Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
File:                     2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft (raw, json)
Hash identifier:          rQZKzKQuFuOotfoYhVwEW/8UObOLYzvS62Z2To2fAo8=
Subject key identifier:   1F:1B:AD:02:B5:2D:6C:B3:0A:DE:F8:40:76:19:2D:CD:34:10:76:C6
Authority key identifier: D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5
Certificate issuer:       /CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
Certificate serial:       019D38663FCC39A32BEC2DC29ED2B2FE9075
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
Manifest number:          0D2D
Signing time:             Sun 29 Mar 2026 07:01:58 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:58 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:58 +0000
Files and hashes:         1: 2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl (hash: PmYjqbSxXIWUMo8yTrf82fnXA2ckdWIUNxwdx3G1uEQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:3f:cc:39:a3:2b:ec:2d:c2:9e:d2:b2:fe:90:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
        Validity
            Not Before: Mar 29 07:01:58 2026 GMT
            Not After : Mar 30 07:01:58 2026 GMT
        Subject: CN=1f1bad02b52d6cb30adef84076192dcd341076c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d5:3d:c4:3d:2e:4e:6e:76:3d:04:25:74:34:
                    40:8c:bc:e5:f8:07:80:1b:7e:4a:fe:73:b5:cc:3c:
                    d9:cc:08:e1:f3:44:06:94:87:4c:99:97:16:d3:da:
                    9a:f6:9e:a1:27:e2:77:0d:ac:39:d7:f5:18:33:56:
                    40:93:22:e4:f8:80:71:e5:2f:50:6f:09:d4:be:55:
                    f8:6d:a3:d4:4b:c7:9b:93:81:de:bb:37:84:7e:86:
                    1f:e8:8c:55:9f:90:c3:e3:f4:57:55:cf:68:8d:cc:
                    72:71:e5:d1:03:f6:52:02:7d:90:94:f9:9c:c0:8f:
                    99:40:02:71:39:0a:83:40:fb:4c:90:f8:a9:cd:53:
                    0c:38:98:2b:35:61:00:c6:b5:2c:01:68:58:bb:50:
                    d0:6e:20:97:bc:bd:2e:04:68:59:a7:0d:ec:68:66:
                    ec:3b:74:b7:ef:28:a8:3d:65:f8:2a:53:13:3c:39:
                    0c:1f:92:37:7d:85:7f:5a:7c:d3:6c:58:89:ef:86:
                    d6:56:6b:33:1a:fd:06:fa:c3:af:2c:d1:d6:a7:72:
                    80:50:27:8b:67:38:fb:9c:9b:4f:50:03:d3:8c:da:
                    a6:32:b5:1a:46:59:3a:6d:b8:c6:02:4d:4c:0c:45:
                    64:46:38:81:51:50:77:be:ef:69:81:aa:b8:bb:50:
                    80:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:1B:AD:02:B5:2D:6C:B3:0A:DE:F8:40:76:19:2D:CD:34:10:76:C6
            X509v3 Authority Key Identifier:
                keyid:D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:57:f3:a3:e0:ba:86:04:40:f9:19:dd:f5:8e:9f:a2:a3:9c:
         76:2f:ba:3b:c9:0a:68:ec:50:31:c3:00:00:e2:bb:6b:72:ab:
         a7:eb:4a:df:fb:85:75:a9:a1:ae:36:5d:ef:df:d2:33:8c:75:
         24:22:77:8a:2c:a2:44:c5:85:e2:39:9a:c1:a5:96:e7:a3:1a:
         e7:82:43:30:36:6f:27:a5:9f:4b:75:13:f5:54:50:a4:a9:c5:
         d1:e9:1d:b6:f4:3e:cf:7d:7f:8a:d0:3e:83:4f:36:34:45:03:
         7c:58:ac:bf:93:bc:27:23:93:07:4a:06:c2:b4:d1:72:cb:e5:
         f4:6f:62:39:be:1e:8c:64:4d:17:44:d7:9d:be:10:f7:06:27:
         9c:7d:09:58:2f:b0:14:a2:73:fb:e6:42:37:83:10:a0:09:81:
         79:76:09:48:09:8f:30:01:cd:5e:3f:f3:c3:1c:57:c0:62:21:
         6e:54:52:87:06:24:63:c8:eb:69:61:a5:f6:ef:fc:e6:93:0f:
         d3:f5:99:5a:72:ca:b3:97:27:70:54:4d:dd:2d:51:85:41:ae:
         2e:3c:50:e6:8f:64:6d:e3:b2:19:6c:05:8b:79:8a:86:f8:53:
         d4:f6:d6:dc:74:16:0b:7d:02:60:74:c8:9f:e0:3c:33:bb:90:
         18:5c:46:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zj/MOaMr7C3CntKy/pB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmUwY2MzMTQzZjk5YzVlNTU4MzZhM2ZmNmMwYjY2ZmMy
MGM0ZDUwHhcNMjYwMzI5MDcwMTU4WhcNMjYwMzMwMDcwMTU4WjAzMTEwLwYDVQQD
EygxZjFiYWQwMmI1MmQ2Y2IzMGFkZWY4NDA3NjE5MmRjZDM0MTA3NmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9U9xD0uTm52PQQldDRAjLzl+AeA
G35K/nO1zDzZzAjh80QGlIdMmZcW09qa9p6hJ+J3Daw51/UYM1ZAkyLk+IBx5S9Q
bwnUvlX4baPUS8ebk4HeuzeEfoYf6IxVn5DD4/RXVc9ojcxyceXRA/ZSAn2QlPmc
wI+ZQAJxOQqDQPtMkPipzVMMOJgrNWEAxrUsAWhYu1DQbiCXvL0uBGhZpw3saGbs
O3S37yioPWX4KlMTPDkMH5I3fYV/WnzTbFiJ74bWVmszGv0G+sOvLNHWp3KAUCeL
Zzj7nJtPUAPTjNqmMrUaRlk6bbjGAk1MDEVkRjiBUVB3vu9pgaq4u1CAPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8brQK1LWyzCt74QHYZLc00EHbGMB8GA1UdIwQY
MBaAFNn+DMMUP5nF5Vg2o/9sC2b8IMTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAt
MjYzMTk0OTZkN2RlLzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAtMjYzMTk0OTZkN2Rl
LzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhFfzo+C6
hgRA+Rnd9Y6foqOcdi+6O8kKaOxQMcMAAOK7a3Krp+tK3/uFdamhrjZd79/SM4x1
JCJ3iiyiRMWF4jmawaWW56Ma54JDMDZvJ6WfS3UT9VRQpKnF0ekdtvQ+z31/itA+
g082NEUDfFisv5O8JyOTB0oGwrTRcsvl9G9iOb4ejGRNF0TXnb4Q9wYnnH0JWC+w
FKJz++ZCN4MQoAmBeXYJSAmPMAHNXj/zwxxXwGIhblRShwYkY8jraWGl9u/85pMP
0/WZWnLKs5cncFRN3S1RhUGuLjxQ5o9kbeOyGWwFi3mKhvhT1PbW3HQWC30CYHTI
n+A8M7uQGFxGQg==
-----END CERTIFICATE-----