Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          k9Yd7q080A5gON8ncDiBuVkfsLKfO3O1waXYHS4p9hk=
Subject key identifier:   DA:76:27:B0:97:87:17:A8:1C:D9:3C:ED:43:92:F8:F9:05:D6:AA:9B
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       019E2F9778E93F34CF300B7C6DD1FCB757D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          1214
Signing time:             Sat 16 May 2026 07:01:56 +0000
Manifest this update:     Sat 16 May 2026 07:01:56 +0000
Manifest next update:     Sun 17 May 2026 07:01:56 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: Zq4Mm8xMypUuihAYJxl6soxxAIZxlg0TejgSJ+ZRyK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:97:78:e9:3f:34:cf:30:0b:7c:6d:d1:fc:b7:57:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: May 16 07:01:56 2026 GMT
            Not After : May 17 07:01:56 2026 GMT
        Subject: CN=da7627b0978717a81cd93ced4392f8f905d6aa9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f0:ca:d9:95:7f:04:38:fe:66:45:18:20:98:
                    0b:56:94:fe:eb:3e:6d:ca:6a:35:c5:a8:41:85:e8:
                    e5:5f:8f:31:7c:a2:ff:d3:57:76:6c:59:28:a8:6a:
                    0f:2c:8d:f9:a2:37:a0:e7:34:3d:0f:6a:2b:d1:61:
                    b4:86:fe:dd:c3:6c:35:d6:29:1d:7e:4e:3d:01:47:
                    05:b7:eb:88:cb:cb:29:d1:3c:4a:f9:2a:ec:dc:76:
                    3b:74:9f:89:41:1a:c7:d4:05:05:67:e1:cd:07:93:
                    82:2d:91:8b:9e:2f:11:40:08:8c:4f:b7:fa:ef:5c:
                    f0:d4:51:ee:c8:65:17:0a:fa:e2:a4:89:36:7c:55:
                    f6:2d:66:14:fc:d3:31:25:15:d5:d8:98:0c:be:06:
                    fe:3a:de:a8:82:e4:2b:67:6a:97:ec:08:5f:10:c3:
                    31:a8:b9:93:28:9a:48:08:31:e9:0e:c1:84:eb:3c:
                    67:72:48:54:aa:fb:c1:1e:c3:d7:38:17:80:f2:cd:
                    07:b3:3d:a9:06:6e:f3:71:d3:56:41:0a:3c:59:ec:
                    3b:65:37:1f:fb:2d:22:85:c3:e7:a2:f0:49:50:dc:
                    d3:39:31:b1:36:46:ee:44:9b:0d:6d:bd:64:31:e1:
                    89:33:33:88:62:ee:28:54:85:f3:17:5d:55:d6:41:
                    63:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:76:27:B0:97:87:17:A8:1C:D9:3C:ED:43:92:F8:F9:05:D6:AA:9B
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:0d:12:07:b7:a6:91:92:ce:7a:04:0e:d0:09:96:d2:f0:a7:
         e2:ab:e7:6c:b5:83:0a:75:72:5f:86:76:d8:6e:38:b4:cd:92:
         94:1a:fa:85:35:8a:12:9d:de:75:9a:cb:94:c8:2d:19:5c:41:
         7c:84:b2:d5:70:86:16:00:0d:ff:8e:41:57:ab:45:bc:80:eb:
         f8:0e:89:dc:2d:be:3b:e6:1c:d6:e4:09:4a:5d:7a:33:45:99:
         70:1e:3c:b4:5b:2c:39:cf:ae:00:27:ee:18:41:3b:77:59:bb:
         3d:b3:ef:c1:be:3f:98:bb:9a:d5:b6:bb:7f:94:e0:8f:de:31:
         b8:cc:f8:1b:a4:ee:b2:7c:1b:55:96:75:97:cc:d6:eb:96:6e:
         b7:aa:67:c9:b1:ad:14:ac:21:c2:8d:93:c1:c8:04:82:9e:ca:
         65:16:83:69:bf:40:db:48:9d:31:3e:aa:5f:7d:d3:e2:c9:63:
         76:17:32:87:b9:96:e1:91:3b:9b:6b:5e:30:f0:7a:13:87:b8:
         d6:6d:53:58:da:3f:8d:fa:af:09:24:6a:41:d9:ef:74:e6:28:
         98:b7:42:16:10:24:c5:3d:8a:c5:f0:aa:7c:ee:8a:7f:3c:ea:
         b4:32:90:3d:2f:e9:b4:bb:f9:4d:c7:9f:dd:47:4d:c0:cf:c5:
         4f:65:d1:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vl3jpPzTPMAt8bdH8t1fWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjYwNTE2MDcwMTU2WhcNMjYwNTE3MDcwMTU2WjAzMTEwLwYDVQQD
EyhkYTc2MjdiMDk3ODcxN2E4MWNkOTNjZWQ0MzkyZjhmOTA1ZDZhYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvDK2ZV/BDj+ZkUYIJgLVpT+6z5t
ymo1xahBhejlX48xfKL/01d2bFkoqGoPLI35ojeg5zQ9D2or0WG0hv7dw2w11ikd
fk49AUcFt+uIy8sp0TxK+Srs3HY7dJ+JQRrH1AUFZ+HNB5OCLZGLni8RQAiMT7f6
71zw1FHuyGUXCvripIk2fFX2LWYU/NMxJRXV2JgMvgb+Ot6oguQrZ2qX7AhfEMMx
qLmTKJpICDHpDsGE6zxnckhUqvvBHsPXOBeA8s0Hsz2pBm7zcdNWQQo8Wew7ZTcf
+y0ihcPnovBJUNzTOTGxNkbuRJsNbb1kMeGJMzOIYu4oVIXzF11V1kFjHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNp2J7CXhxeoHNk87UOS+PkF1qqbMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArg0SB7em
kZLOegQO0AmW0vCn4qvnbLWDCnVyX4Z22G44tM2SlBr6hTWKEp3edZrLlMgtGVxB
fISy1XCGFgAN/45BV6tFvIDr+A6J3C2+O+Yc1uQJSl16M0WZcB48tFssOc+uACfu
GEE7d1m7PbPvwb4/mLua1ba7f5Tgj94xuMz4G6TusnwbVZZ1l8zW65Zut6pnybGt
FKwhwo2TwcgEgp7KZRaDab9A20idMT6qX33T4sljdhcyh7mW4ZE7m2teMPB6E4e4
1m1TWNo/jfqvCSRqQdnvdOYomLdCFhAkxT2KxfCqfO6KfzzqtDKQPS/ptLv5Tcef
3UdNwM/FT2XRig==
-----END CERTIFICATE-----