Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
File:                     2IUFXXA5jPDHLM6sXlga1A8gPvw.mft (raw, json)
Hash identifier:          q0tN48NAfk41CIAZyufXDKeAYn4CruljJNvbDk2xz9s=
Subject key identifier:   B1:AD:0A:AF:92:69:4A:A5:51:17:15:3C:84:73:28:BF:51:CC:25:31
Authority key identifier: D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC
Certificate issuer:       /CN=d885055d70398cf0c72cceac5e581ad40f203efc
Certificate serial:       019E3072F1757152580A1ABAE0D73E94CBE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
Manifest number:          10D9
Signing time:             Sat 16 May 2026 11:01:39 +0000
Manifest this update:     Sat 16 May 2026 11:01:39 +0000
Manifest next update:     Sun 17 May 2026 11:01:39 +0000
Files and hashes:         1: 2IUFXXA5jPDHLM6sXlga1A8gPvw.crl (hash: 3NgI/bbNO6PGZayg/stWR1RlQq9IztoHtfcgY/Jz99U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 11:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:72:f1:75:71:52:58:0a:1a:ba:e0:d7:3e:94:cb:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d885055d70398cf0c72cceac5e581ad40f203efc
        Validity
            Not Before: May 16 11:01:39 2026 GMT
            Not After : May 17 11:01:39 2026 GMT
        Subject: CN=b1ad0aaf92694aa55117153c847328bf51cc2531
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:6e:e1:70:7a:95:fe:bf:8e:5f:2d:3f:5d:1e:
                    7e:95:86:b6:f9:9c:e7:c9:67:da:03:de:b7:4e:a8:
                    88:6e:be:3b:f4:f6:ff:b1:a7:a2:13:13:45:06:17:
                    02:02:67:40:83:a7:91:86:30:97:80:5e:94:6d:15:
                    41:22:43:d5:b2:07:31:76:96:26:5e:78:db:5b:59:
                    90:f7:23:94:f3:13:54:20:fe:68:e5:37:0e:a6:f3:
                    f2:2c:4b:7e:a2:23:c5:bb:07:5d:62:53:35:28:28:
                    1c:0d:0e:f0:d0:b5:8b:67:e4:c1:b1:22:25:39:a9:
                    ab:16:da:5d:b9:e6:50:22:4a:75:0a:cf:39:07:ec:
                    03:a0:84:b9:35:07:f1:19:1d:69:c7:df:ed:14:e4:
                    b5:f9:d5:8c:d1:5d:11:11:a5:ae:b4:1d:73:bc:26:
                    bd:73:33:65:33:68:86:41:14:6c:0c:a6:0f:f3:55:
                    57:9e:f6:d3:fa:4c:e6:d2:db:71:41:5c:d9:43:d4:
                    f4:ab:90:ce:9d:1d:4c:6b:45:6a:03:d7:25:5a:15:
                    24:07:36:84:d6:84:08:7c:70:83:25:3b:ba:87:fc:
                    58:bc:b9:36:91:9a:ff:dc:a6:d7:8d:a3:76:7f:2a:
                    66:79:1a:8a:0d:06:c1:c8:fe:26:c5:e0:d4:f7:49:
                    ac:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:AD:0A:AF:92:69:4A:A5:51:17:15:3C:84:73:28:BF:51:CC:25:31
            X509v3 Authority Key Identifier:
                keyid:D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:98:cb:37:6d:e8:2e:94:7e:51:b1:5a:c1:1e:44:43:f7:7d:
         a6:69:f3:57:d5:a3:6d:33:2e:ef:d0:41:a4:38:a2:bd:32:96:
         0c:ae:c8:44:39:aa:7e:f3:70:f0:79:83:d1:d5:55:98:80:50:
         f6:40:4f:f5:b1:f8:c9:98:9e:c8:20:08:0d:74:e7:8b:76:06:
         3c:e5:3f:e9:35:03:40:a5:30:4f:2a:8c:7f:a4:c4:54:84:81:
         88:ca:47:64:bd:e1:28:b3:86:bb:13:f9:b5:3a:9d:0d:55:99:
         76:80:04:8a:13:db:fc:00:81:a2:2e:d7:4b:b8:d1:5f:34:36:
         61:b8:e9:57:37:cd:43:92:1b:64:cb:d4:ba:e9:43:c7:2e:44:
         03:12:8f:bb:b8:11:89:00:31:76:d6:83:e9:13:88:90:9d:e4:
         81:d3:f7:c8:4a:65:4c:d7:e0:87:99:03:7d:6d:21:7e:6f:5b:
         fc:8f:4f:d9:96:4b:fa:4a:30:da:23:39:52:9f:10:98:aa:ba:
         4f:5f:fa:22:ac:60:19:a4:e5:3a:98:64:b3:f6:8b:b1:76:0f:
         75:b0:8c:63:15:aa:36:4d:ba:77:e9:17:51:6b:65:b8:f4:35:
         0a:8e:fb:f2:89:14:33:7f:a5:d9:69:41:de:97:b2:ba:be:ce:
         c2:10:18:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wcvF1cVJYChq64Nc+lMvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODUwNTVkNzAzOThjZjBjNzJjY2VhYzVlNTgxYWQ0MGYy
MDNlZmMwHhcNMjYwNTE2MTEwMTM5WhcNMjYwNTE3MTEwMTM5WjAzMTEwLwYDVQQD
EyhiMWFkMGFhZjkyNjk0YWE1NTExNzE1M2M4NDczMjhiZjUxY2MyNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG7hcHqV/r+OXy0/XR5+lYa2+Zzn
yWfaA963TqiIbr479Pb/saeiExNFBhcCAmdAg6eRhjCXgF6UbRVBIkPVsgcxdpYm
XnjbW1mQ9yOU8xNUIP5o5TcOpvPyLEt+oiPFuwddYlM1KCgcDQ7w0LWLZ+TBsSIl
OamrFtpdueZQIkp1Cs85B+wDoIS5NQfxGR1px9/tFOS1+dWM0V0REaWutB1zvCa9
czNlM2iGQRRsDKYP81VXnvbT+kzm0ttxQVzZQ9T0q5DOnR1Ma0VqA9clWhUkBzaE
1oQIfHCDJTu6h/xYvLk2kZr/3KbXjaN2fypmeRqKDQbByP4mxeDU90mssQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGtCq+SaUqlURcVPIRzKL9RzCUxMB8GA1UdIwQY
MBaAFNiFBV1wOYzwxyzOrF5YGtQPID78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUt
MWNhM2M2N2YxNTA2LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUtMWNhM2M2N2YxNTA2
LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY5jLN23o
LpR+UbFawR5EQ/d9pmnzV9WjbTMu79BBpDiivTKWDK7IRDmqfvNw8HmD0dVVmIBQ
9kBP9bH4yZieyCAIDXTni3YGPOU/6TUDQKUwTyqMf6TEVISBiMpHZL3hKLOGuxP5
tTqdDVWZdoAEihPb/ACBoi7XS7jRXzQ2YbjpVzfNQ5IbZMvUuulDxy5EAxKPu7gR
iQAxdtaD6ROIkJ3kgdP3yEplTNfgh5kDfW0hfm9b/I9P2ZZL+kow2iM5Up8QmKq6
T1/6IqxgGaTlOphks/aLsXYPdbCMYxWqNk26d+kXUWtluPQ1Co778okUM3+l2WlB
3peyur7OwhAY2w==
-----END CERTIFICATE-----