Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
File:                     2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft (raw, json)
Hash identifier:          jx+4goCdx+ZWYyuVgGuRRpwABmOKzOSayjxA8oDkatM=
Subject key identifier:   4E:1C:CB:E3:A8:34:3C:3C:F0:67:E4:54:23:90:14:89:86:F8:18:63
Authority key identifier: D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF
Certificate issuer:       /CN=d87d8150d1182385c461b580d5638a570c2bc0bf
Certificate serial:       019E3004860F0B116B98348F8AFE810E7A69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
Manifest number:          190B
Signing time:             Sat 16 May 2026 09:01:03 +0000
Manifest this update:     Sat 16 May 2026 09:01:03 +0000
Manifest next update:     Sun 17 May 2026 09:01:03 +0000
Files and hashes:         1: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl (hash: V2tnwRzYQBFOJNTPcdb+R62V6g2D1Ug3bZzHnbKNutc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:04:86:0f:0b:11:6b:98:34:8f:8a:fe:81:0e:7a:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87d8150d1182385c461b580d5638a570c2bc0bf
        Validity
            Not Before: May 16 09:01:03 2026 GMT
            Not After : May 17 09:01:03 2026 GMT
        Subject: CN=4e1ccbe3a8343c3cf067e4542390148986f81863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:df:5d:66:05:06:50:e2:84:ed:fa:6a:7b:93:
                    be:8b:63:ca:bf:64:24:f7:8c:80:be:70:b5:13:07:
                    76:a4:88:8a:b2:1b:6f:41:68:b1:98:b1:9c:5c:75:
                    c7:e3:b6:10:89:3a:c9:77:0a:68:64:e8:78:18:16:
                    91:d2:ab:68:9f:b4:f5:29:1c:d2:8c:3e:f6:d4:4e:
                    d9:1b:36:0f:84:2b:3c:88:62:86:00:a6:59:bd:82:
                    e9:a3:9c:a1:db:a0:da:b3:53:03:19:0b:2a:d2:87:
                    55:75:4e:c4:97:31:9b:78:bf:50:d1:95:c0:bc:87:
                    3c:d7:5f:88:dc:e7:f8:54:03:3c:bb:6f:c7:37:37:
                    66:f3:1a:19:2f:bc:85:02:63:e6:69:c5:9d:03:d4:
                    55:22:eb:74:a8:16:98:ce:96:c0:0e:94:f0:d5:87:
                    f1:1a:af:32:7e:1e:85:ad:3b:db:de:75:b8:7e:ea:
                    ca:5b:25:c2:1d:15:a5:bb:f2:b6:90:b3:f8:30:21:
                    cd:dc:58:83:c2:28:0a:6f:4b:1a:2d:dd:e9:03:0c:
                    ee:58:6f:e6:e1:87:c6:82:06:da:79:e2:25:47:10:
                    4d:3b:86:c4:f6:b1:4e:c6:ca:ae:32:38:d1:ac:56:
                    05:d6:40:11:fe:15:79:f9:9a:ce:5a:c9:3e:46:af:
                    42:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:1C:CB:E3:A8:34:3C:3C:F0:67:E4:54:23:90:14:89:86:F8:18:63
            X509v3 Authority Key Identifier:
                keyid:D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:5f:ae:1f:ae:2d:b7:6f:2d:0c:43:83:bf:59:f7:99:77:27:
         53:96:5f:57:1a:ec:23:d5:c6:2c:e0:68:0c:d2:11:a4:9d:39:
         e5:29:f0:ed:c2:71:37:ab:8c:47:55:17:02:88:37:25:90:91:
         cc:5c:09:44:a3:2c:05:85:73:23:39:e3:e9:67:8f:50:54:7f:
         ec:08:ce:36:68:68:4e:0c:98:cc:66:23:81:ef:60:ff:63:87:
         05:3e:2e:9f:5d:72:0b:9d:93:1d:b2:e5:96:40:65:6d:82:44:
         1a:b4:4f:e2:63:6a:dd:d3:fe:35:70:a8:3e:39:11:c7:4e:80:
         8a:9c:1e:5f:12:02:f3:8b:c1:e3:09:78:57:65:8f:73:43:b7:
         0e:a3:c4:39:89:d9:a2:97:4d:8e:9a:85:88:c3:03:7c:49:2b:
         67:d3:aa:0d:04:10:ff:fd:d5:54:fc:a9:46:64:27:e8:fd:8d:
         b3:8b:13:f8:17:c3:af:3d:23:31:3c:61:2f:da:5f:84:60:36:
         51:33:54:9b:66:b0:8a:f5:b1:10:9d:bd:a5:64:be:9e:27:0d:
         6c:5f:b6:9a:97:36:ef:62:00:f6:21:e5:12:74:91:d5:dc:e8:
         dd:64:c6:41:37:36:3a:57:3b:72:e2:35:9d:71:c6:77:c1:37:
         e8:97:0b:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBIYPCxFrmDSPiv6BDnppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2Q4MTUwZDExODIzODVjNDYxYjU4MGQ1NjM4YTU3MGMy
YmMwYmYwHhcNMjYwNTE2MDkwMTAzWhcNMjYwNTE3MDkwMTAzWjAzMTEwLwYDVQQD
Eyg0ZTFjY2JlM2E4MzQzYzNjZjA2N2U0NTQyMzkwMTQ4OTg2ZjgxODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt9dZgUGUOKE7fpqe5O+i2PKv2Qk
94yAvnC1Ewd2pIiKshtvQWixmLGcXHXH47YQiTrJdwpoZOh4GBaR0qton7T1KRzS
jD721E7ZGzYPhCs8iGKGAKZZvYLpo5yh26Das1MDGQsq0odVdU7ElzGbeL9Q0ZXA
vIc811+I3Of4VAM8u2/HNzdm8xoZL7yFAmPmacWdA9RVIut0qBaYzpbADpTw1Yfx
Gq8yfh6FrTvb3nW4furKWyXCHRWlu/K2kLP4MCHN3FiDwigKb0saLd3pAwzuWG/m
4YfGggbaeeIlRxBNO4bE9rFOxsquMjjRrFYF1kAR/hV5+ZrOWsk+Rq9C0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4cy+OoNDw88GfkVCOQFImG+BhjMB8GA1UdIwQY
MBaAFNh9gVDRGCOFxGG1gNVjilcMK8C/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQt
ODY3OTUzYTNiMTgxLzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQtODY3OTUzYTNiMTgx
LzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYl+uH64t
t28tDEODv1n3mXcnU5ZfVxrsI9XGLOBoDNIRpJ055Snw7cJxN6uMR1UXAog3JZCR
zFwJRKMsBYVzIznj6WePUFR/7AjONmhoTgyYzGYjge9g/2OHBT4un11yC52THbLl
lkBlbYJEGrRP4mNq3dP+NXCoPjkRx06AipweXxIC84vB4wl4V2WPc0O3DqPEOYnZ
opdNjpqFiMMDfEkrZ9OqDQQQ//3VVPypRmQn6P2Ns4sT+BfDrz0jMTxhL9pfhGA2
UTNUm2awivWxEJ29pWS+nicNbF+2mpc272IA9iHlEnSR1dzo3WTGQTc2Olc7cuI1
nXHGd8E36JcL5g==
-----END CERTIFICATE-----