Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          IC2giRSNSA8V/7a3gTnSMa8pFO3kUcfpCxJisgRtHrE=
Subject key identifier:   C0:F6:C3:9F:AC:4F:05:64:F4:39:21:80:C2:41:EE:AD:E8:26:74:C8
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       019D386586CD85B6E2D8B1A78F08CA247E87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          0913
Signing time:             Sun 29 Mar 2026 07:01:10 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:10 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:10 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: 6qFzmgDKy1TdnrMzS2PqkDaFfX9J4vX3spQ09jXlRZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:86:cd:85:b6:e2:d8:b1:a7:8f:08:ca:24:7e:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Mar 29 07:01:10 2026 GMT
            Not After : Mar 30 07:01:10 2026 GMT
        Subject: CN=c0f6c39fac4f0564f4392180c241eeade82674c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4b:5f:12:75:d7:a2:79:14:19:0e:8f:d0:eb:
                    25:e0:1e:79:e1:b6:60:e4:18:6b:ae:09:66:53:29:
                    60:45:8e:fe:6b:b5:e7:4f:2a:5a:b6:4d:f2:fc:09:
                    89:55:90:f3:5b:77:c4:93:9f:ab:ba:0f:bb:97:66:
                    72:23:17:38:75:81:82:b1:05:88:2e:e8:cf:df:f1:
                    e2:34:61:f2:53:cc:8a:65:f9:12:b7:a9:43:76:b0:
                    00:7a:19:de:8d:04:aa:5a:b4:69:74:c7:21:b7:21:
                    40:f0:f9:4a:d5:dc:e9:ea:a5:7e:96:fc:47:9f:52:
                    4f:b2:a5:5a:55:23:8c:fc:32:ca:89:0e:dd:a3:17:
                    59:24:08:9b:5c:5a:13:90:f5:69:81:a2:d3:18:dd:
                    db:6e:3f:c2:ff:61:11:5b:35:1c:d1:a4:3e:5b:01:
                    af:ec:07:3b:06:f7:96:ec:e5:17:be:6e:bc:49:21:
                    30:d6:b5:3d:49:16:35:af:b4:7b:86:8f:ee:c8:1a:
                    17:3c:40:94:20:87:d9:bf:63:e1:24:7a:5b:7e:04:
                    22:56:4b:53:55:be:3a:3f:2e:cb:f9:2d:5f:3d:6a:
                    ed:42:06:7b:e8:5c:5c:54:e2:17:f2:46:d0:26:37:
                    62:ed:2d:0c:3e:e5:1e:e9:51:08:8f:9f:cb:be:6d:
                    91:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:F6:C3:9F:AC:4F:05:64:F4:39:21:80:C2:41:EE:AD:E8:26:74:C8
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:e4:24:93:b8:47:71:63:b9:5b:f0:6f:fb:cc:df:0e:71:30:
         1e:c6:a1:75:42:0e:2b:5d:f2:30:7c:9c:25:fa:40:25:40:a6:
         2a:4b:d9:c6:c8:38:ad:b5:4e:84:7a:6f:5e:e2:cc:b7:78:20:
         54:95:36:0f:7d:04:7e:1a:db:7c:cf:73:e3:1f:a8:9a:e4:b1:
         5e:af:ed:37:9d:3c:f2:4b:5e:14:a6:65:4a:62:05:97:9c:bc:
         16:12:74:4f:29:2e:97:a5:a8:1e:22:86:54:4c:a2:2b:a4:1b:
         7a:2d:bc:3e:25:14:9a:00:c7:84:cf:aa:72:06:93:1e:65:11:
         2c:7a:05:9d:9b:3a:42:b5:d3:aa:98:29:aa:63:58:ff:85:aa:
         4f:96:c4:6b:93:e1:0a:6b:1e:98:7c:05:5b:89:54:18:e3:d2:
         00:6c:b7:9c:1a:8a:f3:b8:0e:dc:62:80:77:d9:ba:c4:b4:13:
         bb:a5:0a:42:b4:ad:73:1d:2a:1c:6c:cc:c0:fd:e0:33:f9:72:
         79:4d:cd:a2:ca:e9:63:25:7c:a3:f5:2a:77:6f:02:20:b7:90:
         71:c8:43:a4:79:e5:1d:7c:ee:5f:11:04:4d:af:2d:b2:44:f7:
         f3:03:15:12:bb:aa:70:2f:88:24:29:ab:38:f9:91:7b:7a:1c:
         fd:64:34:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYbNhbbi2LGnjwjKJH6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjYwMzI5MDcwMTEwWhcNMjYwMzMwMDcwMTEwWjAzMTEwLwYDVQQD
EyhjMGY2YzM5ZmFjNGYwNTY0ZjQzOTIxODBjMjQxZWVhZGU4MjY3NGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUtfEnXXonkUGQ6P0Osl4B554bZg
5BhrrglmUylgRY7+a7XnTypatk3y/AmJVZDzW3fEk5+rug+7l2ZyIxc4dYGCsQWI
LujP3/HiNGHyU8yKZfkSt6lDdrAAehnejQSqWrRpdMchtyFA8PlK1dzp6qV+lvxH
n1JPsqVaVSOM/DLKiQ7doxdZJAibXFoTkPVpgaLTGN3bbj/C/2ERWzUc0aQ+WwGv
7Ac7BveW7OUXvm68SSEw1rU9SRY1r7R7ho/uyBoXPECUIIfZv2PhJHpbfgQiVktT
Vb46Py7L+S1fPWrtQgZ76FxcVOIX8kbQJjdi7S0MPuUe6VEIj5/Lvm2RIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMD2w5+sTwVk9DkhgMJB7q3oJnTIMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATeQkk7hH
cWO5W/Bv+8zfDnEwHsahdUIOK13yMHycJfpAJUCmKkvZxsg4rbVOhHpvXuLMt3gg
VJU2D30EfhrbfM9z4x+omuSxXq/tN5088kteFKZlSmIFl5y8FhJ0Tykul6WoHiKG
VEyiK6Qbei28PiUUmgDHhM+qcgaTHmURLHoFnZs6QrXTqpgpqmNY/4WqT5bEa5Ph
CmsemHwFW4lUGOPSAGy3nBqK87gO3GKAd9m6xLQTu6UKQrStcx0qHGzMwP3gM/ly
eU3NosrpYyV8o/Uqd28CILeQcchDpHnlHXzuXxEETa8tskT38wMVEruqcC+IJCmr
OPmRe3oc/WQ0vQ==
-----END CERTIFICATE-----