:99:a0:b9:2c:22:59:aa:2f:83:23:a9:39:
                    c2:00:d5:cb:a7:66:a4:ad:55:06:d2:a7:dc:7a:14:
                    92:78:20:84:55:d8:8f:03:44:28:98:62:05:63:9c:
                    7b:6f:86:e6:b4:17:fd:d0:86:42:ac:ec:31:0f:a9:
                    ad:0a:e7:59:ad:d3:25:c2:07:14:49:e6:e5:40:05:
                    52:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:09:05:6C:81:C5:EE:15:16:42:2A:DB:41:98:A0:22:BD:3D:37:71
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:86:32:08:d7:2c:5e:b0:80:6a:1f:ef:1f:9c:19:d3:b9:0b:
         88:72:b8:c8:ba:9e:43:22:4f:0e:18:65:ec:71:4f:c2:7c:7a:
         a4:1a:6c:cb:96:e1:73:ea:cf:50:7b:10:ab:40:e7:16:af:36:
         da:83:2e:b5:4b:b5:ad:81:92:71:f3:67:51:79:4e:cd:92:af:
         f3:54:76:05:ed:38:aa:0a:2a:7d:35:77:3b:02:60:2a:06:4a:
         2f:21:96:6a:af:d9:90:72:da:7a:76:75:e0:97:fe:55:18:96:
         85:6c:f6:a2:c1:ae:ff:15:ee:46:9a:87:da:05:3f:fc:04:ba:
         8d:d8:c4:ad:8a:70:45:ae:f2:e5:72:bf:ed:f5:4a:e2:1d:43:
         37:36:21:8f:90:21:a5:56:24:bf:db:8f:c8:55:6a:6a:8e:9e:
         2e:aa:cb:2a:2b:6f:d3:a7:a2:ff:53:11:5d:5c:3d:58:16:33:
         e6:e2:bf:dd:fd:e3:d4:ff:47:81:d8:ce:9c:b2:40:79:11:34:
         e1:9c:f6:95:53:99:1b:b2:ca:50:43:75:03:82:b3:1c:d7:31:
         4e:14:17:cb:7b:2f:a7:5f:7d:f9:1e:49:7c:72:de:de:bf:db:
         33:4f:50:3f:aa:b2:dd:3e:e6:54:a2:2b:a3:b3:e2:fd:62:be:
         7b:78:85:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9BaEmUIS5htyj9NhMpZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjYwNDE3MDEwMDI2WhcNMjYwNDE4MDEwMDI2WjAzMTEwLwYDVQQD
EyhmMzA5MDU2YzgxYzVlZTE1MTY0MjJhZGI0MTk4YTAyMmJkM2QzNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFe6pdh9iL/JplwZflMoEgdgXCJo
md8n6ajK9BiHvf/eLd+QfJIibQkey7nIgY0PLyNgVcC86vVIZStlPY5fgtq/Kejq
dRabrW8dZMAQZ1FtOTt17y9t3jBJfTx0tsoK3jvPSw4cO5TmghgGQBRJs6ooZ/QL
YTDbos+lJd1oqfcUMuTrwR7o3wJaHmugsRAvtN0V9NjDghP6Yzw76EuH5YAaBdgE
aFRCsnKw6sui87YD6gZG0OeZoLksIlmqL4MjqTnCANXLp2akrVUG0qfcehSSeCCE
VdiPA0QomGIFY5x7b4bmtBf90IZCrOwxD6mtCudZrdMlwgcUSeblQAVSXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMJBWyBxe4VFkIq20GYoCK9PTdxMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIIYyCNcs
XrCAah/vH5wZ07kLiHK4yLqeQyJPDhhl7HFPwnx6pBpsy5bhc+rPUHsQq0DnFq82
2oMutUu1rYGScfNnUXlOzZKv81R2Be04qgoqfTV3OwJgKgZKLyGWaq/ZkHLaenZ1
4Jf+VRiWhWz2osGu/xXuRpqH2gU//AS6jdjErYpwRa7y5XK/7fVK4h1DNzYhj5Ah
pVYkv9uPyFVqao6eLqrLKitv06ei/1MRXVw9WBYz5uK/3f3j1P9HgdjOnLJAeRE0
4Zz2lVOZG7LKUEN1A4KzHNcxThQXy3svp199+R5JfHLe3r/bM09QP6qy3T7mVKIr
o7Pi/WK+e3iFnA==
-----END CERTIFICATE-----