Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
File:                     2QrRERMYMAumeOiOBQKx_FHjU3k.mft (raw, json)
Hash identifier:          Cd55FaUPeGw4IQzvok1ewH8LIMLFMhNzR/RcM7JInwo=
Subject key identifier:   5C:79:02:10:A8:CD:43:70:1B:3A:F1:91:C5:98:87:92:B4:F9:B6:82
Authority key identifier: D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79
Certificate issuer:       /CN=d90ad1111318300ba678e88e0502b1fc51e35379
Certificate serial:       019E2FCD73DCDA1BBB5A5334DAE87CB3541D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
Manifest number:          0519
Signing time:             Sat 16 May 2026 08:00:54 +0000
Manifest this update:     Sat 16 May 2026 08:00:54 +0000
Manifest next update:     Sun 17 May 2026 08:00:54 +0000
Files and hashes:         1: 2QrRERMYMAumeOiOBQKx_FHjU3k.crl (hash: T8QNf+hnzuX2HOYYc/I57ZPNgUJFx1tjn6drPP3h09o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 08:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:cd:73:dc:da:1b:bb:5a:53:34:da:e8:7c:b3:54:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90ad1111318300ba678e88e0502b1fc51e35379
        Validity
            Not Before: May 16 08:00:54 2026 GMT
            Not After : May 17 08:00:54 2026 GMT
        Subject: CN=5c790210a8cd43701b3af191c5988792b4f9b682
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:10:62:31:db:c1:90:91:67:9c:71:62:a4:07:
                    2b:56:c9:9b:a6:05:23:e8:01:38:d7:0c:9c:d2:5d:
                    18:11:78:98:78:d6:35:a6:2f:db:32:25:85:93:8d:
                    6a:01:4f:51:2e:9a:cf:6c:f4:fc:56:20:6d:05:27:
                    2e:2c:e3:12:b9:64:30:45:7f:d6:31:16:20:24:0c:
                    12:d1:30:ef:3a:0c:f4:36:51:dd:b6:c8:fe:01:cd:
                    f0:6e:cd:b6:45:6f:a6:38:b4:40:99:ea:4d:af:8e:
                    87:e2:6a:ba:08:ec:cf:60:32:0f:a2:5c:7d:d4:22:
                    80:af:df:a8:e5:1f:9e:7c:d0:ca:4c:04:77:e6:bb:
                    ac:30:1a:3a:c3:70:46:26:cd:21:63:5a:f4:31:e3:
                    94:dd:fb:d2:71:93:b0:72:0a:9f:e6:8c:bd:ba:db:
                    14:f1:b8:fa:f9:f5:a4:3d:37:02:33:6e:f8:30:4b:
                    15:8c:1c:97:5a:55:e3:62:66:92:69:6e:24:47:a6:
                    d2:3c:80:49:27:6b:17:87:ee:63:b7:aa:f6:bd:d5:
                    f7:42:ac:c8:a1:d0:e0:ee:25:6c:1b:e1:cf:43:bf:
                    72:4e:d4:6a:87:b0:62:ac:53:cb:2c:6b:6b:64:0b:
                    4e:63:b2:fe:20:08:51:e6:0c:ab:e9:33:dd:dc:f6:
                    c7:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:79:02:10:A8:CD:43:70:1B:3A:F1:91:C5:98:87:92:B4:F9:B6:82
            X509v3 Authority Key Identifier:
                keyid:D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:99:f2:f2:8a:f7:a6:be:b4:ff:29:60:85:f3:ae:a5:a0:50:
         d2:9a:bc:39:ae:df:57:de:7b:6a:73:6b:82:dc:c9:25:cd:e1:
         cf:18:f2:59:4b:72:e2:59:30:16:7e:e5:f7:11:35:49:fb:fe:
         7c:aa:04:6e:84:0b:5b:69:79:7b:0e:0f:69:02:f0:8c:6e:40:
         30:02:38:96:38:6e:9d:2d:4e:e6:85:4e:40:45:1b:63:6d:33:
         2b:d6:b5:89:83:06:18:a5:75:a3:f5:fc:db:be:8d:bb:c0:b5:
         32:0f:c1:ec:51:f2:85:64:af:68:1d:7f:49:99:c4:ce:96:b8:
         c3:fc:cb:8d:68:a3:84:0a:16:93:bf:f9:1b:c0:c3:b5:a3:7b:
         ec:75:05:47:94:c1:59:3d:43:53:b2:3a:a6:48:a6:99:28:c5:
         27:7d:44:4f:b4:07:ca:21:a6:73:d0:0e:b5:85:e3:fa:ae:21:
         e3:54:06:48:a9:0a:42:8f:b7:00:81:28:e9:b4:ce:22:49:78:
         ac:2d:d6:76:c9:55:f3:9e:2c:5a:e9:f7:f9:44:0c:04:0c:4c:
         47:ef:51:ea:3e:4a:cb:2e:ae:2e:86:58:a4:a3:c7:52:d3:3e:
         ee:22:c5:b2:e3:c8:b9:be:d1:59:f0:f1:a3:f1:c1:41:2c:29:
         35:df:44:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vzXPc2hu7WlM02uh8s1QdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGFkMTExMTMxODMwMGJhNjc4ZTg4ZTA1MDJiMWZjNTFl
MzUzNzkwHhcNMjYwNTE2MDgwMDU0WhcNMjYwNTE3MDgwMDU0WjAzMTEwLwYDVQQD
Eyg1Yzc5MDIxMGE4Y2Q0MzcwMWIzYWYxOTFjNTk4ODc5MmI0ZjliNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xBiMdvBkJFnnHFipAcrVsmbpgUj
6AE41wyc0l0YEXiYeNY1pi/bMiWFk41qAU9RLprPbPT8ViBtBScuLOMSuWQwRX/W
MRYgJAwS0TDvOgz0NlHdtsj+Ac3wbs22RW+mOLRAmepNr46H4mq6COzPYDIPolx9
1CKAr9+o5R+efNDKTAR35rusMBo6w3BGJs0hY1r0MeOU3fvScZOwcgqf5oy9utsU
8bj6+fWkPTcCM274MEsVjByXWlXjYmaSaW4kR6bSPIBJJ2sXh+5jt6r2vdX3QqzI
odDg7iVsG+HPQ79yTtRqh7BirFPLLGtrZAtOY7L+IAhR5gyr6TPd3PbH/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFx5AhCozUNwGzrxkcWYh5K0+baCMB8GA1UdIwQY
MBaAFNkK0RETGDALpnjojgUCsfxR41N5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzIt
NWEyN2I4YWYyOGE1LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzItNWEyN2I4YWYyOGE1
LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmpny8or3
pr60/ylghfOupaBQ0pq8Oa7fV957anNrgtzJJc3hzxjyWUty4lkwFn7l9xE1Sfv+
fKoEboQLW2l5ew4PaQLwjG5AMAI4ljhunS1O5oVOQEUbY20zK9a1iYMGGKV1o/X8
276Nu8C1Mg/B7FHyhWSvaB1/SZnEzpa4w/zLjWijhAoWk7/5G8DDtaN77HUFR5TB
WT1DU7I6pkimmSjFJ31ET7QHyiGmc9AOtYXj+q4h41QGSKkKQo+3AIEo6bTOIkl4
rC3WdslV854sWun3+UQMBAxMR+9R6j5Kyy6uLoZYpKPHUtM+7iLFsuPIub7RWfDx
o/HBQSwpNd9ENw==
-----END CERTIFICATE-----