Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          47wowvoJOujf85QB0H30l3vt+mI74cuL1r0fNjHEPGk=
Subject key identifier:   F4:ED:A2:34:4A:71:23:95:6F:69:85:61:E5:97:4B:2B:02:8C:7C:62
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       019D38D331556A7C5AAC0EE92568A0CF77EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          171C
Signing time:             Sun 29 Mar 2026 09:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:57 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: BPY9cyqWKD0alHEiAutkQ4+TIoQCCYIe8yiK7iZeVeo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:31:55:6a:7c:5a:ac:0e:e9:25:68:a0:cf:77:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Mar 29 09:00:57 2026 GMT
            Not After : Mar 30 09:00:57 2026 GMT
        Subject: CN=f4eda2344a7123956f698561e5974b2b028c7c62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c8:9a:f2:ea:1d:bd:b0:9c:b0:a5:a6:f9:8e:
                    11:cd:bd:f9:60:b6:4f:21:ae:d7:33:25:10:ad:4a:
                    99:bd:61:c5:e6:b6:44:96:05:6c:42:58:0e:87:3c:
                    22:5f:fb:a1:5c:dd:f7:6a:0d:69:43:2b:1a:78:a6:
                    31:40:20:c6:dc:ad:6f:9d:ae:40:b3:97:d1:77:85:
                    4e:61:de:80:85:e9:a9:7c:cd:b1:44:7f:58:c0:c3:
                    08:ce:2a:9d:6f:6c:8f:92:00:3e:f7:d2:3a:59:e9:
                    7e:89:bc:4d:63:27:90:bb:c5:0a:b9:00:25:86:07:
                    ed:7d:93:8f:42:f7:7c:b0:86:ff:2b:5e:63:18:96:
                    13:16:01:0f:64:0b:5a:bf:d9:df:73:2c:a3:98:53:
                    e9:cb:7e:7e:df:4e:6f:f0:52:24:18:72:7e:c1:4b:
                    99:6e:6f:27:77:3d:f0:1c:ba:43:0f:24:ad:0e:c3:
                    5f:11:6f:0e:10:24:d0:fd:de:80:8c:d3:17:b5:b8:
                    e5:55:7f:07:e1:c8:35:15:bd:87:b0:e0:d0:ee:f8:
                    12:10:a5:65:d3:99:6c:9c:34:ac:ff:31:a8:86:08:
                    06:69:ce:48:c7:8d:27:71:cb:56:ae:8f:3c:e0:11:
                    4c:25:55:17:da:c2:93:73:26:ce:a5:71:30:79:e4:
                    64:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:ED:A2:34:4A:71:23:95:6F:69:85:61:E5:97:4B:2B:02:8C:7C:62
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:70:f8:32:45:a4:eb:fe:4b:ea:8e:11:de:fe:25:33:9f:d9:
         0c:05:8a:6a:88:c9:3d:2a:13:cb:66:e1:d9:1d:ea:d3:08:41:
         20:e9:5e:a4:f0:18:88:4b:2d:51:c1:61:1c:54:8e:d1:f9:cf:
         27:d9:d0:c3:13:db:40:86:a3:53:8d:b5:bd:29:84:bc:67:3f:
         bb:bc:0d:e4:f7:4d:41:14:0e:ec:38:49:10:e2:18:82:04:e2:
         b6:5a:5c:5c:0b:ec:96:71:31:ce:67:6e:5c:89:da:db:d0:51:
         27:c6:12:07:58:ba:43:57:b0:66:2f:c7:9c:c3:cc:ad:c2:f5:
         a1:fa:ff:94:52:6e:f9:e7:d0:c0:3b:00:4a:49:6b:0e:01:72:
         bb:a9:ba:72:93:cf:e3:0f:13:c7:c3:6d:fe:4f:17:db:b8:13:
         c1:dc:9f:49:91:84:dc:f3:14:f3:99:14:1d:b1:f6:0c:f4:1b:
         6f:1a:1d:3e:92:ab:6d:93:66:6f:aa:7d:7f:9a:46:6b:61:6e:
         5b:b9:e3:f0:bb:17:f1:1f:75:f1:5b:52:18:9d:4f:7a:8e:80:
         b2:3a:bc:b3:c3:bf:29:66:60:fa:22:4c:9b:25:ee:ef:16:64:
         20:0d:f3:83:a0:b7:bc:d7:9c:c7:5a:f3:e3:de:87:ee:cb:f9:
         25:33:86:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zFVanxarA7pJWigz3fsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjYwMzI5MDkwMDU3WhcNMjYwMzMwMDkwMDU3WjAzMTEwLwYDVQQD
EyhmNGVkYTIzNDRhNzEyMzk1NmY2OTg1NjFlNTk3NGIyYjAyOGM3YzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8ia8uodvbCcsKWm+Y4Rzb35YLZP
Ia7XMyUQrUqZvWHF5rZElgVsQlgOhzwiX/uhXN33ag1pQysaeKYxQCDG3K1vna5A
s5fRd4VOYd6AhempfM2xRH9YwMMIziqdb2yPkgA+99I6Wel+ibxNYyeQu8UKuQAl
hgftfZOPQvd8sIb/K15jGJYTFgEPZAtav9nfcyyjmFPpy35+305v8FIkGHJ+wUuZ
bm8ndz3wHLpDDyStDsNfEW8OECTQ/d6AjNMXtbjlVX8H4cg1Fb2HsODQ7vgSEKVl
05lsnDSs/zGohggGac5Ix40ncctWro884BFMJVUX2sKTcybOpXEweeRkzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTtojRKcSOVb2mFYeWXSysCjHxiMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF3D4MkWk
6/5L6o4R3v4lM5/ZDAWKaojJPSoTy2bh2R3q0whBIOlepPAYiEstUcFhHFSO0fnP
J9nQwxPbQIajU421vSmEvGc/u7wN5PdNQRQO7DhJEOIYggTitlpcXAvslnExzmdu
XIna29BRJ8YSB1i6Q1ewZi/HnMPMrcL1ofr/lFJu+efQwDsASklrDgFyu6m6cpPP
4w8Tx8Nt/k8X27gTwdyfSZGE3PMU85kUHbH2DPQbbxodPpKrbZNmb6p9f5pGa2Fu
W7nj8LsX8R918VtSGJ1Peo6Asjq8s8O/KWZg+iJMmyXu7xZkIA3zg6C3vNecx1rz
496H7sv5JTOG6w==
-----END CERTIFICATE-----