Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          McUe1zudxpDQsvN9Re13aqUckmoiLAMw9qx+KE+sGt8=
Subject key identifier:   54:D9:C3:E5:76:D0:68:33:DC:D4:62:70:3B:45:94:4A:19:0D:91:85
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       019F1754FF6EB5F4CEE908B450CD63A09D95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          0A18
Signing time:             Tue 30 Jun 2026 07:01:14 +0000
Manifest this update:     Tue 30 Jun 2026 07:01:14 +0000
Manifest next update:     Wed 01 Jul 2026 07:01:14 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: Nevk2vbfKlklagr6/zoVU2zTvewv+/mdugQTQVaibVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 07:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:54:ff:6e:b5:f4:ce:e9:08:b4:50:cd:63:a0:9d:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: Jun 30 07:01:14 2026 GMT
            Not After : Jul  1 07:01:14 2026 GMT
        Subject: CN=54d9c3e576d06833dcd462703b45944a190d9185
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:30:2c:04:f2:ec:41:de:ef:e4:72:d5:3e:34:
                    15:8d:08:94:e3:07:8b:83:c6:e2:59:bc:0e:5d:59:
                    62:06:fe:89:5c:6b:52:2f:57:7e:fb:30:7f:52:ff:
                    30:88:ce:ed:ba:35:47:ec:2c:f8:c6:c4:1b:b0:1c:
                    b4:76:f4:93:8d:e7:35:10:99:ab:90:11:09:4c:85:
                    9e:4b:50:83:1c:70:19:48:bb:c2:27:dc:9a:4a:16:
                    c1:24:f2:28:76:07:f8:fa:d4:a1:b7:d8:b0:f3:9e:
                    76:c6:84:ff:3a:ee:48:7b:e2:79:54:01:b9:89:52:
                    77:74:b2:b3:fb:46:3d:48:ac:6e:77:d0:84:66:44:
                    4d:0e:1e:7f:e9:1c:5e:3a:90:21:c0:85:10:9b:3b:
                    9d:23:ea:25:8d:82:3d:54:b6:c1:87:7c:56:a8:02:
                    3a:9d:64:2b:49:3e:00:a9:c3:73:f2:62:18:a9:09:
                    e8:37:1a:aa:d9:92:ee:e5:f2:dc:e4:3b:23:9c:07:
                    a6:b9:4e:1f:58:d0:17:31:da:07:7b:16:61:33:b9:
                    0e:a4:c2:1b:ee:93:3c:62:de:2c:60:ff:93:71:14:
                    05:b1:45:13:1f:bc:52:79:71:f0:08:af:b0:f4:e2:
                    d4:5c:36:70:ed:3f:dc:ca:8a:f5:11:56:0c:94:d7:
                    a1:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:D9:C3:E5:76:D0:68:33:DC:D4:62:70:3B:45:94:4A:19:0D:91:85
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:db:9e:2c:be:b3:60:fe:81:42:a7:da:f8:81:48:bb:4f:86:
         50:3c:10:c3:3a:6a:a0:01:7a:f8:bd:70:16:2e:b8:5a:a4:18:
         8b:ca:53:37:07:31:0e:31:29:56:30:3a:80:a0:ac:d1:0d:66:
         b4:e2:69:7f:d7:95:a6:f0:a2:47:74:b3:bd:64:95:a3:3c:73:
         2a:67:d8:87:e8:4a:bd:de:36:db:ce:d0:7e:76:33:09:90:cf:
         44:a7:1f:9b:f4:4d:e6:12:94:6a:e6:23:c1:02:4c:4a:a0:27:
         35:38:4a:20:f5:73:49:b2:f8:5e:7e:c1:4c:a8:8b:20:0c:70:
         5c:ed:cd:45:8c:01:38:55:90:ed:1f:a7:a3:7f:da:f7:f6:8f:
         a5:fd:11:be:99:fa:35:b2:b9:33:0d:ac:00:e2:c2:b5:6e:c2:
         95:cc:37:c0:a8:ea:cf:12:d2:b8:f5:d1:5c:52:8f:1b:bd:72:
         18:f3:7c:c2:fe:0e:b3:a5:f0:82:bc:c2:c1:be:6e:cf:c2:6a:
         07:ca:a0:18:bb:b8:90:63:9e:72:fc:33:7e:45:71:4f:de:52:
         1e:3e:69:64:d6:79:73:c7:e5:d8:0a:bc:e0:b3:12:73:d5:86:
         66:d3:a2:06:17:51:a1:fd:ca:fc:c1:d0:0f:ad:ac:d9:be:e8:
         0c:79:86:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XVP9utfTO6Qi0UM1joJ2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjYwNjMwMDcwMTE0WhcNMjYwNzAxMDcwMTE0WjAzMTEwLwYDVQQD
Eyg1NGQ5YzNlNTc2ZDA2ODMzZGNkNDYyNzAzYjQ1OTQ0YTE5MGQ5MTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TAsBPLsQd7v5HLVPjQVjQiU4weL
g8biWbwOXVliBv6JXGtSL1d++zB/Uv8wiM7tujVH7Cz4xsQbsBy0dvSTjec1EJmr
kBEJTIWeS1CDHHAZSLvCJ9yaShbBJPIodgf4+tSht9iw8552xoT/Ou5Ie+J5VAG5
iVJ3dLKz+0Y9SKxud9CEZkRNDh5/6RxeOpAhwIUQmzudI+oljYI9VLbBh3xWqAI6
nWQrST4AqcNz8mIYqQnoNxqq2ZLu5fLc5DsjnAemuU4fWNAXMdoHexZhM7kOpMIb
7pM8Yt4sYP+TcRQFsUUTH7xSeXHwCK+w9OLUXDZw7T/cyor1EVYMlNehPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTZw+V20Ggz3NRicDtFlEoZDZGFMB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQdueLL6z
YP6BQqfa+IFIu0+GUDwQwzpqoAF6+L1wFi64WqQYi8pTNwcxDjEpVjA6gKCs0Q1m
tOJpf9eVpvCiR3SzvWSVozxzKmfYh+hKvd42287QfnYzCZDPRKcfm/RN5hKUauYj
wQJMSqAnNThKIPVzSbL4Xn7BTKiLIAxwXO3NRYwBOFWQ7R+no3/a9/aPpf0Rvpn6
NbK5Mw2sAOLCtW7Clcw3wKjqzxLSuPXRXFKPG71yGPN8wv4Os6XwgrzCwb5uz8Jq
B8qgGLu4kGOecvwzfkVxT95SHj5pZNZ5c8fl2Aq84LMSc9WGZtOiBhdRof3K/MHQ
D62s2b7oDHmGpg==
-----END CERTIFICATE-----