Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          9CabQymcG251FgNfwsCCJFlJ+ZlEHOvqIan6iw1rRdo=
Subject key identifier:   91:49:E9:A6:1F:D1:12:BA:2C:AF:F2:C6:E0:FC:23:6F:AF:5E:E5:41
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       019D37C008AC6FE3DB2B4484F55BF1060E4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          07EF
Signing time:             Sun 29 Mar 2026 04:00:25 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:25 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:25 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: 2wlWC19A41m5bKD1uDZ3BwEZWmJ1r86s6is5hNqRBKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:08:ac:6f:e3:db:2b:44:84:f5:5b:f1:06:0e:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Mar 29 04:00:25 2026 GMT
            Not After : Mar 30 04:00:25 2026 GMT
        Subject: CN=9149e9a61fd112ba2caff2c6e0fc236faf5ee541
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e0:25:5a:35:26:d3:78:47:d6:f4:47:86:38:
                    af:74:40:c3:2d:17:e2:5b:f8:f4:d3:10:83:1f:51:
                    c9:ec:f3:a8:2e:da:cf:95:c1:9e:b1:7a:dd:9a:85:
                    4d:b9:6a:35:24:97:43:bf:de:5a:e0:e3:16:98:6a:
                    68:a8:c5:65:46:10:f1:d7:2c:22:22:21:f1:90:68:
                    b2:1f:52:d3:73:67:8d:55:c3:c1:55:46:d0:a9:45:
                    46:5e:51:d0:23:09:49:22:6b:5d:51:74:a0:80:14:
                    05:45:e0:bd:97:3b:de:da:9d:0c:c4:a2:70:e5:0d:
                    5b:d3:38:47:0d:02:58:f4:93:fd:36:62:fc:56:a8:
                    b8:3d:12:97:18:40:b6:60:3e:b7:44:c6:87:f1:a1:
                    2c:53:4a:0f:25:bc:91:39:f3:f4:c8:54:89:e8:91:
                    5b:16:8d:df:a3:de:b2:7b:a1:0a:cb:7f:a9:3b:d7:
                    34:45:46:59:29:aa:a2:93:6b:f2:d9:e0:9f:c0:20:
                    c4:4e:7a:dd:00:e8:6a:e0:4d:df:f9:16:89:5b:34:
                    8d:48:b3:d2:02:df:e1:d3:52:98:6f:6a:74:26:c3:
                    85:16:33:6d:fa:2f:82:80:79:54:b6:24:7c:d0:4f:
                    b8:64:78:52:75:5f:4b:41:55:13:d4:17:4e:3d:cd:
                    5d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:49:E9:A6:1F:D1:12:BA:2C:AF:F2:C6:E0:FC:23:6F:AF:5E:E5:41
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:6d:09:9f:9c:7c:92:95:53:28:d7:52:b8:c1:cd:93:10:03:
         5f:0f:f9:f7:61:06:3e:43:9d:ec:d9:8d:b2:37:37:f8:3d:44:
         ca:27:9f:39:cc:5f:bc:1b:aa:c4:0c:7a:56:6c:58:ce:b3:a6:
         c8:18:c9:55:32:b5:ff:b8:e7:25:77:44:f1:e6:15:df:f7:2b:
         ee:3f:95:26:fa:89:8a:f4:3e:7f:ca:37:f2:4c:b0:5f:1b:1d:
         d7:d7:ff:a5:92:5e:8d:50:64:6a:6f:e3:0b:ae:35:3b:5e:bd:
         7a:75:a2:e2:3a:1d:0d:85:4a:0d:45:54:d2:79:2d:4f:f6:bc:
         8c:b4:22:3e:22:67:db:88:89:dd:9d:4a:14:8c:e0:e3:93:f9:
         75:c7:23:12:e9:b6:a7:15:3a:00:94:75:7f:d6:7a:2c:bc:dc:
         b2:0c:3d:89:a0:2a:c0:cf:d6:cd:bb:65:01:cc:c4:c9:eb:58:
         55:cf:99:eb:3a:92:b7:2f:88:93:28:ce:50:c6:d7:6c:15:03:
         2c:6b:50:db:a3:65:bb:75:62:cf:20:a5:57:42:2b:af:6a:7b:
         65:9d:e8:ef:20:8e:bc:7b:9a:b8:7f:91:02:b8:b0:40:a1:ea:
         de:d2:ee:2d:ad:12:a7:27:3c:e0:d0:7b:c7:79:a2:3e:9a:de:
         21:e2:c5:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wAisb+PbK0SE9VvxBg5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjYwMzI5MDQwMDI1WhcNMjYwMzMwMDQwMDI1WjAzMTEwLwYDVQQD
Eyg5MTQ5ZTlhNjFmZDExMmJhMmNhZmYyYzZlMGZjMjM2ZmFmNWVlNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOAlWjUm03hH1vRHhjivdEDDLRfi
W/j00xCDH1HJ7POoLtrPlcGesXrdmoVNuWo1JJdDv95a4OMWmGpoqMVlRhDx1ywi
IiHxkGiyH1LTc2eNVcPBVUbQqUVGXlHQIwlJImtdUXSggBQFReC9lzve2p0MxKJw
5Q1b0zhHDQJY9JP9NmL8Vqi4PRKXGEC2YD63RMaH8aEsU0oPJbyROfP0yFSJ6JFb
Fo3fo96ye6EKy3+pO9c0RUZZKaqik2vy2eCfwCDETnrdAOhq4E3f+RaJWzSNSLPS
At/h01KYb2p0JsOFFjNt+i+CgHlUtiR80E+4ZHhSdV9LQVUT1BdOPc1dUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJFJ6aYf0RK6LK/yxuD8I2+vXuVBMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArG0Jn5x8
kpVTKNdSuMHNkxADXw/592EGPkOd7NmNsjc3+D1EyiefOcxfvBuqxAx6VmxYzrOm
yBjJVTK1/7jnJXdE8eYV3/cr7j+VJvqJivQ+f8o38kywXxsd19f/pZJejVBkam/j
C641O169enWi4jodDYVKDUVU0nktT/a8jLQiPiJn24iJ3Z1KFIzg45P5dccjEum2
pxU6AJR1f9Z6LLzcsgw9iaAqwM/WzbtlAczEyetYVc+Z6zqSty+IkyjOUMbXbBUD
LGtQ26Nlu3VizyClV0Irr2p7ZZ3o7yCOvHuauH+RAriwQKHq3tLuLa0Spyc84NB7
x3miPpreIeLFJA==
-----END CERTIFICATE-----