Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
File:                     2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft (raw, json)
Hash identifier:          9odmXWAeIGuPZjw6an7lHkiB7Go+tHUa0E7cKwesZAY=
Subject key identifier:   BA:E4:D7:D2:5D:BE:27:AC:B0:20:36:F8:C6:80:56:81:28:93:FB:39
Authority key identifier: D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5
Certificate issuer:       /CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
Certificate serial:       019E2F96AFFD5E6239CFB945EA32E1FD2028
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
Manifest number:          0DAD
Signing time:             Sat 16 May 2026 07:01:05 +0000
Manifest this update:     Sat 16 May 2026 07:01:05 +0000
Manifest next update:     Sun 17 May 2026 07:01:05 +0000
Files and hashes:         1: 2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl (hash: kqCZgjS9z68tnB/mohJM85YBhdJoC5JINUqwf4tbwf4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:af:fd:5e:62:39:cf:b9:45:ea:32:e1:fd:20:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
        Validity
            Not Before: May 16 07:01:05 2026 GMT
            Not After : May 17 07:01:05 2026 GMT
        Subject: CN=bae4d7d25dbe27acb02036f8c68056812893fb39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:67:a3:b9:fd:c4:09:13:97:e8:f9:4e:a1:79:
                    c8:fe:3c:95:81:96:ba:53:4b:c1:0f:55:4c:bf:6d:
                    35:08:77:b4:5e:fb:bd:70:bd:81:9c:d2:98:18:74:
                    d9:55:39:8d:7f:78:79:76:76:6f:90:5e:d1:9c:84:
                    03:34:bd:84:d2:88:a5:08:2e:6d:e9:db:bf:4f:85:
                    c6:61:2b:be:25:05:75:87:ff:8d:3a:4c:69:c5:b6:
                    81:04:cc:7e:72:0a:7f:0b:80:fb:04:47:0a:73:48:
                    10:7a:41:13:4b:d1:28:e1:56:08:3c:1d:87:1b:45:
                    fe:71:f3:65:d6:0e:cd:54:28:5e:69:8b:e1:05:4d:
                    5b:de:98:3a:ca:37:be:e0:c3:f1:c8:40:63:c2:dc:
                    c1:5d:85:e9:0e:57:ea:0f:61:79:d7:a2:ec:18:7b:
                    c6:04:c7:a8:8d:ae:fd:4a:07:c2:04:49:68:99:7e:
                    a3:63:f9:e1:80:ff:0d:bd:04:cb:cb:69:83:7e:53:
                    67:87:e2:97:e4:b7:6b:8a:f6:15:4b:77:09:4f:a0:
                    bd:45:cb:83:9c:3b:fe:32:78:89:f4:f7:dd:af:97:
                    31:8c:33:eb:d3:95:f4:5e:6a:16:a0:47:cc:85:25:
                    7b:3c:d7:28:1e:c1:1c:c3:70:14:85:97:00:09:04:
                    b8:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:E4:D7:D2:5D:BE:27:AC:B0:20:36:F8:C6:80:56:81:28:93:FB:39
            X509v3 Authority Key Identifier:
                keyid:D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:e4:09:3e:ef:57:27:6a:0e:17:de:b9:ac:fc:ea:a0:00:c5:
         2b:04:1b:ae:2a:b9:c2:70:81:84:1d:09:a5:e5:f8:80:07:da:
         02:9b:74:c1:b1:35:a2:1a:f0:7a:a3:31:62:d3:44:19:90:bf:
         1c:0f:f8:59:38:e9:86:5d:29:93:ae:6b:45:1f:62:22:e0:d8:
         7a:67:8e:38:10:1a:f5:0d:75:59:15:c5:0d:fe:fd:04:7d:bf:
         ab:44:f0:5f:ac:fc:0b:d9:86:45:5e:81:97:d2:1e:44:1b:7c:
         b2:ff:ea:72:a5:dd:67:ba:66:6a:e8:8f:c4:6f:21:ab:7d:3d:
         1c:71:32:b8:ad:ae:f1:ee:ef:03:1b:3c:f6:64:61:bc:60:3a:
         8d:f8:cb:11:c1:ef:c5:fa:4c:d7:bb:a2:8e:91:36:12:3e:6d:
         27:da:af:fb:fc:3b:21:fa:ed:e5:e2:7f:41:a9:86:d2:68:0f:
         b3:0c:2d:61:3b:1b:f3:84:f4:1f:b6:7f:9a:4c:01:ff:de:2a:
         c4:06:47:98:ed:45:d4:e4:1a:9f:a2:24:f1:30:10:e8:b1:e5:
         4d:8e:67:46:57:f5:dd:29:9d:cc:d2:57:cc:2f:d4:c3:68:32:
         48:9e:35:dc:e2:3e:b9:3f:2b:e6:3d:bc:c3:82:6b:c9:84:d4:
         e2:c6:b4:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlq/9XmI5z7lF6jLh/SAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmUwY2MzMTQzZjk5YzVlNTU4MzZhM2ZmNmMwYjY2ZmMy
MGM0ZDUwHhcNMjYwNTE2MDcwMTA1WhcNMjYwNTE3MDcwMTA1WjAzMTEwLwYDVQQD
EyhiYWU0ZDdkMjVkYmUyN2FjYjAyMDM2ZjhjNjgwNTY4MTI4OTNmYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmejuf3ECROX6PlOoXnI/jyVgZa6
U0vBD1VMv201CHe0Xvu9cL2BnNKYGHTZVTmNf3h5dnZvkF7RnIQDNL2E0oilCC5t
6du/T4XGYSu+JQV1h/+NOkxpxbaBBMx+cgp/C4D7BEcKc0gQekETS9Eo4VYIPB2H
G0X+cfNl1g7NVCheaYvhBU1b3pg6yje+4MPxyEBjwtzBXYXpDlfqD2F516LsGHvG
BMeoja79SgfCBElomX6jY/nhgP8NvQTLy2mDflNnh+KX5LdrivYVS3cJT6C9RcuD
nDv+MniJ9Pfdr5cxjDPr05X0XmoWoEfMhSV7PNcoHsEcw3AUhZcACQS4EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrk19JdviessCA2+MaAVoEok/s5MB8GA1UdIwQY
MBaAFNn+DMMUP5nF5Vg2o/9sC2b8IMTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAt
MjYzMTk0OTZkN2RlLzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAtMjYzMTk0OTZkN2Rl
LzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOeQJPu9X
J2oOF965rPzqoADFKwQbriq5wnCBhB0JpeX4gAfaApt0wbE1ohrweqMxYtNEGZC/
HA/4WTjphl0pk65rRR9iIuDYemeOOBAa9Q11WRXFDf79BH2/q0TwX6z8C9mGRV6B
l9IeRBt8sv/qcqXdZ7pmauiPxG8hq309HHEyuK2u8e7vAxs89mRhvGA6jfjLEcHv
xfpM17uijpE2Ej5tJ9qv+/w7Ifrt5eJ/QamG0mgPswwtYTsb84T0H7Z/mkwB/94q
xAZHmO1F1OQan6Ik8TAQ6LHlTY5nRlf13SmdzNJXzC/Uw2gySJ413OI+uT8r5j28
w4JryYTU4sa0hQ==
-----END CERTIFICATE-----