Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
File:                     A2hHspcjX68HFob-0sHpEL9gBIY.mft (raw, json)
Hash identifier:          /0F+RrR5K1vmC8LHktKNs+YsGAidwJZxykNR8u15QVE=
Subject key identifier:   09:06:F2:24:3A:00:3A:A1:D6:B8:C5:93:8E:BA:7E:1A:82:7C:DC:0F
Authority key identifier: 03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86
Certificate issuer:       /CN=036847b297235faf071686fed2c1e910bf600486
Certificate serial:       019E2F9687BE4DAF4070B427E4A5E8AE5828
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
Manifest number:          159F
Signing time:             Sat 16 May 2026 07:00:54 +0000
Manifest this update:     Sat 16 May 2026 07:00:54 +0000
Manifest next update:     Sun 17 May 2026 07:00:54 +0000
Files and hashes:         1: A2hHspcjX68HFob-0sHpEL9gBIY.crl (hash: zWqCH6G/tlWbzbwb38636kaKlKgQZDZH7cbZ1TsjVhE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:87:be:4d:af:40:70:b4:27:e4:a5:e8:ae:58:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036847b297235faf071686fed2c1e910bf600486
        Validity
            Not Before: May 16 07:00:54 2026 GMT
            Not After : May 17 07:00:54 2026 GMT
        Subject: CN=0906f2243a003aa1d6b8c5938eba7e1a827cdc0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c3:45:20:94:48:48:eb:52:73:e9:eb:76:0a:
                    b6:b0:78:1e:82:f3:c6:71:52:2c:78:63:be:4d:46:
                    d3:94:07:e6:b9:d8:7c:dc:55:55:3b:d6:4b:2c:bb:
                    12:4b:a6:cd:d9:57:e4:56:b2:18:32:f6:af:56:19:
                    d0:b9:6b:38:64:de:0c:11:31:5a:ba:6b:c3:a8:ac:
                    64:35:e9:26:5f:d6:3b:60:e3:ca:e3:6a:5b:4e:17:
                    61:bd:e7:56:e7:93:dd:04:9f:b3:23:b6:c3:6e:71:
                    5b:8b:1d:5b:c0:c4:09:bc:31:38:4b:73:4f:de:e6:
                    d9:3e:59:ab:05:ec:8c:7c:36:65:76:ca:fb:78:5f:
                    52:9a:0f:6c:05:10:e8:56:c8:19:7d:23:2b:58:ea:
                    c6:26:67:f1:af:7c:ae:3c:5d:58:7b:4f:d2:13:dd:
                    dd:ed:30:a3:8b:b3:01:d8:f4:c8:d0:b6:bf:0b:bd:
                    80:f6:e1:d9:1a:5a:c1:cb:9f:3b:99:de:2b:2a:3a:
                    75:24:b8:4f:3d:51:85:d3:49:36:59:52:b1:1a:ae:
                    de:4c:22:20:cb:09:a0:c3:a0:53:83:df:d3:a9:cc:
                    73:74:57:8c:58:12:81:04:f9:c2:32:ab:8b:6f:42:
                    e3:5e:e4:11:41:58:f7:c6:46:3a:eb:62:46:d6:d8:
                    f7:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:06:F2:24:3A:00:3A:A1:D6:B8:C5:93:8E:BA:7E:1A:82:7C:DC:0F
            X509v3 Authority Key Identifier:
                keyid:03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:ec:d2:19:97:9d:c6:a8:df:a7:44:37:04:21:ee:d6:f0:26:
         ee:f9:0b:76:84:03:52:c8:27:17:7f:ba:43:5d:b4:1f:c8:81:
         9b:54:ce:a9:a7:64:4d:76:58:6c:1d:3d:6b:02:40:8d:b6:f1:
         06:cf:73:c2:9d:bf:26:e4:ea:2f:60:b7:92:8e:61:e1:c4:14:
         08:9e:a2:9e:2b:39:45:af:78:db:82:3c:ea:22:d9:35:13:60:
         2c:43:6b:b4:30:92:fa:ba:e9:1d:ec:45:d8:b9:4e:7e:b5:cf:
         22:1c:44:8a:ea:fa:de:35:ec:00:1c:54:18:f5:88:f9:13:03:
         2e:11:83:7f:ce:8a:2a:5a:b0:2b:2a:50:8e:3c:0b:f0:47:c9:
         25:9c:d5:a3:0b:02:76:d3:2a:cc:26:11:b1:51:d2:a3:bc:5d:
         95:e0:88:34:3c:30:af:6e:0f:ba:73:cb:df:f3:00:ea:bc:52:
         f4:6f:f5:fc:08:cc:72:e8:41:13:5b:03:1e:2e:c0:d1:be:e2:
         11:49:55:24:a2:58:db:ac:80:de:f4:67:b1:e8:ff:7b:ff:f9:
         36:9e:37:0a:69:07:f2:49:6b:64:08:5a:ea:b8:68:ca:56:66:
         62:62:09:8e:3e:f0:3c:5d:eb:d3:b7:f1:75:09:e6:f5:3e:9d:
         b5:4f:11:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vloe+Ta9AcLQn5KXorlgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjg0N2IyOTcyMzVmYWYwNzE2ODZmZWQyYzFlOTEwYmY2
MDA0ODYwHhcNMjYwNTE2MDcwMDU0WhcNMjYwNTE3MDcwMDU0WjAzMTEwLwYDVQQD
EygwOTA2ZjIyNDNhMDAzYWExZDZiOGM1OTM4ZWJhN2UxYTgyN2NkYzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscNFIJRISOtSc+nrdgq2sHgegvPG
cVIseGO+TUbTlAfmudh83FVVO9ZLLLsSS6bN2VfkVrIYMvavVhnQuWs4ZN4METFa
umvDqKxkNekmX9Y7YOPK42pbThdhvedW55PdBJ+zI7bDbnFbix1bwMQJvDE4S3NP
3ubZPlmrBeyMfDZldsr7eF9Smg9sBRDoVsgZfSMrWOrGJmfxr3yuPF1Ye0/SE93d
7TCji7MB2PTI0La/C72A9uHZGlrBy587md4rKjp1JLhPPVGF00k2WVKxGq7eTCIg
ywmgw6BTg9/TqcxzdFeMWBKBBPnCMquLb0LjXuQRQVj3xkY662JG1tj3swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkG8iQ6ADqh1rjFk466fhqCfNwPMB8GA1UdIwQY
MBaAFANoR7KXI1+vBxaG/tLB6RC/YASGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjIt
YmRkNzMyOGU5NGNiLzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjItYmRkNzMyOGU5NGNi
LzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATOzSGZed
xqjfp0Q3BCHu1vAm7vkLdoQDUsgnF3+6Q120H8iBm1TOqadkTXZYbB09awJAjbbx
Bs9zwp2/JuTqL2C3ko5h4cQUCJ6inis5Ra9424I86iLZNRNgLENrtDCS+rrpHexF
2LlOfrXPIhxEiur63jXsABxUGPWI+RMDLhGDf86KKlqwKypQjjwL8EfJJZzVowsC
dtMqzCYRsVHSo7xdleCINDwwr24PunPL3/MA6rxS9G/1/AjMcuhBE1sDHi7A0b7i
EUlVJKJY26yA3vRnsej/e//5Np43CmkH8klrZAha6rhoylZmYmIJjj7wPF3r07fx
dQnm9T6dtU8Rdg==
-----END CERTIFICATE-----