Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          l9rc+m2cacrbZV9ZDG2aSyLEa0wOpfC46rcVTQMg0aE=
Subject key identifier:   15:3D:56:36:32:92:7B:9E:09:41:A8:E0:C9:5A:79:95:3A:82:20:F3
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       019E3184B532B9445A7366CB97CA693F1ACF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0D1E
Signing time:             Sat 16 May 2026 16:00:41 +0000
Manifest this update:     Sat 16 May 2026 16:00:41 +0000
Manifest next update:     Sun 17 May 2026 16:00:41 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: qlXnMxAS0owc+CziVOcIKDNk8MVCbVwr7qSvA0PdZaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:84:b5:32:b9:44:5a:73:66:cb:97:ca:69:3f:1a:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: May 16 16:00:41 2026 GMT
            Not After : May 17 16:00:41 2026 GMT
        Subject: CN=153d563632927b9e0941a8e0c95a79953a8220f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:20:11:57:fc:d4:f8:67:8c:c1:17:b9:74:80:
                    de:c6:0a:d6:e6:cd:7f:89:3f:40:91:99:d3:7a:2e:
                    8e:d0:df:06:9b:73:f0:15:a1:a3:35:4f:59:30:8f:
                    4a:55:9b:aa:77:b7:83:4f:20:3a:d0:a4:4f:6d:53:
                    b5:bc:b1:0b:46:8e:78:bb:12:c1:b4:b2:ac:a9:99:
                    ca:ba:ec:c1:e5:09:29:8b:09:d3:1b:32:2f:25:ea:
                    23:7f:e9:af:13:96:4b:31:9f:66:1d:5e:22:a5:16:
                    ba:79:a0:29:97:09:09:12:31:1f:c9:20:94:e6:31:
                    76:61:c2:6a:8a:99:05:2e:6f:fb:e9:f0:d1:41:90:
                    f6:24:2f:37:9f:91:2b:c6:5e:e5:4b:46:a2:44:c2:
                    7a:ec:c7:f1:9b:2e:45:71:b4:5d:f3:97:78:df:a9:
                    a1:76:6b:a3:62:90:62:d3:dd:0c:12:63:a5:81:f1:
                    04:81:5b:31:11:4d:7c:ec:a0:ec:33:fa:03:47:7e:
                    de:d7:c1:da:5b:87:33:9b:88:b9:90:19:6c:f8:53:
                    f1:7b:be:6b:59:3c:27:83:64:ea:7e:5b:6a:32:b3:
                    e8:c9:9a:28:08:0b:20:ba:49:5b:1d:6f:02:9a:05:
                    ca:24:2a:4c:ed:f9:2c:6b:26:1d:86:a2:33:92:5a:
                    ec:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:3D:56:36:32:92:7B:9E:09:41:A8:E0:C9:5A:79:95:3A:82:20:F3
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:09:56:49:7c:a2:60:ae:7d:4e:5f:8f:9d:dc:d0:c5:df:9d:
         5d:e6:9e:99:f0:9f:7c:45:ef:b1:7a:2f:52:bd:c2:95:39:48:
         e6:d9:ed:7b:e9:f4:3b:42:51:74:e1:24:98:27:4b:7b:9e:ba:
         13:53:72:c5:33:35:f8:3e:dd:94:70:7f:5d:dc:41:4c:54:29:
         7f:78:36:ee:c4:ed:7b:62:9c:6c:75:ef:0b:8d:22:59:ad:62:
         10:61:5a:1c:d8:e4:da:ff:bd:52:fb:41:9c:0a:f0:4f:53:b8:
         39:b0:ba:3b:27:21:5d:4c:86:fe:be:22:a7:65:20:3b:62:00:
         c1:d9:d6:6c:23:70:e6:98:ac:67:ed:e7:81:a8:d2:80:cf:34:
         ca:00:00:9f:77:ad:24:d2:d9:9c:13:98:ff:9d:cb:02:65:54:
         fd:16:d3:4e:9a:b3:38:89:1c:e6:ed:13:2d:a3:c9:88:92:8b:
         6d:04:86:26:d5:1d:d5:71:4a:09:b4:e6:12:b3:ed:37:4d:ac:
         65:03:91:70:ea:bd:a1:b2:26:63:bd:dc:dc:fa:54:07:c6:92:
         c1:fb:91:0e:51:57:35:09:f0:af:52:4d:22:9d:7b:94:16:db:
         f8:8c:aa:1d:3c:6e:3f:bc:53:5e:cd:c7:7d:b7:9d:ee:12:07:
         fd:7f:2c:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xhLUyuURac2bLl8ppPxrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjYwNTE2MTYwMDQxWhcNMjYwNTE3MTYwMDQxWjAzMTEwLwYDVQQD
EygxNTNkNTYzNjMyOTI3YjllMDk0MWE4ZTBjOTVhNzk5NTNhODIyMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iARV/zU+GeMwRe5dIDexgrW5s1/
iT9AkZnTei6O0N8Gm3PwFaGjNU9ZMI9KVZuqd7eDTyA60KRPbVO1vLELRo54uxLB
tLKsqZnKuuzB5QkpiwnTGzIvJeojf+mvE5ZLMZ9mHV4ipRa6eaAplwkJEjEfySCU
5jF2YcJqipkFLm/76fDRQZD2JC83n5Erxl7lS0aiRMJ67Mfxmy5FcbRd85d436mh
dmujYpBi090MEmOlgfEEgVsxEU187KDsM/oDR37e18HaW4czm4i5kBls+FPxe75r
WTwng2TqfltqMrPoyZooCAsguklbHW8CmgXKJCpM7fksayYdhqIzklrsXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBU9VjYyknueCUGo4MlaeZU6giDzMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkwlWSXyi
YK59Tl+PndzQxd+dXeaemfCffEXvsXovUr3ClTlI5tnte+n0O0JRdOEkmCdLe566
E1NyxTM1+D7dlHB/XdxBTFQpf3g27sTte2KcbHXvC40iWa1iEGFaHNjk2v+9UvtB
nArwT1O4ObC6OychXUyG/r4ip2UgO2IAwdnWbCNw5pisZ+3ngajSgM80ygAAn3et
JNLZnBOY/53LAmVU/RbTTpqzOIkc5u0TLaPJiJKLbQSGJtUd1XFKCbTmErPtN02s
ZQORcOq9obImY73c3PpUB8aSwfuRDlFXNQnwr1JNIp17lBbb+IyqHTxuP7xTXs3H
fbed7hIH/X8sQA==
-----END CERTIFICATE-----