Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
File:                     2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft (raw, json)
Hash identifier:          f+OVl5dgP9CXQ2ka0BC1JfLY8+4fq+bGNB7PIWM3yww=
Subject key identifier:   88:58:8A:BB:91:C1:E6:70:DF:6B:C8:27:F9:50:8D:15:74:B2:3C:AB
Authority key identifier: DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
Certificate issuer:       /CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Certificate serial:       019D3940D1CA087A760714B479CB694CE168
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
Manifest number:          06D1
Signing time:             Sun 29 Mar 2026 11:00:42 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:42 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:42 +0000
Files and hashes:         1: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl (hash: nAc2SZBeRtaJztCfyfy+TgJ2i+swhT919btgKuw83uk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:d1:ca:08:7a:76:07:14:b4:79:cb:69:4c:e1:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
        Validity
            Not Before: Mar 29 11:00:42 2026 GMT
            Not After : Mar 30 11:00:42 2026 GMT
        Subject: CN=88588abb91c1e670df6bc827f9508d1574b23cab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e9:97:e6:3f:f2:a4:de:ca:8b:12:25:3d:0f:
                    59:63:8f:9d:fd:9e:06:5e:22:b5:5b:95:bc:b3:21:
                    37:98:54:e3:5d:75:a5:45:5a:0c:fb:11:c5:a8:8d:
                    ec:6d:57:f8:7d:d6:22:9c:44:59:11:09:81:fc:5a:
                    3a:9e:47:7b:0f:83:16:fa:e4:68:7c:cb:d7:6b:57:
                    59:46:a8:35:2c:c7:5d:05:2c:35:d5:67:db:7a:91:
                    c0:4e:c5:41:30:b8:2a:87:01:20:c2:40:2e:27:c3:
                    8e:4c:c0:77:ca:7f:3d:cf:d0:c2:fd:48:1d:b9:3f:
                    33:56:cd:f8:ae:d8:f0:e0:f3:49:a4:42:71:03:06:
                    13:97:ce:34:63:c9:9c:0a:8b:10:fe:48:7d:ec:b3:
                    ca:c6:60:b1:f9:bd:36:72:18:4b:f4:d9:d7:50:a0:
                    6c:b3:71:5b:a4:9c:90:e8:53:ca:9c:be:dc:39:9b:
                    b1:48:55:6d:63:e2:68:66:61:b6:34:c2:1d:74:3d:
                    0e:c0:60:65:18:28:94:3a:cc:6e:f1:76:ac:c1:7f:
                    ce:ff:56:0f:7d:fe:e8:a9:93:72:3e:b5:86:36:cb:
                    fc:fe:7e:bc:a8:41:72:ac:b2:71:e3:b3:a5:ff:12:
                    ee:f7:4d:a5:e6:1c:77:34:40:ff:56:7f:32:3c:4d:
                    85:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:58:8A:BB:91:C1:E6:70:DF:6B:C8:27:F9:50:8D:15:74:B2:3C:AB
            X509v3 Authority Key Identifier:
                keyid:DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:c9:00:11:c0:90:3d:f0:9f:20:69:13:c5:bc:dc:b1:f3:d5:
         9b:b9:4b:c4:48:3d:ef:50:9a:9c:a8:f8:4d:7e:7c:8c:ca:70:
         cf:2f:eb:58:bf:a8:42:81:a8:9c:a3:86:fb:47:fe:d8:3e:77:
         e3:7a:72:db:43:33:72:5c:53:06:50:af:0c:f6:80:ae:55:55:
         fc:4c:e8:90:0d:64:07:e3:0c:77:e9:1b:18:d5:ca:b8:82:3c:
         cd:25:39:94:92:a3:b9:86:4d:ae:0c:60:46:a1:c6:51:f7:72:
         8b:3e:62:05:de:fa:4f:c1:16:f5:50:47:34:20:cf:01:da:99:
         dd:a9:e7:16:1f:9b:34:1e:f1:7a:e4:38:a8:62:fd:39:a6:ba:
         9f:f4:96:e3:be:88:31:d3:23:8e:bc:69:ff:7a:5f:23:80:91:
         3c:a5:f4:e8:b1:58:64:44:25:13:c8:b9:a5:c1:34:66:8a:b0:
         c8:c7:51:13:e1:b0:8e:04:39:1d:00:d6:33:71:aa:89:7c:6f:
         e9:8f:a6:58:40:71:a4:93:5d:ed:f3:48:ea:7f:6a:45:3e:5a:
         cf:4a:5f:a6:88:0b:75:80:c0:ab:9b:9e:8a:b7:b1:68:fd:17:
         ea:19:3b:40:78:9e:ea:34:84:9c:1d:05:2a:97:e6:d9:5f:62:
         5a:c6:0f:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QNHKCHp2BxS0ectpTOFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTY3YzU4YjRhNmZlMjEyZmMyMGZiNzU2OTQ5YWRkYzFh
OWE2MmMwHhcNMjYwMzI5MTEwMDQyWhcNMjYwMzMwMTEwMDQyWjAzMTEwLwYDVQQD
Eyg4ODU4OGFiYjkxYzFlNjcwZGY2YmM4MjdmOTUwOGQxNTc0YjIzY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOmX5j/ypN7KixIlPQ9ZY4+d/Z4G
XiK1W5W8syE3mFTjXXWlRVoM+xHFqI3sbVf4fdYinERZEQmB/Fo6nkd7D4MW+uRo
fMvXa1dZRqg1LMddBSw11WfbepHATsVBMLgqhwEgwkAuJ8OOTMB3yn89z9DC/Ugd
uT8zVs34rtjw4PNJpEJxAwYTl840Y8mcCosQ/kh97LPKxmCx+b02chhL9NnXUKBs
s3FbpJyQ6FPKnL7cOZuxSFVtY+JoZmG2NMIddD0OwGBlGCiUOsxu8XaswX/O/1YP
ff7oqZNyPrWGNsv8/n68qEFyrLJx47Ol/xLu902l5hx3NED/Vn8yPE2FfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhYiruRweZw32vIJ/lQjRV0sjyrMB8GA1UdIwQY
MBaAFNqmfFi0pv4hL8IPt1aUmt3BqaYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYt
NTBmMzRmNDM1ZjAzLzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYtNTBmMzRmNDM1ZjAz
LzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAackAEcCQ
PfCfIGkTxbzcsfPVm7lLxEg971CanKj4TX58jMpwzy/rWL+oQoGonKOG+0f+2D53
43py20MzclxTBlCvDPaArlVV/EzokA1kB+MMd+kbGNXKuII8zSU5lJKjuYZNrgxg
RqHGUfdyiz5iBd76T8EW9VBHNCDPAdqZ3annFh+bNB7xeuQ4qGL9Oaa6n/SW476I
MdMjjrxp/3pfI4CRPKX06LFYZEQlE8i5pcE0ZoqwyMdRE+GwjgQ5HQDWM3GqiXxv
6Y+mWEBxpJNd7fNI6n9qRT5az0pfpogLdYDAq5ueirexaP0X6hk7QHie6jSEnB0F
Kpfm2V9iWsYPvg==
-----END CERTIFICATE-----