Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
File:                     2krNipcsDnNxGs9H4MhFmhz3JgY.mft (raw, json)
Hash identifier:          pxSNpSV4hRjCu4mgM1Ktz/ICjb5z4uN9lq0vMyF23Oc=
Subject key identifier:   94:83:EF:73:1A:C7:F3:86:DF:6F:AE:02:7D:0E:FA:13:7E:50:55:AB
Authority key identifier: DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06
Certificate issuer:       /CN=da4acd8a972c0e73711acf47e0c8459a1cf72606
Certificate serial:       019F17F92EB435FF6234763BCF5103460AA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
Manifest number:          18E4
Signing time:             Tue 30 Jun 2026 10:00:34 +0000
Manifest this update:     Tue 30 Jun 2026 10:00:34 +0000
Manifest next update:     Wed 01 Jul 2026 10:00:34 +0000
Files and hashes:         1: 2krNipcsDnNxGs9H4MhFmhz3JgY.crl (hash: L/lJ/PRsAWP2DM5gohFwnHPVSJFA4VpAGJjcN/aVvj0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 10:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:f9:2e:b4:35:ff:62:34:76:3b:cf:51:03:46:0a:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da4acd8a972c0e73711acf47e0c8459a1cf72606
        Validity
            Not Before: Jun 30 10:00:34 2026 GMT
            Not After : Jul  1 10:00:34 2026 GMT
        Subject: CN=9483ef731ac7f386df6fae027d0efa137e5055ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:11:53:5e:2f:3d:32:89:34:df:3f:ef:07:c8:
                    6e:fa:11:49:19:85:b4:3e:7f:82:e7:1f:0a:d6:bc:
                    29:3c:ea:f1:a4:e0:2d:b9:e7:71:17:85:dd:7b:28:
                    62:72:9b:4e:25:23:5b:64:9f:24:d7:cb:e9:dd:13:
                    20:a6:b2:93:16:cb:7c:e1:bf:7c:dc:1a:73:66:1e:
                    43:65:cb:b3:35:dd:50:c5:6a:ad:ce:04:b9:d8:55:
                    dc:09:f6:10:e0:0d:37:fe:07:01:4c:5d:bf:05:d6:
                    d8:d7:84:34:bd:3d:75:3c:b0:28:0e:12:ca:4e:6d:
                    93:6a:e9:15:0e:c3:c0:ba:5c:e1:a3:18:be:55:e6:
                    e6:fb:cf:0c:54:f2:99:04:05:59:73:58:69:50:fe:
                    e4:03:8e:1f:62:a5:39:5a:2c:da:8a:d7:34:48:47:
                    5a:92:21:45:ab:a3:ac:2b:d7:2b:2b:11:b8:b0:01:
                    a1:aa:58:d4:e5:03:58:b5:63:f0:39:7b:ed:cc:ce:
                    1d:90:8b:db:b1:30:6b:b8:bf:ed:0b:4a:a8:5c:ac:
                    46:9c:4f:00:d0:b8:3d:f5:56:26:a1:32:b8:e8:dd:
                    68:22:5a:67:e8:7c:5e:34:91:b8:4e:3e:93:38:66:
                    c5:bc:b4:85:1a:d0:b6:c2:03:c5:66:de:76:be:5a:
                    5b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:83:EF:73:1A:C7:F3:86:DF:6F:AE:02:7D:0E:FA:13:7E:50:55:AB
            X509v3 Authority Key Identifier:
                keyid:DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:bf:31:74:7e:54:0e:d2:23:48:2f:42:10:7f:df:83:11:2a:
         2f:fb:4c:a9:e2:75:3b:6f:e9:59:33:94:46:38:e2:d6:9b:8f:
         9a:ad:ab:c6:65:25:47:3b:50:a4:97:92:ad:93:e0:23:bf:ce:
         b7:3d:ae:17:24:44:2a:dd:bb:27:03:a4:08:a6:5c:b4:81:59:
         b4:27:3b:86:46:6e:ba:b0:54:d4:6c:4c:f2:60:60:25:7e:0a:
         c4:89:13:25:ad:0b:af:a3:b6:95:58:39:81:62:5e:de:26:20:
         48:8e:de:0f:3c:02:19:2a:23:fa:12:fd:72:50:7f:e4:70:bb:
         b9:55:ee:21:33:12:3c:0d:c0:30:6f:84:f3:88:73:ce:2f:83:
         3b:78:9e:a9:74:d7:67:94:2c:45:6b:79:7c:da:2e:11:2f:41:
         da:41:e2:17:1d:57:94:5a:4b:a0:1e:c7:5e:3f:3f:a8:5e:5c:
         e6:b8:9c:77:72:cd:80:67:e2:75:32:fb:51:10:c5:a6:36:11:
         54:1f:03:61:5b:0b:19:5d:80:28:16:7a:f5:9d:0c:28:55:74:
         93:8f:dc:31:ee:0e:89:1b:8e:76:9e:37:92:74:f4:f9:48:9c:
         ca:be:d7:2c:45:0b:1a:b0:63:4b:ab:02:5f:0c:57:ce:a1:1b:
         ab:3c:34:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8X+S60Nf9iNHY7z1EDRgqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNGFjZDhhOTcyYzBlNzM3MTFhY2Y0N2UwYzg0NTlhMWNm
NzI2MDYwHhcNMjYwNjMwMTAwMDM0WhcNMjYwNzAxMTAwMDM0WjAzMTEwLwYDVQQD
Eyg5NDgzZWY3MzFhYzdmMzg2ZGY2ZmFlMDI3ZDBlZmExMzdlNTA1NWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBFTXi89Mok03z/vB8hu+hFJGYW0
Pn+C5x8K1rwpPOrxpOAtuedxF4XdeyhicptOJSNbZJ8k18vp3RMgprKTFst84b98
3BpzZh5DZcuzNd1QxWqtzgS52FXcCfYQ4A03/gcBTF2/BdbY14Q0vT11PLAoDhLK
Tm2TaukVDsPAulzhoxi+Vebm+88MVPKZBAVZc1hpUP7kA44fYqU5Wizaitc0SEda
kiFFq6OsK9crKxG4sAGhqljU5QNYtWPwOXvtzM4dkIvbsTBruL/tC0qoXKxGnE8A
0Lg99VYmoTK46N1oIlpn6HxeNJG4Tj6TOGbFvLSFGtC2wgPFZt52vlpbMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSD73Max/OG32+uAn0O+hN+UFWrMB8GA1UdIwQY
MBaAFNpKzYqXLA5zcRrPR+DIRZoc9yYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAt
OWU1ZmQ0MzkzNWI3LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAtOWU1ZmQ0MzkzNWI3
LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeL8xdH5U
DtIjSC9CEH/fgxEqL/tMqeJ1O2/pWTOURjji1puPmq2rxmUlRztQpJeSrZPgI7/O
tz2uFyREKt27JwOkCKZctIFZtCc7hkZuurBU1GxM8mBgJX4KxIkTJa0Lr6O2lVg5
gWJe3iYgSI7eDzwCGSoj+hL9clB/5HC7uVXuITMSPA3AMG+E84hzzi+DO3ieqXTX
Z5QsRWt5fNouES9B2kHiFx1XlFpLoB7HXj8/qF5c5ricd3LNgGfidTL7URDFpjYR
VB8DYVsLGV2AKBZ69Z0MKFV0k4/cMe4OiRuOdp43knT0+Uicyr7XLEULGrBjS6sC
XwxXzqEbqzw0Sw==
-----END CERTIFICATE-----