Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          NSWK3Ddxt65IZaip+GGuknDxUkRSbtPn6EPkAoVhsow=
Subject key identifier:   4E:A4:A8:CE:B9:77:9D:45:C3:10:B0:81:40:2D:0F:3A:D9:6E:2D:3A
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       019F17546E564683CD9E038B15B65C9D72FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          128C
Signing time:             Tue 30 Jun 2026 07:00:36 +0000
Manifest this update:     Tue 30 Jun 2026 07:00:36 +0000
Manifest next update:     Wed 01 Jul 2026 07:00:36 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: aGfwqpqjIUaXrbafk/0FeeFqO+Hc02xwwLGtEYIF3/4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 07:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:54:6e:56:46:83:cd:9e:03:8b:15:b6:5c:9d:72:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Jun 30 07:00:36 2026 GMT
            Not After : Jul  1 07:00:36 2026 GMT
        Subject: CN=4ea4a8ceb9779d45c310b081402d0f3ad96e2d3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:f7:81:af:58:11:bc:ef:98:fe:1a:e5:f6:43:
                    e3:2a:f2:50:1d:13:cc:74:32:58:1c:ec:87:42:62:
                    c8:f5:a9:26:45:90:52:a8:9c:9f:ce:12:77:7d:ef:
                    c9:87:97:3a:a9:0b:87:91:10:c5:cd:a8:2d:4e:29:
                    24:0c:f5:f9:ae:83:20:40:2e:64:51:22:11:11:ac:
                    bd:73:60:e6:82:f2:56:c0:38:e0:ee:c4:cf:3d:d9:
                    7b:c1:a1:fe:b9:7a:1a:e7:8a:5f:87:67:35:a7:fc:
                    df:a3:af:f9:52:3f:ef:29:51:9d:6b:64:95:43:07:
                    a8:06:c3:96:08:5a:be:9d:7e:3f:95:48:cf:50:37:
                    07:c4:7d:52:5a:43:72:53:3f:cc:f0:be:15:22:db:
                    6b:36:fb:29:02:2d:10:8f:0c:a0:1d:5f:47:e4:88:
                    c7:40:d1:cb:66:a2:59:f9:ff:fc:6c:7e:54:ff:8e:
                    d6:f3:74:8c:21:2a:fd:46:54:ff:16:2c:40:f5:a9:
                    d5:b7:0f:af:f5:de:3c:c9:e2:5e:d2:f6:f6:b6:7d:
                    49:a2:0a:a3:1d:84:80:14:32:64:0e:b2:2b:8b:86:
                    47:61:ea:b2:9b:20:39:79:c2:52:14:63:0b:a8:5f:
                    da:e5:65:85:5d:04:60:68:12:22:70:b3:82:42:cc:
                    13:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:A4:A8:CE:B9:77:9D:45:C3:10:B0:81:40:2D:0F:3A:D9:6E:2D:3A
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:f8:53:df:34:dc:e4:9f:1c:1b:e8:94:80:97:78:15:f6:29:
         fb:19:ad:8f:3d:79:a4:91:13:43:db:0a:ca:6a:7b:b6:11:48:
         92:e4:09:ec:21:88:bb:e2:12:10:c8:91:2e:b6:c5:56:cc:bf:
         58:54:19:a5:26:fb:ae:29:2f:53:fa:60:8e:36:dd:1e:4b:14:
         55:f2:bb:f6:e3:52:f2:db:e3:09:5a:9f:e4:81:03:a3:43:ff:
         be:ca:23:cd:e3:40:02:44:c7:bb:44:10:fc:a5:bb:a4:3b:d4:
         7f:fd:69:6d:13:af:56:46:76:aa:14:3e:d4:98:d2:a1:c4:db:
         35:57:74:9b:ad:08:3c:ce:92:fd:60:76:76:99:d9:4b:2c:05:
         be:5d:5b:4a:72:52:aa:5a:e1:55:1f:15:a0:34:4f:58:53:dd:
         8c:4e:77:d4:4a:c1:33:54:60:50:b9:b5:c8:7f:e6:0d:2c:e7:
         5e:5f:ed:7e:ed:71:34:73:2f:2f:9e:3f:98:c7:aa:f4:26:a3:
         f5:9a:9d:94:37:bc:ca:7d:74:44:a4:d1:e7:ba:e3:49:bc:a3:
         f6:98:ea:02:66:3d:99:41:3e:37:39:95:46:96:6d:66:6d:20:
         29:73:ed:30:ed:bb:12:1b:70:45:bf:f1:5e:69:66:79:d3:3e:
         34:d5:02:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XVG5WRoPNngOLFbZcnXL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjYwNjMwMDcwMDM2WhcNMjYwNzAxMDcwMDM2WjAzMTEwLwYDVQQD
Eyg0ZWE0YThjZWI5Nzc5ZDQ1YzMxMGIwODE0MDJkMGYzYWQ5NmUyZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4feBr1gRvO+Y/hrl9kPjKvJQHRPM
dDJYHOyHQmLI9akmRZBSqJyfzhJ3fe/Jh5c6qQuHkRDFzagtTikkDPX5roMgQC5k
USIREay9c2DmgvJWwDjg7sTPPdl7waH+uXoa54pfh2c1p/zfo6/5Uj/vKVGda2SV
QweoBsOWCFq+nX4/lUjPUDcHxH1SWkNyUz/M8L4VIttrNvspAi0QjwygHV9H5IjH
QNHLZqJZ+f/8bH5U/47W83SMISr9RlT/FixA9anVtw+v9d48yeJe0vb2tn1Jogqj
HYSAFDJkDrIri4ZHYeqymyA5ecJSFGMLqF/a5WWFXQRgaBIicLOCQswTawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6kqM65d51FwxCwgUAtDzrZbi06MB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqPhT3zTc
5J8cG+iUgJd4FfYp+xmtjz15pJETQ9sKymp7thFIkuQJ7CGIu+ISEMiRLrbFVsy/
WFQZpSb7rikvU/pgjjbdHksUVfK79uNS8tvjCVqf5IEDo0P/vsojzeNAAkTHu0QQ
/KW7pDvUf/1pbROvVkZ2qhQ+1JjSocTbNVd0m60IPM6S/WB2dpnZSywFvl1bSnJS
qlrhVR8VoDRPWFPdjE531ErBM1RgULm1yH/mDSznXl/tfu1xNHMvL54/mMeq9Caj
9ZqdlDe8yn10RKTR57rjSbyj9pjqAmY9mUE+NzmVRpZtZm0gKXPtMO27EhtwRb/x
XmlmedM+NNUCgw==
-----END CERTIFICATE-----