Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
File:                     2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json)
Hash identifier:          k/qze1zB5K3sNG7jl8VjzDL8DhU9/P2OytX7TobwfHU=
Subject key identifier:   8C:3A:53:06:8D:66:FE:47:64:F7:54:AD:39:76:3B:E0:04:DC:49:CA
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Certificate issuer:       /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial:       019F17F9E83661FCAA110CCDD0B43406A762
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
Manifest number:          199F
Signing time:             Tue 30 Jun 2026 10:01:21 +0000
Manifest this update:     Tue 30 Jun 2026 10:01:21 +0000
Manifest next update:     Wed 01 Jul 2026 10:01:21 +0000
Files and hashes:         1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: BXOIDydwa3NF6nvC2Xzd+yUS0yTz4cynC3BtrwNfsfA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 10:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:f9:e8:36:61:fc:aa:11:0c:cd:d0:b4:34:06:a7:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
        Validity
            Not Before: Jun 30 10:01:21 2026 GMT
            Not After : Jul  1 10:01:21 2026 GMT
        Subject: CN=8c3a53068d66fe4764f754ad39763be004dc49ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:5c:a7:b3:92:b6:15:68:cd:b6:f3:25:cf:ad:
                    fc:88:e8:e7:67:18:d4:41:f4:c1:17:5e:bf:77:fa:
                    95:e0:6c:ec:74:64:96:c4:37:43:a0:13:2d:9b:64:
                    80:6b:90:f4:bc:cf:69:81:d6:e4:31:6e:62:1c:88:
                    04:09:5b:c9:c3:a3:9d:ca:7f:f1:87:57:bf:1e:40:
                    11:ce:22:bd:2c:37:e5:b1:e1:67:44:21:81:48:ca:
                    1d:e4:7e:98:19:b3:b4:c6:76:bc:82:7f:06:66:d0:
                    44:ea:ea:8b:18:80:ce:6e:8e:04:2d:13:ed:f7:94:
                    ab:92:c2:d8:b3:3f:d9:84:85:90:a7:37:1b:a4:8f:
                    60:21:e8:22:e3:92:a3:43:58:e5:6a:55:54:f8:18:
                    55:a8:e7:d1:2c:ab:88:ca:e9:47:07:a2:26:ab:a0:
                    4d:48:24:3e:0d:13:00:ad:ed:b5:0b:ac:74:e6:ee:
                    60:10:67:fc:7a:18:6c:3b:b2:d0:1f:a8:b5:06:7e:
                    e9:a1:87:93:a0:bb:ed:b6:7a:a7:ae:dc:0b:6f:c0:
                    4c:c5:2a:e1:aa:e8:63:bf:fb:48:a5:c9:89:33:66:
                    77:29:cd:a4:0b:ec:be:fd:82:24:96:ef:ce:df:9a:
                    75:fe:61:b7:6f:79:f9:d4:ef:66:da:c4:79:1b:61:
                    57:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:3A:53:06:8D:66:FE:47:64:F7:54:AD:39:76:3B:E0:04:DC:49:CA
            X509v3 Authority Key Identifier:
                keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:fc:b4:71:c0:a5:e2:f9:b3:9c:c6:3a:dd:a4:82:26:26:1e:
         01:60:6b:20:5f:13:0c:8a:93:96:59:2b:7f:fc:3c:6c:26:f8:
         ef:c7:b1:e0:d3:4a:13:f5:19:5a:a4:26:58:29:d9:8e:6d:4a:
         86:36:00:d3:42:63:37:94:71:22:f4:c0:d6:dc:40:62:95:bf:
         3d:47:14:34:5b:38:0b:bb:8f:39:a4:4e:ac:62:db:25:47:f9:
         55:f9:e5:dc:54:8f:59:3c:7f:d0:b4:7e:e3:c1:bd:0a:dd:d2:
         ee:21:73:02:9f:a3:fe:d5:d0:fb:03:f0:16:42:29:1e:9b:c1:
         99:8b:08:0f:89:af:9f:30:9c:60:7f:90:34:23:69:57:e9:89:
         12:1e:72:fb:80:1b:bb:a8:be:7f:c3:f6:81:9c:e5:0a:6a:0f:
         38:7c:e6:55:f1:fe:76:d9:0a:96:66:6d:c1:6e:1d:a7:b9:52:
         4a:a3:cf:3b:71:00:88:c5:b8:71:6d:b1:ef:75:b6:81:38:43:
         b1:14:38:a1:f8:23:b0:ea:b2:23:9c:7e:cb:ac:6e:dd:74:a0:
         a7:68:5b:42:8e:7f:5f:f8:bd:90:5a:28:28:66:fc:ea:55:ac:
         5a:f6:7a:cf:9d:16:d1:6e:b4:93:89:4d:02:ac:25:b4:dc:2b:
         c4:77:92:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8X+eg2YfyqEQzN0LQ0BqdiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjYwNjMwMTAwMTIxWhcNMjYwNzAxMTAwMTIxWjAzMTEwLwYDVQQD
Eyg4YzNhNTMwNjhkNjZmZTQ3NjRmNzU0YWQzOTc2M2JlMDA0ZGM0OWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFyns5K2FWjNtvMlz638iOjnZxjU
QfTBF16/d/qV4GzsdGSWxDdDoBMtm2SAa5D0vM9pgdbkMW5iHIgECVvJw6Odyn/x
h1e/HkARziK9LDflseFnRCGBSMod5H6YGbO0xna8gn8GZtBE6uqLGIDObo4ELRPt
95SrksLYsz/ZhIWQpzcbpI9gIegi45KjQ1jlalVU+BhVqOfRLKuIyulHB6Imq6BN
SCQ+DRMAre21C6x05u5gEGf8ehhsO7LQH6i1Bn7poYeToLvttnqnrtwLb8BMxSrh
quhjv/tIpcmJM2Z3Kc2kC+y+/YIklu/O35p1/mG3b3n51O9m2sR5G2FXNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIw6UwaNZv5HZPdUrTl2O+AE3EnKMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJPy0ccCl
4vmznMY63aSCJiYeAWBrIF8TDIqTllkrf/w8bCb478ex4NNKE/UZWqQmWCnZjm1K
hjYA00JjN5RxIvTA1txAYpW/PUcUNFs4C7uPOaROrGLbJUf5Vfnl3FSPWTx/0LR+
48G9Ct3S7iFzAp+j/tXQ+wPwFkIpHpvBmYsID4mvnzCcYH+QNCNpV+mJEh5y+4Ab
u6i+f8P2gZzlCmoPOHzmVfH+dtkKlmZtwW4dp7lSSqPPO3EAiMW4cW2x73W2gThD
sRQ4ofgjsOqyI5x+y6xu3XSgp2hbQo5/X/i9kFooKGb86lWsWvZ6z50W0W60k4lN
AqwltNwrxHeS0Q==
-----END CERTIFICATE-----