Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          HfL9Jc8Hm3T0GeC4b/tGaTs3vIz+LeUhn546ivbDUJc=
Subject key identifier:   35:A7:8B:A3:15:EC:40:39:AB:92:20:DD:13:08:7C:C2:F1:28:24:20
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       019F189E5EABDAEFBF3AEC278F14A6FB4976
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          08E8
Signing time:             Tue 30 Jun 2026 13:00:59 +0000
Manifest this update:     Tue 30 Jun 2026 13:00:59 +0000
Manifest next update:     Wed 01 Jul 2026 13:00:59 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: t1+80Uue/Y4HIW8JxkeR7oF096yErj0fSoCUZbnHrEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 13:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:9e:5e:ab:da:ef:bf:3a:ec:27:8f:14:a6:fb:49:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Jun 30 13:00:59 2026 GMT
            Not After : Jul  1 13:00:59 2026 GMT
        Subject: CN=35a78ba315ec4039ab9220dd13087cc2f1282420
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3b:e4:0d:04:32:1d:19:64:6b:21:97:f6:bd:
                    34:dd:94:c2:2f:93:f5:01:c8:be:f0:97:28:9e:81:
                    6d:5e:72:90:0c:5f:61:6c:ed:1c:af:7a:7d:1a:fc:
                    75:ad:55:17:51:93:57:23:3f:58:ab:78:b2:bc:06:
                    23:21:e4:e2:cd:98:d8:ea:9d:19:ee:83:2b:5e:1a:
                    c6:3d:20:f6:2c:f8:8e:ed:bd:f8:46:3f:05:ac:b1:
                    d1:b7:c8:7d:ca:ac:50:e4:7c:11:d5:0c:1f:bd:5a:
                    b8:0b:79:b8:48:40:23:a5:76:42:37:42:62:1d:35:
                    92:74:44:8b:ca:54:6c:b3:09:39:cf:55:b7:b8:ba:
                    3f:93:43:74:f6:2a:3f:db:b8:9b:74:19:57:99:29:
                    09:cf:35:ca:33:e3:4e:00:b2:f4:36:71:28:3c:f9:
                    ab:57:d6:39:42:67:e2:52:9d:9a:21:bb:5e:b7:12:
                    41:b8:b5:cc:00:3a:01:ac:3d:ab:1a:ac:ab:1d:c5:
                    65:71:af:6b:c4:25:5b:d3:64:c9:1c:59:45:8c:d0:
                    8f:b3:c0:55:18:fc:27:15:55:d3:a4:85:40:f6:81:
                    29:e7:42:5c:45:1e:6e:81:cb:e2:04:9b:61:a9:12:
                    ea:bb:fd:fc:e8:bf:60:3e:7f:28:10:da:bd:af:41:
                    0c:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:A7:8B:A3:15:EC:40:39:AB:92:20:DD:13:08:7C:C2:F1:28:24:20
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:47:a7:67:38:f7:6e:e3:f8:88:07:1a:cb:4c:66:e1:c4:d7:
         a6:27:7a:31:08:75:04:dd:ab:ad:e5:6a:e1:39:9b:34:5e:09:
         df:58:a4:5e:71:9d:b7:8a:ff:5a:5d:8b:34:27:05:e8:aa:53:
         22:37:9b:e0:6c:92:a2:93:98:c7:ae:a4:66:3c:06:62:08:44:
         08:85:3c:81:9e:18:5d:52:e9:5b:d9:67:23:9f:0c:3e:56:8d:
         e5:e2:a6:f7:fe:c2:69:29:ca:01:16:7a:47:f9:13:f1:d8:74:
         14:07:5a:00:09:83:c1:66:6d:0d:1c:58:08:92:f2:85:d4:7e:
         bf:a2:90:53:5d:a3:f7:21:6b:7a:6a:ec:1b:3e:83:08:76:60:
         a7:0d:f4:8f:c8:d0:b6:94:db:f5:19:7d:e2:3c:d7:db:a8:88:
         47:84:07:07:bd:e2:95:04:80:79:1f:89:3a:f8:13:5d:27:a9:
         0b:8d:f1:12:37:42:7d:af:10:97:ad:9d:76:73:fb:8d:70:1a:
         3f:44:26:db:e9:6f:97:5a:5e:43:65:ae:0e:3a:d1:2e:09:73:
         44:f2:9c:a1:5a:bf:8c:af:fe:86:5a:86:c5:98:4c:7a:ef:65:
         52:1c:e5:c6:e4:37:b8:30:8a:7a:f6:e2:87:9f:f5:2c:5c:52:
         ff:4a:3f:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Ynl6r2u+/OuwnjxSm+0l2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjYwNjMwMTMwMDU5WhcNMjYwNzAxMTMwMDU5WjAzMTEwLwYDVQQD
EygzNWE3OGJhMzE1ZWM0MDM5YWI5MjIwZGQxMzA4N2NjMmYxMjgyNDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozvkDQQyHRlkayGX9r003ZTCL5P1
Aci+8JconoFtXnKQDF9hbO0cr3p9Gvx1rVUXUZNXIz9Yq3iyvAYjIeTizZjY6p0Z
7oMrXhrGPSD2LPiO7b34Rj8FrLHRt8h9yqxQ5HwR1QwfvVq4C3m4SEAjpXZCN0Ji
HTWSdESLylRsswk5z1W3uLo/k0N09io/27ibdBlXmSkJzzXKM+NOALL0NnEoPPmr
V9Y5QmfiUp2aIbtetxJBuLXMADoBrD2rGqyrHcVlca9rxCVb02TJHFlFjNCPs8BV
GPwnFVXTpIVA9oEp50JcRR5ugcviBJthqRLqu/386L9gPn8oENq9r0EMnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWni6MV7EA5q5Ig3RMIfMLxKCQgMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFEenZzj3
buP4iAcay0xm4cTXpid6MQh1BN2rreVq4TmbNF4J31ikXnGdt4r/Wl2LNCcF6KpT
Ijeb4GySopOYx66kZjwGYghECIU8gZ4YXVLpW9lnI58MPlaN5eKm9/7CaSnKARZ6
R/kT8dh0FAdaAAmDwWZtDRxYCJLyhdR+v6KQU12j9yFremrsGz6DCHZgpw30j8jQ
tpTb9Rl94jzX26iIR4QHB73ilQSAeR+JOvgTXSepC43xEjdCfa8Ql62ddnP7jXAa
P0Qm2+lvl1peQ2WuDjrRLglzRPKcoVq/jK/+hlqGxZhMeu9lUhzlxuQ3uDCKevbi
h5/1LFxS/0o/yA==
-----END CERTIFICATE-----