Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          KRUNaA3NAW93Uc/VZSJUcKBuyLTZ+Jznq1pG/uD5sIE=
Subject key identifier:   F9:35:D4:8E:F9:CA:A0:C7:0D:15:17:7F:3D:8C:A3:6B:E6:B7:DA:0D
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       019E2F96CA8CB21824C6CECCF8F69C3A9F9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          190B
Signing time:             Sat 16 May 2026 07:01:11 +0000
Manifest this update:     Sat 16 May 2026 07:01:11 +0000
Manifest next update:     Sun 17 May 2026 07:01:11 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: ldZxTdmZ8Cat6SdX2KQSE1asSWOQOvQabDNNwdy1qws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:ca:8c:b2:18:24:c6:ce:cc:f8:f6:9c:3a:9f:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: May 16 07:01:11 2026 GMT
            Not After : May 17 07:01:11 2026 GMT
        Subject: CN=f935d48ef9caa0c70d15177f3d8ca36be6b7da0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:02:6f:3f:51:5f:82:39:de:1e:9c:46:53:75:
                    93:fd:48:38:e6:ee:fa:e4:e2:3b:59:51:90:97:de:
                    30:60:da:5a:67:25:72:bd:fe:e0:51:f3:af:1b:6b:
                    a3:fa:bf:ad:4a:f2:54:ed:6f:01:87:72:1c:aa:86:
                    73:dd:ed:c6:6f:13:ee:5e:a4:d0:a2:5b:0b:12:32:
                    91:05:3d:67:c1:97:bc:59:4b:5d:50:96:eb:12:e1:
                    f2:bf:43:cf:13:13:d9:86:40:dc:d6:2e:f0:62:a1:
                    dd:b7:07:b1:45:a3:f1:d6:bd:1f:8f:6c:16:5a:e8:
                    7a:93:b0:89:43:37:c3:5b:72:b4:8b:0e:d3:8a:9d:
                    fc:fa:7e:b1:3a:ce:c0:0b:26:35:f5:3c:c4:12:75:
                    a7:df:59:49:5d:81:e2:c4:42:6a:40:07:ed:3d:cc:
                    de:5e:86:ca:52:99:4d:82:09:12:fb:7f:76:7f:21:
                    5e:6e:af:84:ec:21:9e:f4:99:76:5f:99:85:ad:78:
                    bd:f4:f0:bc:59:1a:a7:c9:cb:8b:38:4f:0a:37:ed:
                    f9:01:18:06:b3:b0:be:36:6f:45:d2:2b:2b:3b:fd:
                    2a:78:a5:d8:df:f9:52:c5:ea:a8:82:5c:75:f0:2b:
                    8d:9b:d8:d2:6d:c6:aa:5d:7a:b4:72:34:74:6c:a8:
                    08:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:35:D4:8E:F9:CA:A0:C7:0D:15:17:7F:3D:8C:A3:6B:E6:B7:DA:0D
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:bb:21:16:2d:7f:df:40:4d:19:1b:b9:e1:81:32:e3:d4:35:
         e7:17:7b:d7:94:32:8a:c9:15:55:84:72:6d:a3:5b:5e:7c:23:
         ad:87:f6:1f:27:21:31:ca:ab:1c:c4:e1:10:3a:7a:75:58:8d:
         c2:c6:ef:22:13:85:60:5a:b2:2a:d0:db:80:ab:f7:fe:22:c7:
         5b:02:ea:99:ac:85:36:2a:73:f8:1b:57:f0:22:29:88:92:a0:
         ad:48:cb:84:05:f1:d0:83:e3:70:cd:2c:f5:51:da:c8:c0:92:
         02:67:96:27:72:ae:48:e6:90:d5:63:bb:6d:7b:c1:6b:fe:48:
         2f:b5:79:e7:5a:78:74:2f:dc:2b:e6:36:8b:05:3e:42:75:1f:
         34:67:4b:05:44:b3:77:ab:c6:f0:27:bb:f4:a5:f5:aa:10:ad:
         38:a4:7b:1f:6a:5e:61:27:19:25:a3:1c:60:9b:bf:5e:7c:dd:
         03:57:0b:87:cd:ee:30:c2:1c:25:ad:0f:a9:4c:df:28:7f:6b:
         78:22:fc:7a:75:7a:32:ff:1a:30:4e:48:ac:bd:ee:1f:0b:a4:
         78:fe:13:c4:b9:62:f6:be:73:c5:01:16:c4:54:0b:bb:e9:a4:
         8e:90:8f:38:1b:f7:00:25:f2:47:0d:45:74:63:d2:dd:c2:49:
         52:16:05:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlsqMshgkxs7M+PacOp+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjYwNTE2MDcwMTExWhcNMjYwNTE3MDcwMTExWjAzMTEwLwYDVQQD
EyhmOTM1ZDQ4ZWY5Y2FhMGM3MGQxNTE3N2YzZDhjYTM2YmU2YjdkYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AJvP1FfgjneHpxGU3WT/Ug45u76
5OI7WVGQl94wYNpaZyVyvf7gUfOvG2uj+r+tSvJU7W8Bh3IcqoZz3e3GbxPuXqTQ
olsLEjKRBT1nwZe8WUtdUJbrEuHyv0PPExPZhkDc1i7wYqHdtwexRaPx1r0fj2wW
Wuh6k7CJQzfDW3K0iw7Tip38+n6xOs7ACyY19TzEEnWn31lJXYHixEJqQAftPcze
XobKUplNggkS+392fyFebq+E7CGe9Jl2X5mFrXi99PC8WRqnycuLOE8KN+35ARgG
s7C+Nm9F0isrO/0qeKXY3/lSxeqoglx18CuNm9jSbcaqXXq0cjR0bKgI6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPk11I75yqDHDRUXfz2Mo2vmt9oNMB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADrshFi1/
30BNGRu54YEy49Q15xd715QyiskVVYRybaNbXnwjrYf2HychMcqrHMThEDp6dViN
wsbvIhOFYFqyKtDbgKv3/iLHWwLqmayFNipz+BtX8CIpiJKgrUjLhAXx0IPjcM0s
9VHayMCSAmeWJ3KuSOaQ1WO7bXvBa/5IL7V551p4dC/cK+Y2iwU+QnUfNGdLBUSz
d6vG8Ce79KX1qhCtOKR7H2peYScZJaMcYJu/XnzdA1cLh83uMMIcJa0PqUzfKH9r
eCL8enV6Mv8aME5IrL3uHwukeP4TxLli9r5zxQEWxFQLu+mkjpCPOBv3ACXyRw1F
dGPS3cJJUhYFMA==
-----END CERTIFICATE-----