Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          q+rt7FrEGoaCw+vWsq1QZDNuNPZwvpspcXYut39ITxo=
Subject key identifier:   29:A3:7E:A3:3B:E2:C2:7A:DA:FF:54:B1:41:D1:00:C1:A4:3E:B0:C6
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       019CAB6AE49DA641BEA41CA9FED5063757AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          1108
Signing time:             Sun 01 Mar 2026 22:00:35 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:35 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:35 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: sPpnqjDNowBXdklYcf7InJtNMH6eX32Qo5YomLv+sYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:e4:9d:a6:41:be:a4:1c:a9:fe:d5:06:37:57:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: Mar  1 22:00:35 2026 GMT
            Not After : Mar  2 22:00:35 2026 GMT
        Subject: CN=29a37ea33be2c27adaff54b141d100c1a43eb0c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:22:5b:85:d6:fe:e4:3b:83:93:a4:50:b9:44:
                    a9:4a:d4:d6:c3:1b:d3:b2:f3:59:d4:fa:57:3c:c1:
                    a9:a1:d9:87:ef:4e:80:44:28:b2:87:d2:fd:af:82:
                    d5:b4:3c:3e:a7:e7:13:d6:69:7c:28:25:29:99:75:
                    81:7b:bf:19:49:3e:ad:b7:32:79:43:89:0e:6c:91:
                    46:4e:49:c9:8f:a9:60:3b:2a:f1:89:9c:07:f0:87:
                    35:85:de:d4:2e:1e:9b:19:aa:29:42:2b:74:fe:ba:
                    d3:92:b2:33:6c:b5:7f:2e:3a:4d:fd:e5:d1:74:6e:
                    03:bf:fa:19:f8:8d:47:39:c2:5f:af:fa:2c:a2:71:
                    28:0f:7b:8e:77:30:04:b1:59:7a:15:de:33:c0:fc:
                    67:e9:5e:77:fc:7f:82:e0:c6:4f:eb:58:33:b2:df:
                    2b:89:f1:f8:26:c5:21:be:61:41:97:16:dd:a3:bb:
                    3d:65:23:7a:5e:f8:b0:d3:02:80:dc:6b:e6:f9:27:
                    a7:11:e5:f3:e9:25:ce:fa:e1:12:5f:46:fc:59:9c:
                    5e:f3:ca:af:fe:80:dc:4e:e5:2d:19:2a:52:0e:20:
                    12:93:5c:ef:e1:99:8e:77:1e:4a:01:60:10:c7:7c:
                    59:42:ba:18:cd:2e:a5:8f:84:a1:75:ba:eb:27:53:
                    0d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:A3:7E:A3:3B:E2:C2:7A:DA:FF:54:B1:41:D1:00:C1:A4:3E:B0:C6
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:d7:00:50:12:ca:65:44:a1:6d:13:fa:dc:c3:8f:e3:b4:85:
         01:8d:5c:b0:d7:e0:2c:a4:5a:cf:74:54:21:0d:74:a3:5f:8f:
         6f:1a:a3:d4:99:9b:55:6c:2a:41:9d:07:45:33:32:47:14:ce:
         d4:4f:84:bc:fc:fd:85:d5:12:98:b4:8d:6c:fb:4a:11:b1:e2:
         66:61:7d:d2:59:39:2b:d3:59:7c:21:8f:7f:6a:ba:83:d3:64:
         d8:93:8c:31:07:54:4f:39:81:22:86:49:63:a9:d3:5a:69:e8:
         d2:6e:74:2e:28:1b:42:7c:fa:6d:0f:b5:36:92:3e:80:b0:c9:
         f7:8c:ef:f6:88:b4:49:44:01:da:03:67:28:4f:da:9c:a5:82:
         84:29:49:fe:58:ba:07:92:c3:03:cd:7e:63:08:a2:76:e4:38:
         f3:41:2a:0a:6d:31:c4:06:d1:cf:d7:7b:87:e4:ce:31:93:3d:
         f7:1d:83:a4:cb:5b:ef:09:fd:6e:f5:3e:4b:bd:5d:d6:8f:a6:
         48:ab:00:1f:92:b5:99:31:44:88:6d:46:9a:21:28:d7:21:cd:
         bc:8d:cc:c0:44:b3:98:1f:08:4d:d1:62:8a:05:51:87:88:84:
         4e:d0:20:72:bc:7a:7b:f9:16:c0:70:df:3b:0a:fa:27:f7:8d:
         b9:9e:2c:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrauSdpkG+pByp/tUGN1esMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjYwMzAxMjIwMDM1WhcNMjYwMzAyMjIwMDM1WjAzMTEwLwYDVQQD
EygyOWEzN2VhMzNiZTJjMjdhZGFmZjU0YjE0MWQxMDBjMWE0M2ViMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCJbhdb+5DuDk6RQuUSpStTWwxvT
svNZ1PpXPMGpodmH706ARCiyh9L9r4LVtDw+p+cT1ml8KCUpmXWBe78ZST6ttzJ5
Q4kObJFGTknJj6lgOyrxiZwH8Ic1hd7ULh6bGaopQit0/rrTkrIzbLV/LjpN/eXR
dG4Dv/oZ+I1HOcJfr/osonEoD3uOdzAEsVl6Fd4zwPxn6V53/H+C4MZP61gzst8r
ifH4JsUhvmFBlxbdo7s9ZSN6Xviw0wKA3Gvm+SenEeXz6SXO+uESX0b8WZxe88qv
/oDcTuUtGSpSDiASk1zv4ZmOdx5KAWAQx3xZQroYzS6lj4ShdbrrJ1MNPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmjfqM74sJ62v9UsUHRAMGkPrDGMB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoNcAUBLK
ZUShbRP63MOP47SFAY1csNfgLKRaz3RUIQ10o1+Pbxqj1JmbVWwqQZ0HRTMyRxTO
1E+EvPz9hdUSmLSNbPtKEbHiZmF90lk5K9NZfCGPf2q6g9Nk2JOMMQdUTzmBIoZJ
Y6nTWmno0m50LigbQnz6bQ+1NpI+gLDJ94zv9oi0SUQB2gNnKE/anKWChClJ/li6
B5LDA81+YwiiduQ480EqCm0xxAbRz9d7h+TOMZM99x2DpMtb7wn9bvU+S71d1o+m
SKsAH5K1mTFEiG1GmiEo1yHNvI3MwESzmB8ITdFiigVRh4iETtAgcrx6e/kWwHDf
Owr6J/eNuZ4sPg==
-----END CERTIFICATE-----