Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          435hCql/kZVJMAIl3GKYPnzTWIdt2yf2kXvO9xh1fNM=
Subject key identifier:   8B:2A:19:D7:90:A4:FB:CF:CE:9D:F6:8A:8C:15:B5:97:CB:70:74:4C
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       019E2F291F4BEA39C572449B574E017CF09C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          0674
Signing time:             Sat 16 May 2026 05:01:24 +0000
Manifest this update:     Sat 16 May 2026 05:01:24 +0000
Manifest next update:     Sun 17 May 2026 05:01:24 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: e94vXjgcgDVAFcHvC2sG8T3NYd4R3YPHG+fZtvf6xnI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:29:1f:4b:ea:39:c5:72:44:9b:57:4e:01:7c:f0:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: May 16 05:01:24 2026 GMT
            Not After : May 17 05:01:24 2026 GMT
        Subject: CN=8b2a19d790a4fbcfce9df68a8c15b597cb70744c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:57:ae:c3:a1:7d:51:bf:0c:07:ff:7e:d0:4e:
                    f9:4d:6b:e0:63:59:d5:98:72:ec:b0:28:9d:3a:d0:
                    e4:2e:c0:f5:6c:56:f8:8b:cf:04:62:5a:db:24:e1:
                    14:d4:64:65:d1:17:41:6b:93:d6:47:86:35:cf:32:
                    1a:75:fb:19:c4:04:bb:94:66:d3:e3:ad:fb:51:f5:
                    9c:b9:c1:ad:e6:40:e4:98:85:02:d2:62:15:8a:bb:
                    6d:23:cd:37:83:30:f8:8f:0b:2e:e4:24:e7:29:b6:
                    1f:1f:8f:24:d0:d5:c5:da:38:0d:f0:a7:a4:a7:1d:
                    b8:1d:2a:d6:b0:14:e8:32:3c:a1:1c:d7:de:13:4d:
                    23:72:f5:36:43:7d:48:a8:27:14:de:65:86:08:06:
                    ac:9e:c0:0d:15:71:14:1c:73:a3:72:37:89:ec:6f:
                    87:67:6a:3e:b2:95:c4:0d:35:df:85:b1:3b:f4:11:
                    96:02:42:23:dc:c4:66:07:d5:0e:7b:bd:49:a8:13:
                    a2:3f:30:b4:41:63:7e:0d:b6:71:d0:42:d1:9b:c7:
                    94:c6:17:33:e9:ad:62:e2:94:4f:fb:b0:2d:07:84:
                    85:2e:1d:b1:80:e5:33:f5:79:00:9b:a1:79:26:f0:
                    2a:07:32:56:f9:b9:43:74:3c:88:0f:c3:dd:1d:64:
                    e3:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:2A:19:D7:90:A4:FB:CF:CE:9D:F6:8A:8C:15:B5:97:CB:70:74:4C
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:1d:4d:78:9a:57:c8:a5:30:31:61:6b:f1:4f:15:38:9b:7a:
         b7:8e:f9:e0:95:16:62:e9:c3:59:0e:8d:be:b5:eb:cc:d8:b6:
         d3:f4:e6:c5:a5:48:32:e8:74:a0:d9:aa:32:db:83:90:4a:7d:
         ff:62:71:12:85:bf:0c:f1:50:b6:9b:52:d2:78:ce:2d:4d:c2:
         d1:f9:f2:91:21:d2:19:cf:f6:f9:e1:4d:00:48:4c:ac:aa:63:
         18:af:d1:39:1c:1d:fd:40:27:22:a8:ac:2a:e4:d6:64:30:58:
         30:51:ba:28:be:d9:72:ab:36:24:0b:71:0b:f1:b9:cb:bd:a7:
         68:3d:b7:a1:43:1c:dc:a7:bb:13:da:19:37:3c:19:bd:69:cd:
         3d:b9:30:13:88:1f:df:c6:d1:fd:53:3f:90:e6:27:19:f9:02:
         7d:10:00:fc:f5:ef:70:f9:df:52:38:f0:c7:71:e8:be:67:e8:
         ff:ef:29:b1:43:05:6a:09:d2:ea:9b:dd:49:c2:a1:84:7d:02:
         3b:16:98:ab:f7:db:b9:9c:03:9e:df:29:a5:05:7e:8c:5c:19:
         4d:98:64:c2:9d:54:80:f9:93:ed:02:f9:8c:b7:6a:4b:84:99:
         6c:42:f8:57:b4:bd:e7:8e:c7:7d:1b:35:33:80:b9:82:1d:1a:
         53:1d:ad:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vKR9L6jnFckSbV04BfPCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjYwNTE2MDUwMTI0WhcNMjYwNTE3MDUwMTI0WjAzMTEwLwYDVQQD
Eyg4YjJhMTlkNzkwYTRmYmNmY2U5ZGY2OGE4YzE1YjU5N2NiNzA3NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVeuw6F9Ub8MB/9+0E75TWvgY1nV
mHLssCidOtDkLsD1bFb4i88EYlrbJOEU1GRl0RdBa5PWR4Y1zzIadfsZxAS7lGbT
4637UfWcucGt5kDkmIUC0mIVirttI803gzD4jwsu5CTnKbYfH48k0NXF2jgN8Kek
px24HSrWsBToMjyhHNfeE00jcvU2Q31IqCcU3mWGCAasnsANFXEUHHOjcjeJ7G+H
Z2o+spXEDTXfhbE79BGWAkIj3MRmB9UOe71JqBOiPzC0QWN+DbZx0ELRm8eUxhcz
6a1i4pRP+7AtB4SFLh2xgOUz9XkAm6F5JvAqBzJW+blDdDyID8PdHWTjzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIsqGdeQpPvPzp32iowVtZfLcHRMMB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkh1NeJpX
yKUwMWFr8U8VOJt6t4754JUWYunDWQ6NvrXrzNi20/TmxaVIMuh0oNmqMtuDkEp9
/2JxEoW/DPFQtptS0njOLU3C0fnykSHSGc/2+eFNAEhMrKpjGK/RORwd/UAnIqis
KuTWZDBYMFG6KL7Zcqs2JAtxC/G5y72naD23oUMc3Ke7E9oZNzwZvWnNPbkwE4gf
38bR/VM/kOYnGfkCfRAA/PXvcPnfUjjwx3Hovmfo/+8psUMFagnS6pvdScKhhH0C
OxaYq/fbuZwDnt8ppQV+jFwZTZhkwp1UgPmT7QL5jLdqS4SZbEL4V7S9547HfRs1
M4C5gh0aUx2tcA==
-----END CERTIFICATE-----