Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          EykRTCDTrBJesxOXJVcefq/EazDoJuTjgSSfNFxrRw4=
Subject key identifier:   F6:A9:D1:C7:31:BA:20:6A:1E:39:C6:2A:2D:DF:13:E9:D8:C7:06:1A
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       019E30DFDB7C77D2E3EE2DB72A8E485FEFF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          0870
Signing time:             Sat 16 May 2026 13:00:37 +0000
Manifest this update:     Sat 16 May 2026 13:00:37 +0000
Manifest next update:     Sun 17 May 2026 13:00:37 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: CBmcnG+54iwtapzPiPAl+rTfbtz1XI7IryyUCK1k4jc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:df:db:7c:77:d2:e3:ee:2d:b7:2a:8e:48:5f:ef:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: May 16 13:00:37 2026 GMT
            Not After : May 17 13:00:37 2026 GMT
        Subject: CN=f6a9d1c731ba206a1e39c62a2ddf13e9d8c7061a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:bc:11:61:06:44:41:58:1c:b5:7c:74:ff:d0:
                    1a:1d:e2:5c:ab:75:30:f6:45:2e:fa:0a:dc:e8:36:
                    62:42:fd:42:b0:fa:ef:55:b1:65:de:95:73:60:cc:
                    b5:cb:4f:b1:cd:38:21:fd:a5:de:98:7f:8e:11:4a:
                    14:7f:e3:a7:08:1a:30:47:25:0a:94:67:7e:ee:28:
                    0f:68:90:9a:5c:ba:ae:dd:c4:51:1e:8f:d8:14:f3:
                    79:a2:49:6f:12:e2:aa:bd:df:c3:8e:76:22:c6:b3:
                    4c:18:66:2a:e1:ec:16:c3:a0:1b:a8:d3:53:35:e2:
                    c0:3b:e5:e6:4c:37:47:a1:10:f7:d2:ef:22:79:ff:
                    a0:36:e4:f6:d3:c9:20:24:5e:74:04:15:96:17:41:
                    4e:d0:40:93:96:8f:ed:3a:c8:72:80:2b:67:a5:de:
                    b6:4c:90:5e:d0:f0:8b:0f:f2:c4:ba:fa:09:da:df:
                    da:07:0c:97:2a:66:40:ba:8c:4a:8d:ee:cc:92:77:
                    3e:dd:86:5f:5c:4b:d1:6c:48:46:6f:28:e1:50:c2:
                    ac:c7:9f:08:31:cf:12:e6:53:91:db:b0:49:3e:b7:
                    6e:ef:9a:90:40:5c:bf:f5:15:ad:63:b8:4d:f9:de:
                    46:78:95:37:84:41:0f:18:3e:e6:34:f5:bf:18:70:
                    cc:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:A9:D1:C7:31:BA:20:6A:1E:39:C6:2A:2D:DF:13:E9:D8:C7:06:1A
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:22:18:19:86:e1:98:8d:5a:c1:19:88:81:d9:53:54:4e:21:
         28:44:e2:bc:9e:04:15:11:80:ec:38:d6:57:26:68:8f:fe:4d:
         1e:13:48:20:8a:bf:43:59:32:6a:70:6c:d5:8c:32:6c:5a:99:
         f6:3b:a4:f1:78:e6:3b:00:5b:de:df:0b:1c:39:c2:e7:af:a3:
         8d:e2:85:1e:58:88:33:1f:88:12:4f:50:98:d7:e0:c1:13:d8:
         0b:e4:27:7c:a0:dc:2b:66:31:9e:1a:60:98:72:fe:86:e5:65:
         7d:2e:db:b5:e9:cc:93:1f:2b:40:08:2b:26:94:e1:ed:f3:4f:
         e6:cf:ee:7c:db:32:0e:59:5f:11:30:17:b9:da:b5:66:40:f2:
         bd:e8:a4:b7:68:fe:cb:0a:77:b7:bf:6a:13:08:f6:e9:4a:d2:
         d6:a7:b3:4e:ce:a6:ba:73:91:96:a1:85:a1:0a:e8:2e:e7:88:
         ca:ab:d7:c2:98:b9:74:96:a7:7a:ac:78:cc:fb:b3:60:38:fc:
         b1:5e:3c:92:31:fa:bf:60:17:81:60:a5:ca:a1:bc:00:c4:cf:
         bc:7b:e6:50:f4:f0:c8:9c:3e:14:c9:d3:44:52:22:86:9f:b9:
         04:f4:fa:35:1a:5c:b1:d0:dd:a8:48:1e:9a:56:45:a7:e1:f1:
         5f:57:8e:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4w39t8d9Lj7i23Ko5IX+/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjYwNTE2MTMwMDM3WhcNMjYwNTE3MTMwMDM3WjAzMTEwLwYDVQQD
EyhmNmE5ZDFjNzMxYmEyMDZhMWUzOWM2MmEyZGRmMTNlOWQ4YzcwNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7wRYQZEQVgctXx0/9AaHeJcq3Uw
9kUu+grc6DZiQv1CsPrvVbFl3pVzYMy1y0+xzTgh/aXemH+OEUoUf+OnCBowRyUK
lGd+7igPaJCaXLqu3cRRHo/YFPN5oklvEuKqvd/DjnYixrNMGGYq4ewWw6AbqNNT
NeLAO+XmTDdHoRD30u8ief+gNuT208kgJF50BBWWF0FO0ECTlo/tOshygCtnpd62
TJBe0PCLD/LEuvoJ2t/aBwyXKmZAuoxKje7Mknc+3YZfXEvRbEhGbyjhUMKsx58I
Mc8S5lOR27BJPrdu75qQQFy/9RWtY7hN+d5GeJU3hEEPGD7mNPW/GHDMPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPap0ccxuiBqHjnGKi3fE+nYxwYaMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUyIYGYbh
mI1awRmIgdlTVE4hKETivJ4EFRGA7DjWVyZoj/5NHhNIIIq/Q1kyanBs1YwybFqZ
9juk8XjmOwBb3t8LHDnC56+jjeKFHliIMx+IEk9QmNfgwRPYC+QnfKDcK2Yxnhpg
mHL+huVlfS7btenMkx8rQAgrJpTh7fNP5s/ufNsyDllfETAXudq1ZkDyveikt2j+
ywp3t79qEwj26UrS1qezTs6munORlqGFoQroLueIyqvXwpi5dJaneqx4zPuzYDj8
sV48kjH6v2AXgWClyqG8AMTPvHvmUPTwyJw+FMnTRFIihp+5BPT6NRpcsdDdqEge
mlZFp+HxX1eOnQ==
-----END CERTIFICATE-----