Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
File:                     2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft (raw, json)
Hash identifier:          CiMOjg67iGUAbc68Erj2ThxJ2Mrswsz0SGRL97Vr+x4=
Subject key identifier:   D5:58:AC:50:BF:46:35:EE:0D:DD:F2:DE:4E:5B:C9:F1:2F:F9:28:06
Authority key identifier: D9:D7:2B:03:3F:F6:FA:38:BF:23:61:39:AC:DB:77:A7:A0:A0:47:A3
Certificate issuer:       /CN=d9d72b033ff6fa38bf236139acdb77a7a0a047a3
Certificate serial:       019F194359552B49E2629FA043CD5B82C333
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
Manifest number:          1985
Signing time:             Tue 30 Jun 2026 16:01:11 +0000
Manifest this update:     Tue 30 Jun 2026 16:01:11 +0000
Manifest next update:     Wed 01 Jul 2026 16:01:11 +0000
Files and hashes:         1: 2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl (hash: z0PNVHSafggZ0eFUoFsc0SUytZfeTIF8eJR6LrABY24=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:43:59:55:2b:49:e2:62:9f:a0:43:cd:5b:82:c3:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9d72b033ff6fa38bf236139acdb77a7a0a047a3
        Validity
            Not Before: Jun 30 16:01:11 2026 GMT
            Not After : Jul  1 16:01:11 2026 GMT
        Subject: CN=d558ac50bf4635ee0dddf2de4e5bc9f12ff92806
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b6:f0:0c:9e:7d:77:47:df:5f:ce:dc:fe:c6:
                    88:8e:a4:9c:97:9a:8e:09:4f:fc:cb:dd:b2:29:61:
                    8b:47:54:8b:c9:db:b7:89:c0:97:7b:40:be:5e:1b:
                    82:7a:05:c0:47:2d:83:a5:74:06:00:96:95:24:ea:
                    9b:3a:1d:94:66:58:aa:c0:3e:99:0f:69:58:4b:43:
                    9d:1f:a8:d8:42:a8:9b:d8:50:80:7e:f6:9d:ed:55:
                    a3:70:65:31:23:71:20:2a:00:80:eb:3d:70:2c:d2:
                    08:23:d0:78:ac:b2:6f:11:99:a5:f4:96:8a:e2:7b:
                    75:82:03:99:a4:cb:ab:3a:7c:f0:fb:a6:cd:e6:37:
                    3a:86:c7:dc:5b:d3:37:f9:f6:ef:51:bc:c8:03:33:
                    1c:d7:ee:e0:15:7a:21:c5:b3:15:64:57:47:e1:7a:
                    08:9e:6f:df:94:85:8f:ff:85:40:51:b1:51:f0:39:
                    38:dd:2b:e5:8a:ff:7f:68:6c:05:21:a5:88:30:96:
                    23:6c:c9:03:13:62:8b:b7:6a:33:3f:b9:78:26:c9:
                    3e:c8:bd:f9:96:71:09:85:c5:44:96:49:1a:b9:f5:
                    c3:d1:40:04:b2:c3:56:39:54:2f:41:f2:df:52:ed:
                    c2:24:64:fe:05:92:36:e4:4b:77:a2:b7:e2:9b:9f:
                    a0:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:58:AC:50:BF:46:35:EE:0D:DD:F2:DE:4E:5B:C9:F1:2F:F9:28:06
            X509v3 Authority Key Identifier:
                keyid:D9:D7:2B:03:3F:F6:FA:38:BF:23:61:39:AC:DB:77:A7:A0:A0:47:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:e9:a4:2c:7e:43:ce:ab:3a:de:cf:e4:b1:47:b2:c9:22:9f:
         63:62:27:59:ed:55:d9:bc:e6:44:cc:81:50:33:16:a9:11:7c:
         a0:9e:90:47:a5:5d:d7:c6:d0:3f:7f:b6:ee:77:95:98:d8:3e:
         b8:60:d0:1c:f1:8f:fa:50:c1:fb:c4:e8:5a:89:23:95:52:b8:
         c3:70:07:48:5e:8d:de:5f:77:26:f2:36:13:b4:82:42:59:45:
         24:4f:71:ac:9d:13:5a:29:7c:8c:7a:ad:1b:27:32:61:eb:25:
         2f:c5:8a:ad:c3:1d:8f:c6:f1:38:7c:54:e2:67:1c:e9:39:61:
         76:55:35:46:7b:af:dd:c3:c1:45:6b:9f:df:14:16:cc:9e:ec:
         f2:59:64:34:9a:86:15:34:38:ab:57:77:8c:d4:5a:17:f4:44:
         fb:26:39:f3:bc:86:dd:a7:98:cc:01:47:7d:0c:19:48:72:ef:
         8f:dd:b1:75:60:87:ad:65:8d:0d:fd:5e:32:c4:96:7d:36:30:
         80:c1:df:a2:03:72:88:a4:9c:b9:6f:74:1c:de:a6:c3:88:6c:
         2f:55:77:f6:ff:9b:72:4f:fe:97:e8:88:42:ac:21:a1:ca:d6:
         e8:67:db:64:46:24:d6:54:d3:c3:88:2d:ed:7c:3b:aa:02:3c:
         c1:c5:19:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQ1lVK0niYp+gQ81bgsMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDcyYjAzM2ZmNmZhMzhiZjIzNjEzOWFjZGI3N2E3YTBh
MDQ3YTMwHhcNMjYwNjMwMTYwMTExWhcNMjYwNzAxMTYwMTExWjAzMTEwLwYDVQQD
EyhkNTU4YWM1MGJmNDYzNWVlMGRkZGYyZGU0ZTViYzlmMTJmZjkyODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrbwDJ59d0ffX87c/saIjqScl5qO
CU/8y92yKWGLR1SLydu3icCXe0C+XhuCegXARy2DpXQGAJaVJOqbOh2UZliqwD6Z
D2lYS0OdH6jYQqib2FCAfvad7VWjcGUxI3EgKgCA6z1wLNIII9B4rLJvEZml9JaK
4nt1ggOZpMurOnzw+6bN5jc6hsfcW9M3+fbvUbzIAzMc1+7gFXohxbMVZFdH4XoI
nm/flIWP/4VAUbFR8Dk43Svliv9/aGwFIaWIMJYjbMkDE2KLt2ozP7l4Jsk+yL35
lnEJhcVElkkaufXD0UAEssNWOVQvQfLfUu3CJGT+BZI25Et3orfim5+guQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNVYrFC/RjXuDd3y3k5byfEv+SgGMB8GA1UdIwQY
MBaAFNnXKwM/9vo4vyNhOazbd6egoEejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80Y2JhZjctYjgzYi00Nzk4LWFiMzYt
ZjgyMWE1YTVjZjZhLzEvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80Y2JhZjctYjgzYi00Nzk4LWFiMzYtZjgyMWE1YTVjZjZh
LzEvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHemkLH5D
zqs63s/ksUeyySKfY2InWe1V2bzmRMyBUDMWqRF8oJ6QR6Vd18bQP3+27neVmNg+
uGDQHPGP+lDB+8ToWokjlVK4w3AHSF6N3l93JvI2E7SCQllFJE9xrJ0TWil8jHqt
GycyYeslL8WKrcMdj8bxOHxU4mcc6TlhdlU1Rnuv3cPBRWuf3xQWzJ7s8llkNJqG
FTQ4q1d3jNRaF/RE+yY587yG3aeYzAFHfQwZSHLvj92xdWCHrWWNDf1eMsSWfTYw
gMHfogNyiKScuW90HN6mw4hsL1V39v+bck/+l+iIQqwhocrW6GfbZEYk1lTTw4gt
7Xw7qgI8wcUZxQ==
-----END CERTIFICATE-----