Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          Yy81fu/zi1bU/OI3RnnCwKo2JLMk18vaB18vAzxDMrk=
Subject key identifier:   53:39:6C:E6:00:9A:8A:26:96:20:CD:FA:64:7A:62:A1:9E:35:AA:83
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       019D3752726C63F7FCF1655A9E44C906803A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0C9B
Signing time:             Sun 29 Mar 2026 02:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:43 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: nRBjxD10/8nzxg+DpRFAeQEvuF7RILlA1O5fn2oFh3c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:72:6c:63:f7:fc:f1:65:5a:9e:44:c9:06:80:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Mar 29 02:00:43 2026 GMT
            Not After : Mar 30 02:00:43 2026 GMT
        Subject: CN=53396ce6009a8a269620cdfa647a62a19e35aa83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:34:a6:17:1b:ac:bf:56:94:9b:8f:74:6d:42:
                    90:ca:f8:93:fa:12:93:fe:17:5f:05:8e:33:14:08:
                    52:8e:fa:94:c2:18:e4:17:e7:e5:0e:71:d8:48:0e:
                    63:9b:f6:0d:e4:ff:a8:22:26:fb:91:34:6d:58:29:
                    0f:51:51:b1:b2:8a:e8:e1:7e:9a:b1:d1:fc:6e:01:
                    de:a2:18:a9:08:69:59:e2:17:d3:a4:fa:f0:02:a4:
                    c8:00:4f:05:99:3b:db:b5:a2:d7:6a:3a:a0:8b:d5:
                    5d:46:18:88:62:66:48:84:d8:88:e0:63:93:0f:1a:
                    47:36:f6:8c:d9:74:19:7f:3b:58:0e:be:60:15:50:
                    06:8d:da:e3:b0:f6:ff:65:a8:8e:bc:bf:40:3d:b7:
                    30:8e:3d:12:de:e1:90:0a:c4:be:a8:6f:62:91:c7:
                    f8:8d:26:aa:e6:c3:e7:3e:28:d1:91:b0:da:bb:53:
                    e7:c0:b3:da:2e:a9:4e:d3:69:63:00:ec:f8:17:22:
                    64:e9:97:1c:b7:89:06:49:5d:a1:66:76:69:85:bc:
                    fe:b5:0e:99:a3:c5:95:19:02:ab:40:cb:f9:42:e6:
                    02:f4:09:58:22:e9:c5:6b:e4:5e:3e:bc:a3:af:64:
                    73:0f:7a:5f:7c:17:30:4c:5d:82:be:e2:f8:4f:8c:
                    53:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:39:6C:E6:00:9A:8A:26:96:20:CD:FA:64:7A:62:A1:9E:35:AA:83
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:57:da:a2:27:15:8e:31:80:70:1a:ae:c8:da:4e:49:3e:ff:
         3f:08:3b:f2:ae:58:34:2a:ac:47:62:48:b4:7f:ef:b5:79:05:
         5e:66:9c:8c:2b:d0:a6:be:70:57:18:25:d0:35:be:1f:a2:4d:
         19:9b:4b:85:8b:94:66:19:af:76:41:d7:2f:1c:83:ca:79:a5:
         94:00:5a:ee:a3:8b:d4:41:76:51:14:65:23:a2:ee:71:8a:f3:
         bc:a3:93:72:7a:14:d8:1e:e9:4c:76:38:f0:9f:bc:50:d6:e4:
         4f:8a:49:3c:84:0f:58:89:59:27:76:62:03:7c:70:33:c0:ea:
         ef:88:51:c8:74:3d:3d:68:33:97:3d:c7:b5:6a:43:5c:b2:4a:
         c7:15:30:56:89:2e:4c:0b:92:18:0b:6f:06:b3:29:49:e6:e9:
         d7:03:39:4e:dd:76:89:ed:f6:1e:34:72:6c:fc:e2:65:24:14:
         89:58:ff:54:71:61:37:ad:39:59:7e:5d:95:a5:65:33:3d:c1:
         16:91:a0:7e:64:53:f0:a5:6e:46:84:29:a7:0c:c6:eb:d1:09:
         bd:3a:23:17:52:75:6e:09:24:da:00:f3:ce:5f:24:e4:96:1a:
         3d:30:ac:b6:ed:37:84:e7:fe:30:a6:b3:69:8f:5c:22:bb:8e:
         5e:eb:e7:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UnJsY/f88WVankTJBoA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjYwMzI5MDIwMDQzWhcNMjYwMzMwMDIwMDQzWjAzMTEwLwYDVQQD
Eyg1MzM5NmNlNjAwOWE4YTI2OTYyMGNkZmE2NDdhNjJhMTllMzVhYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zSmFxusv1aUm490bUKQyviT+hKT
/hdfBY4zFAhSjvqUwhjkF+flDnHYSA5jm/YN5P+oIib7kTRtWCkPUVGxsoro4X6a
sdH8bgHeohipCGlZ4hfTpPrwAqTIAE8FmTvbtaLXajqgi9VdRhiIYmZIhNiI4GOT
DxpHNvaM2XQZfztYDr5gFVAGjdrjsPb/ZaiOvL9APbcwjj0S3uGQCsS+qG9ikcf4
jSaq5sPnPijRkbDau1PnwLPaLqlO02ljAOz4FyJk6Zcct4kGSV2hZnZphbz+tQ6Z
o8WVGQKrQMv5QuYC9AlYIunFa+RePryjr2RzD3pffBcwTF2CvuL4T4xTvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFM5bOYAmoomliDN+mR6YqGeNaqDMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXVfaoicV
jjGAcBquyNpOST7/Pwg78q5YNCqsR2JItH/vtXkFXmacjCvQpr5wVxgl0DW+H6JN
GZtLhYuUZhmvdkHXLxyDynmllABa7qOL1EF2URRlI6LucYrzvKOTcnoU2B7pTHY4
8J+8UNbkT4pJPIQPWIlZJ3ZiA3xwM8Dq74hRyHQ9PWgzlz3HtWpDXLJKxxUwVoku
TAuSGAtvBrMpSebp1wM5Tt12ie32HjRybPziZSQUiVj/VHFhN605WX5dlaVlMz3B
FpGgfmRT8KVuRoQppwzG69EJvTojF1J1bgkk2gDzzl8k5JYaPTCstu03hOf+MKaz
aY9cIruOXuvn9A==
-----END CERTIFICATE-----