Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft
File:                     9efoeENmtHGmpODICA-PENrmalA.mft (raw, json)
Hash identifier:          Lf8b0Hq/GV8tXiYlyRnD1HsODu0L+6MF55uZCGMddZc=
Subject key identifier:   3E:F6:1E:76:06:E2:24:DA:66:9B:B1:9A:02:F2:E2:6F:08:69:37:01
Authority key identifier: F5:E7:E8:78:43:66:B4:71:A6:A4:E0:C8:08:0F:8F:10:DA:E6:6A:50
Certificate issuer:       /CN=f5e7e8784366b471a6a4e0c8080f8f10dae66a50
Certificate serial:       019CAA5896F876835D65B0C08E2C96BC9273
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9efoeENmtHGmpODICA-PENrmalA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft
Manifest number:          104A
Signing time:             Sun 01 Mar 2026 17:00:58 +0000
Manifest this update:     Sun 01 Mar 2026 17:00:58 +0000
Manifest next update:     Mon 02 Mar 2026 17:00:58 +0000
Files and hashes:         1: 9efoeENmtHGmpODICA-PENrmalA.crl (hash: IjuRG+7bk7q4m4FTHkuh/iG9Nk6d1hWwy97TvPow67U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9efoeENmtHGmpODICA-PENrmalA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:96:f8:76:83:5d:65:b0:c0:8e:2c:96:bc:92:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5e7e8784366b471a6a4e0c8080f8f10dae66a50
        Validity
            Not Before: Mar  1 17:00:58 2026 GMT
            Not After : Mar  2 17:00:58 2026 GMT
        Subject: CN=3ef61e7606e224da669bb19a02f2e26f08693701
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:46:35:56:e5:e8:93:0f:9a:54:27:fe:13:3e:
                    21:51:bc:57:f5:1c:51:89:c4:43:28:fd:b9:5b:69:
                    92:e1:c6:c0:0e:59:ef:f9:77:7d:d7:cd:05:bd:f5:
                    59:57:b0:ba:fc:68:ca:98:e7:f6:16:99:8b:91:75:
                    23:74:b4:d7:6c:08:8a:da:81:08:6a:33:e1:4e:8d:
                    31:47:47:83:72:05:f1:cb:c8:56:15:11:91:48:22:
                    56:4c:81:42:2e:7e:23:07:2f:f1:79:da:dd:76:30:
                    39:cf:65:82:4f:26:55:f3:41:6a:33:b2:41:cf:55:
                    a8:df:76:57:12:ef:4d:ba:5d:1b:9d:27:9b:28:80:
                    37:f8:ec:e6:af:53:ac:fd:49:f9:41:61:ec:51:28:
                    cd:d7:06:76:de:09:fe:b7:46:ae:e1:e9:e6:d1:e8:
                    ad:3c:6e:62:e1:cb:bc:6d:51:38:ec:cd:63:57:bb:
                    31:62:7e:15:5b:fe:74:bf:17:23:09:de:1b:9b:fd:
                    ca:90:1c:aa:69:42:68:26:1b:af:ae:df:fb:26:c4:
                    97:26:1a:0f:0d:38:ed:b5:24:96:43:57:ca:a9:13:
                    f4:d4:95:37:2d:c1:3e:a9:51:67:1e:3a:86:5a:ad:
                    8c:7c:27:4c:4c:0b:7a:90:08:a3:0c:be:3a:dd:27:
                    24:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:F6:1E:76:06:E2:24:DA:66:9B:B1:9A:02:F2:E2:6F:08:69:37:01
            X509v3 Authority Key Identifier:
                keyid:F5:E7:E8:78:43:66:B4:71:A6:A4:E0:C8:08:0F:8F:10:DA:E6:6A:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9efoeENmtHGmpODICA-PENrmalA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:17:ba:a5:30:39:18:87:00:75:ca:aa:2f:f3:63:09:09:6c:
         14:b5:47:d0:8a:ea:c0:be:a8:9b:1e:3e:61:7a:9f:13:74:8f:
         e7:19:44:67:bb:be:99:72:5a:36:0e:de:3d:c4:a3:51:df:33:
         95:10:31:8f:ff:1b:5a:5d:61:f8:78:11:28:aa:59:bd:22:14:
         79:8d:c2:f1:50:2f:ee:a4:e7:a0:a3:a4:74:a8:20:21:12:dd:
         29:a2:52:81:0d:8f:b3:bc:81:2c:3e:12:c0:45:e4:f8:3e:44:
         49:7b:70:96:81:f1:dd:49:0c:17:c9:3b:fd:56:4a:19:2d:3d:
         56:9f:95:ff:8b:73:aa:75:5f:1b:fb:ab:12:8e:da:e0:7c:76:
         ba:9e:56:b3:13:4e:d6:d8:10:e7:d6:68:b1:bc:be:1d:cf:1e:
         ed:35:6b:1c:2d:79:d8:7c:3e:d0:d7:10:4a:c6:32:67:80:3b:
         87:09:77:0f:fa:5e:42:da:fc:09:2a:9f:9f:64:a5:ec:12:95:
         91:af:6f:29:1d:ae:ca:27:c3:31:3c:86:61:f5:c1:7e:6e:75:
         a1:1a:e7:d3:61:2f:b3:6b:79:b5:4d:6b:51:c3:2b:0f:dc:a3:
         7a:56:84:1a:b5:9f:6d:1d:0f:f4:bc:8d:60:5d:41:3c:35:75:
         d7:d6:bb:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWJb4doNdZbDAjiyWvJJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZTdlODc4NDM2NmI0NzFhNmE0ZTBjODA4MGY4ZjEwZGFl
NjZhNTAwHhcNMjYwMzAxMTcwMDU4WhcNMjYwMzAyMTcwMDU4WjAzMTEwLwYDVQQD
EygzZWY2MWU3NjA2ZTIyNGRhNjY5YmIxOWEwMmYyZTI2ZjA4NjkzNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUY1VuXokw+aVCf+Ez4hUbxX9RxR
icRDKP25W2mS4cbADlnv+Xd9180FvfVZV7C6/GjKmOf2FpmLkXUjdLTXbAiK2oEI
ajPhTo0xR0eDcgXxy8hWFRGRSCJWTIFCLn4jBy/xedrddjA5z2WCTyZV80FqM7JB
z1Wo33ZXEu9Nul0bnSebKIA3+Ozmr1Os/Un5QWHsUSjN1wZ23gn+t0au4enm0eit
PG5i4cu8bVE47M1jV7sxYn4VW/50vxcjCd4bm/3KkByqaUJoJhuvrt/7JsSXJhoP
DTjttSSWQ1fKqRP01JU3LcE+qVFnHjqGWq2MfCdMTAt6kAijDL463SckdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD72HnYG4iTaZpuxmgLy4m8IaTcBMB8GA1UdIwQY
MBaAFPXn6HhDZrRxpqTgyAgPjxDa5mpQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWVmb2VFTm10SEdtcE9ESUNBLVBFTnJtYWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9lMDIwMWYtOGQxOC00OGZkLWE2Nzct
MGQyNzA0NjJiN2Q3LzEvOWVmb2VFTm10SEdtcE9ESUNBLVBFTnJtYWxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9lMDIwMWYtOGQxOC00OGZkLWE2NzctMGQyNzA0NjJiN2Q3
LzEvOWVmb2VFTm10SEdtcE9ESUNBLVBFTnJtYWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsRe6pTA5
GIcAdcqqL/NjCQlsFLVH0IrqwL6omx4+YXqfE3SP5xlEZ7u+mXJaNg7ePcSjUd8z
lRAxj/8bWl1h+HgRKKpZvSIUeY3C8VAv7qTnoKOkdKggIRLdKaJSgQ2Ps7yBLD4S
wEXk+D5ESXtwloHx3UkMF8k7/VZKGS09Vp+V/4tzqnVfG/urEo7a4Hx2up5WsxNO
1tgQ59Zosby+Hc8e7TVrHC152Hw+0NcQSsYyZ4A7hwl3D/peQtr8CSqfn2Sl7BKV
ka9vKR2uyifDMTyGYfXBfm51oRrn02Evs2t5tU1rUcMrD9yjelaEGrWfbR0P9LyN
YF1BPDV119a7Fg==
-----END CERTIFICATE-----