Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
File:                     2lPr-vXBh42KIqk44XMqigdxTzU.mft (raw, json)
Hash identifier:          NHeY/e7GqwhTS+5BpBb8k1bzsCTz2u3z/2YbWTaCtdI=
Subject key identifier:   33:3A:39:AF:84:21:BE:6F:DE:55:E8:33:66:3A:A7:5A:70:58:E0:0C
Authority key identifier: DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35
Certificate issuer:       /CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
Certificate serial:       019F189EB878A439098DFB5F75BA1946D256
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
Manifest number:          1984
Signing time:             Tue 30 Jun 2026 13:01:22 +0000
Manifest this update:     Tue 30 Jun 2026 13:01:22 +0000
Manifest next update:     Wed 01 Jul 2026 13:01:22 +0000
Files and hashes:         1: 2lPr-vXBh42KIqk44XMqigdxTzU.crl (hash: faszrmy1uk/Db/0CQD9wdzJJW2ny++TPD2ri7S7+ujU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 13:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:9e:b8:78:a4:39:09:8d:fb:5f:75:ba:19:46:d2:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
        Validity
            Not Before: Jun 30 13:01:22 2026 GMT
            Not After : Jul  1 13:01:22 2026 GMT
        Subject: CN=333a39af8421be6fde55e833663aa75a7058e00c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9a:c9:e3:cf:98:82:d2:0a:29:41:4b:ff:70:
                    bc:84:29:0f:8f:3f:0a:59:b7:b7:75:6b:34:8f:7b:
                    e8:f9:29:b4:ce:08:9d:73:b6:f4:2e:28:59:e3:35:
                    b3:a4:1f:61:d9:de:28:a9:49:6a:aa:a9:9f:2a:08:
                    b3:86:70:f1:a2:4f:fa:9c:98:ab:0a:57:57:76:be:
                    da:bd:3c:dd:92:59:bd:a9:35:8f:96:97:be:5e:4a:
                    9b:53:b2:17:63:4c:26:42:ed:0a:66:ce:3c:53:48:
                    a5:30:25:e4:38:d9:83:41:5a:1e:f5:64:71:ed:ab:
                    ae:05:9f:ef:78:b1:fd:73:5b:22:e7:a5:f4:f3:1b:
                    d7:fc:3f:33:8a:df:d2:5f:91:b2:74:5c:5f:9f:d6:
                    a6:87:26:ce:81:41:45:e7:61:60:5a:ce:04:1e:d5:
                    a0:01:aa:7d:19:31:a8:cf:61:77:4d:71:3e:14:d8:
                    ba:36:a0:86:10:70:13:5f:7e:e3:8a:2d:d6:a6:32:
                    d3:d6:80:3f:37:2f:83:ba:fd:42:12:f6:aa:66:dc:
                    84:76:d3:77:c4:60:87:cd:9d:16:b7:4e:1d:54:67:
                    c0:64:40:04:c4:79:97:f6:e5:d7:d4:63:3f:01:04:
                    bd:30:a5:7f:d8:49:9a:b8:11:f5:73:fd:e5:d3:2d:
                    a1:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:3A:39:AF:84:21:BE:6F:DE:55:E8:33:66:3A:A7:5A:70:58:E0:0C
            X509v3 Authority Key Identifier:
                keyid:DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:ad:af:e9:d8:25:25:15:5f:26:6d:57:34:af:f9:cc:b8:97:
         d0:1e:8e:35:96:11:6c:f3:96:b2:ef:bd:f8:bf:0c:b9:72:00:
         49:de:48:79:3c:ff:b2:2f:c5:03:92:46:bb:7a:d6:22:b4:da:
         e3:73:cb:99:8b:cc:cf:ec:d8:d1:82:79:3f:1c:f9:39:08:2b:
         b2:8d:c0:77:28:34:92:89:58:1a:40:65:0d:df:f1:96:51:11:
         0e:12:9e:a6:93:5b:17:32:cd:e9:9e:18:45:89:cb:c1:f7:03:
         50:64:44:d2:5c:0f:ec:06:ca:d4:62:00:88:9b:80:f8:6f:c0:
         86:bb:eb:57:e0:0a:53:28:0e:e6:ac:33:db:71:7c:e2:a9:ec:
         c2:07:e4:ff:5e:e8:8f:d0:70:35:25:4b:8b:b0:72:8e:e8:a3:
         ba:be:8e:aa:92:76:bf:7f:3c:ab:c5:4b:71:c5:a6:31:a4:c5:
         e4:a5:36:15:e8:ae:77:3a:42:3d:8e:ed:32:29:8e:f6:87:66:
         14:bb:50:72:8a:c7:71:70:87:ae:85:e6:57:5e:f4:be:3a:92:
         1c:a0:00:a6:40:ab:1d:57:2e:4a:2e:92:6a:db:cb:25:cd:7a:
         0c:ce:f9:9a:c2:ce:67:cd:a3:cc:a4:41:92:3f:d9:15:bd:32:
         6d:2b:9b:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Ynrh4pDkJjftfdboZRtJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTNlYmZhZjVjMTg3OGQ4YTIyYTkzOGUxNzMyYThhMDc3
MTRmMzUwHhcNMjYwNjMwMTMwMTIyWhcNMjYwNzAxMTMwMTIyWjAzMTEwLwYDVQQD
EygzMzNhMzlhZjg0MjFiZTZmZGU1NWU4MzM2NjNhYTc1YTcwNThlMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZrJ48+YgtIKKUFL/3C8hCkPjz8K
Wbe3dWs0j3vo+Sm0zgidc7b0LihZ4zWzpB9h2d4oqUlqqqmfKgizhnDxok/6nJir
CldXdr7avTzdklm9qTWPlpe+XkqbU7IXY0wmQu0KZs48U0ilMCXkONmDQVoe9WRx
7auuBZ/veLH9c1si56X08xvX/D8zit/SX5GydFxfn9amhybOgUFF52FgWs4EHtWg
Aap9GTGoz2F3TXE+FNi6NqCGEHATX37jii3WpjLT1oA/Ny+Duv1CEvaqZtyEdtN3
xGCHzZ0Wt04dVGfAZEAExHmX9uXX1GM/AQS9MKV/2EmauBH1c/3l0y2haQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDM6Oa+EIb5v3lXoM2Y6p1pwWOAMMB8GA1UdIwQY
MBaAFNpT6/r1wYeNiiKpOOFzKooHcU81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgt
OTNjOWU2YjA5M2JjLzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgtOTNjOWU2YjA5M2Jj
LzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbq2v6dgl
JRVfJm1XNK/5zLiX0B6ONZYRbPOWsu+9+L8MuXIASd5IeTz/si/FA5JGu3rWIrTa
43PLmYvMz+zY0YJ5Pxz5OQgrso3Adyg0kolYGkBlDd/xllERDhKeppNbFzLN6Z4Y
RYnLwfcDUGRE0lwP7AbK1GIAiJuA+G/AhrvrV+AKUygO5qwz23F84qnswgfk/17o
j9BwNSVLi7Byjuijur6OqpJ2v388q8VLccWmMaTF5KU2FeiudzpCPY7tMimO9odm
FLtQcorHcXCHroXmV170vjqSHKAApkCrHVcuSi6SatvLJc16DM75msLOZ82jzKRB
kj/ZFb0ybSubTg==
-----END CERTIFICATE-----