Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
File:                     2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft (raw, json)
Hash identifier:          A7GzZQoiOtEkLFuQzO5aEIZOKhxBhzg67lzlq9r7Q+I=
Subject key identifier:   9B:7D:DD:99:7C:9D:31:91:68:11:E4:BD:9D:2A:C4:61:19:EC:E4:3B
Authority key identifier: D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49
Certificate issuer:       /CN=d991d6890f91fb2cd77931b809bdb1eb05091349
Certificate serial:       019E2F96CD11CBA004362834509914933753
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
Manifest number:          13AA
Signing time:             Sat 16 May 2026 07:01:12 +0000
Manifest this update:     Sat 16 May 2026 07:01:12 +0000
Manifest next update:     Sun 17 May 2026 07:01:12 +0000
Files and hashes:         1: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl (hash: 09ngambo/Zgi230ZPr4Uz2J4DKs3SV34phCSCS4cOaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:cd:11:cb:a0:04:36:28:34:50:99:14:93:37:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d991d6890f91fb2cd77931b809bdb1eb05091349
        Validity
            Not Before: May 16 07:01:12 2026 GMT
            Not After : May 17 07:01:12 2026 GMT
        Subject: CN=9b7ddd997c9d31916811e4bd9d2ac46119ece43b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ba:ae:f3:71:17:4d:ad:7a:31:ec:95:60:2b:
                    40:22:29:a2:c7:51:e3:2d:b3:fe:7e:31:a7:c1:e4:
                    0b:45:7c:d2:2a:9b:b3:e1:7a:38:d1:d5:78:56:a1:
                    78:ec:fc:30:9c:00:e2:c2:ae:98:43:99:6d:2b:36:
                    92:b1:48:94:d3:95:14:12:91:24:4c:09:28:08:20:
                    f6:8a:4a:95:ad:d8:29:ef:55:25:f3:3a:d8:c2:1d:
                    63:e3:46:52:1a:7c:b4:9b:e4:b3:e4:cc:c8:32:0a:
                    2d:97:81:d4:f3:9b:bc:ef:be:c0:93:00:2a:67:65:
                    b7:b7:75:f9:cf:ae:53:d2:69:3d:f8:c8:69:0a:ed:
                    d8:cd:b5:b7:df:1a:d5:24:f6:47:db:ea:2f:21:3f:
                    4e:3d:67:66:cb:ed:9d:3a:b4:02:b8:85:99:0f:39:
                    37:d7:c5:9e:53:93:18:8d:f7:9d:0e:7e:42:e0:59:
                    96:f6:08:7e:5b:17:76:be:32:5b:1b:35:f4:47:70:
                    a2:90:5f:44:01:b9:fb:84:83:03:0c:1c:c1:0a:d7:
                    4b:b2:d3:9d:9c:75:b0:cd:f4:ae:ae:62:13:4c:ac:
                    98:dc:b3:fa:4d:55:8b:3e:3d:50:0d:f6:9a:8f:2e:
                    21:ab:17:2c:8e:e7:d6:ad:40:86:92:df:59:be:ec:
                    9a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:7D:DD:99:7C:9D:31:91:68:11:E4:BD:9D:2A:C4:61:19:EC:E4:3B
            X509v3 Authority Key Identifier:
                keyid:D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:2f:e0:12:83:f5:3a:7a:6b:6a:d6:eb:6b:00:45:dc:f3:d7:
         fd:c5:c9:30:b7:04:43:ec:5e:54:6f:0d:c3:69:90:1b:0b:2d:
         77:56:58:ba:20:be:56:7d:14:e4:9c:d2:e4:cb:39:61:49:5e:
         01:76:c0:e4:58:bd:48:b0:ca:91:e9:20:d2:54:e4:ce:b9:f3:
         64:96:4b:53:5c:86:c8:b0:af:c7:e1:89:de:58:7d:ba:b8:04:
         b4:2d:52:92:b5:2a:23:a3:8e:c7:da:02:04:81:af:e8:74:9b:
         a1:ba:5b:99:c6:22:f4:c2:88:45:8a:8e:2e:14:51:61:24:f1:
         c6:40:7f:15:28:f4:75:c6:5d:92:83:36:59:bc:ed:4e:1c:36:
         99:00:77:12:1e:6b:a2:34:43:3f:2c:49:93:71:fe:1f:86:76:
         22:93:f2:38:79:ea:6d:48:d5:55:96:25:4c:7b:71:91:48:99:
         e3:fa:72:90:18:7f:3f:ea:80:74:52:8a:b2:b5:4d:fe:a1:ae:
         ac:9c:00:f2:e0:66:e6:86:5c:0f:e3:b2:09:b6:42:c2:af:ff:
         76:3e:c5:fe:e3:c7:c1:cf:12:a7:3d:05:ab:3e:ec:bc:a7:f3:
         8e:9c:1d:b0:68:ca:49:5d:f5:4a:55:65:51:ca:d5:3c:b2:98:
         3e:7a:76:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vls0Ry6AENig0UJkUkzdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTFkNjg5MGY5MWZiMmNkNzc5MzFiODA5YmRiMWViMDUw
OTEzNDkwHhcNMjYwNTE2MDcwMTEyWhcNMjYwNTE3MDcwMTEyWjAzMTEwLwYDVQQD
Eyg5YjdkZGQ5OTdjOWQzMTkxNjgxMWU0YmQ5ZDJhYzQ2MTE5ZWNlNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbqu83EXTa16MeyVYCtAIimix1Hj
LbP+fjGnweQLRXzSKpuz4Xo40dV4VqF47PwwnADiwq6YQ5ltKzaSsUiU05UUEpEk
TAkoCCD2ikqVrdgp71Ul8zrYwh1j40ZSGny0m+Sz5MzIMgotl4HU85u8777AkwAq
Z2W3t3X5z65T0mk9+MhpCu3YzbW33xrVJPZH2+ovIT9OPWdmy+2dOrQCuIWZDzk3
18WeU5MYjfedDn5C4FmW9gh+Wxd2vjJbGzX0R3CikF9EAbn7hIMDDBzBCtdLstOd
nHWwzfSurmITTKyY3LP6TVWLPj1QDfaajy4hqxcsjufWrUCGkt9ZvuyaTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJt93Zl8nTGRaBHkvZ0qxGEZ7OQ7MB8GA1UdIwQY
MBaAFNmR1okPkfss13kxuAm9sesFCRNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDIt
YzQwODU3NjA4OWIxLzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDItYzQwODU3NjA4OWIx
LzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfS/gEoP1
OnpratbrawBF3PPX/cXJMLcEQ+xeVG8Nw2mQGwstd1ZYuiC+Vn0U5JzS5Ms5YUle
AXbA5Fi9SLDKkekg0lTkzrnzZJZLU1yGyLCvx+GJ3lh9urgEtC1SkrUqI6OOx9oC
BIGv6HSbobpbmcYi9MKIRYqOLhRRYSTxxkB/FSj0dcZdkoM2WbztThw2mQB3Eh5r
ojRDPyxJk3H+H4Z2IpPyOHnqbUjVVZYlTHtxkUiZ4/pykBh/P+qAdFKKsrVN/qGu
rJwA8uBm5oZcD+OyCbZCwq//dj7F/uPHwc8Spz0Fqz7svKfzjpwdsGjKSV31SlVl
UcrVPLKYPnp2Qg==
-----END CERTIFICATE-----