Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          cpF/a8k+9yQ0FZ+2W4mIQK+ELzJaUnaree6fSS5XwSI=
Subject key identifier:   BD:96:9D:0C:A1:D1:CD:DA:FA:40:97:9D:6D:83:DD:86:E7:D3:72:92
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       019E2F9695879484016802BFFD7CBF4F6E3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          0FF0
Signing time:             Sat 16 May 2026 07:00:58 +0000
Manifest this update:     Sat 16 May 2026 07:00:58 +0000
Manifest next update:     Sun 17 May 2026 07:00:58 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: cSkogqa56DcblN9AxCVLx/XCTkfFBfnlFf9WRfIXWWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:95:87:94:84:01:68:02:bf:fd:7c:bf:4f:6e:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: May 16 07:00:58 2026 GMT
            Not After : May 17 07:00:58 2026 GMT
        Subject: CN=bd969d0ca1d1cddafa40979d6d83dd86e7d37292
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:6d:48:89:6c:99:64:f1:35:43:fb:b8:ac:ae:
                    2a:96:1b:40:76:a9:fa:72:4d:d8:64:80:17:60:f6:
                    4b:f3:35:80:56:ad:68:c4:49:76:60:29:9f:47:56:
                    ff:6f:f7:d5:df:31:18:75:66:7b:7c:1d:e2:9a:a9:
                    bd:85:7d:09:7a:13:dd:c2:a3:cd:ff:86:f0:b5:3f:
                    4c:5b:1f:f7:c4:3e:ec:ae:d5:36:04:b1:36:db:93:
                    53:d1:c2:ed:83:5c:20:b9:da:e4:cb:b4:17:bb:69:
                    18:9b:52:dc:d2:e2:20:6b:43:c2:f7:d9:f3:f9:bf:
                    5b:db:a9:0b:4d:ca:f7:c6:8b:79:e0:c6:44:07:17:
                    e0:a8:7b:7f:a0:9a:93:86:f9:bb:e4:97:fe:fd:0e:
                    ee:2a:2d:4d:00:df:be:06:a5:1e:1c:f9:0b:4a:51:
                    dd:b1:bb:bf:b6:92:99:2b:7c:56:c2:e9:bc:7c:af:
                    0a:5b:35:c1:b8:c8:fc:8b:4f:54:e7:fc:e2:f9:b9:
                    51:6e:1a:16:bb:f2:cb:14:e9:2f:e9:f5:dc:47:ac:
                    55:23:43:44:c1:8d:b8:a5:47:01:5a:2c:c3:1f:63:
                    0f:6d:03:8a:3b:4c:21:4c:44:de:b0:8f:46:41:e5:
                    77:7f:54:15:96:04:df:2c:df:94:71:57:aa:c5:11:
                    6f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:96:9D:0C:A1:D1:CD:DA:FA:40:97:9D:6D:83:DD:86:E7:D3:72:92
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:3c:1b:0e:80:05:ad:1f:b4:9c:aa:ec:fc:e6:c7:f8:4d:e3:
         b7:d8:5e:1f:fd:14:dd:2b:ca:cc:19:33:ad:d9:89:c8:8c:00:
         2d:c1:4a:a2:64:4f:2f:77:9b:5d:1e:ab:8a:e8:d8:46:3a:0b:
         33:63:2a:8e:e8:be:2d:30:4f:75:2f:9e:86:2e:50:fd:a2:46:
         2a:fc:b7:26:fe:94:9d:dc:dc:8e:a9:fd:29:56:d6:a3:08:f4:
         ae:30:7e:04:ac:f2:1b:17:5f:68:43:c4:75:e2:15:35:73:3e:
         d0:98:68:9b:14:0a:47:c9:aa:a4:f2:7c:32:a8:15:07:d9:18:
         d2:cc:22:d8:33:5c:a0:6b:02:ce:b2:50:3e:a1:e2:60:ae:6c:
         40:5b:cb:3a:df:90:f4:f3:87:b0:55:56:de:c3:49:c8:63:b5:
         a7:3d:4f:d7:3f:08:59:26:a6:c9:e0:6f:6e:e6:ef:2a:ff:ef:
         dd:1c:81:1f:9a:1a:d4:2f:92:52:14:6f:27:8e:af:03:e2:56:
         0c:d4:8a:3b:aa:f3:e8:92:70:e8:67:76:1a:ff:d3:50:15:78:
         8f:78:d2:02:24:55:0b:a4:24:73:ec:42:44:3e:5f:e2:0f:a4:
         24:8e:dc:fb:97:4a:86:15:9e:c8:dc:a8:ac:35:a6:bb:62:e8:
         e6:22:5f:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlpWHlIQBaAK//Xy/T249MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjYwNTE2MDcwMDU4WhcNMjYwNTE3MDcwMDU4WjAzMTEwLwYDVQQD
EyhiZDk2OWQwY2ExZDFjZGRhZmE0MDk3OWQ2ZDgzZGQ4NmU3ZDM3MjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtm1IiWyZZPE1Q/u4rK4qlhtAdqn6
ck3YZIAXYPZL8zWAVq1oxEl2YCmfR1b/b/fV3zEYdWZ7fB3imqm9hX0JehPdwqPN
/4bwtT9MWx/3xD7srtU2BLE225NT0cLtg1wgudrky7QXu2kYm1Lc0uIga0PC99nz
+b9b26kLTcr3xot54MZEBxfgqHt/oJqThvm75Jf+/Q7uKi1NAN++BqUeHPkLSlHd
sbu/tpKZK3xWwum8fK8KWzXBuMj8i09U5/zi+blRbhoWu/LLFOkv6fXcR6xVI0NE
wY24pUcBWizDH2MPbQOKO0whTETesI9GQeV3f1QVlgTfLN+UcVeqxRFvTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2WnQyh0c3a+kCXnW2D3Ybn03KSMB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARjwbDoAF
rR+0nKrs/ObH+E3jt9heH/0U3SvKzBkzrdmJyIwALcFKomRPL3ebXR6riujYRjoL
M2Mqjui+LTBPdS+ehi5Q/aJGKvy3Jv6Undzcjqn9KVbWowj0rjB+BKzyGxdfaEPE
deIVNXM+0JhomxQKR8mqpPJ8MqgVB9kY0swi2DNcoGsCzrJQPqHiYK5sQFvLOt+Q
9POHsFVW3sNJyGO1pz1P1z8IWSamyeBvbubvKv/v3RyBH5oa1C+SUhRvJ46vA+JW
DNSKO6rz6JJw6Gd2Gv/TUBV4j3jSAiRVC6Qkc+xCRD5f4g+kJI7c+5dKhhWeyNyo
rDWmu2Lo5iJfuA==
-----END CERTIFICATE-----