Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
File:                     2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft (raw, json)
Hash identifier:          QemTDqWb3Og44Aj3dUxxdnri5RjX3TEf/EebXbPeIRY=
Subject key identifier:   AF:CC:26:DE:40:F9:C4:38:8A:81:51:9D:22:1F:54:C1:A7:03:80:A8
Authority key identifier: DB:21:1B:E3:75:55:59:CA:10:25:20:C1:36:70:D0:85:80:D7:03:34
Certificate issuer:       /CN=db211be3755559ca102520c13670d08580d70334
Certificate serial:       019D390A2F4FCBD124ECAB95FD4FCBF8EA99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
Manifest number:          017C
Signing time:             Sun 29 Mar 2026 10:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 10:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 10:01:01 +0000
Files and hashes:         1: 2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl (hash: AB7kqKXOVygQfxu1CQSk3SnPx1vZp+OCUlqtQnfJedM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:2f:4f:cb:d1:24:ec:ab:95:fd:4f:cb:f8:ea:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db211be3755559ca102520c13670d08580d70334
        Validity
            Not Before: Mar 29 10:01:01 2026 GMT
            Not After : Mar 30 10:01:01 2026 GMT
        Subject: CN=afcc26de40f9c4388a81519d221f54c1a70380a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:35:37:c2:28:ce:62:90:dd:30:3a:77:b4:8d:
                    6f:b4:3c:5c:91:3b:9c:2f:97:30:63:d3:65:67:57:
                    4d:86:e0:fe:7f:91:99:b8:d6:40:49:b5:af:aa:e4:
                    5e:6d:4f:99:86:fd:ed:91:a5:38:08:95:b8:be:8d:
                    f7:75:56:2c:4d:4f:6f:fa:eb:c2:bf:ad:28:e6:fc:
                    6d:da:e5:93:52:da:e6:02:1d:d2:12:dc:d9:5a:15:
                    2b:07:a4:90:26:bd:57:e0:b1:40:69:ec:c6:36:b0:
                    5f:43:40:cb:f0:e4:1c:ec:c6:c7:c7:0b:0d:44:5b:
                    f9:0b:01:45:9b:3a:e9:1f:fe:4c:a7:e0:55:b6:c8:
                    2a:ac:89:c4:04:17:ed:4b:3d:42:a1:df:0e:38:f0:
                    cf:1b:e5:82:2b:e6:7f:fa:69:b2:50:15:69:a7:cd:
                    f4:21:7e:2e:91:5b:6f:0a:58:97:41:b9:d2:81:2e:
                    57:92:05:9f:62:3f:c7:90:85:fc:6b:97:db:f2:be:
                    8c:6f:cf:e5:78:40:2b:17:32:2c:53:b8:b7:78:e0:
                    12:73:8a:c5:4c:43:8e:34:d4:16:5c:5b:2c:9d:0b:
                    88:ea:31:c5:1b:68:c7:b0:47:e0:4c:e7:43:51:93:
                    bd:9e:db:08:54:a8:39:07:54:15:1c:73:00:ad:37:
                    db:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:CC:26:DE:40:F9:C4:38:8A:81:51:9D:22:1F:54:C1:A7:03:80:A8
            X509v3 Authority Key Identifier:
                keyid:DB:21:1B:E3:75:55:59:CA:10:25:20:C1:36:70:D0:85:80:D7:03:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:cb:a0:9f:d0:bb:23:d5:d4:1d:f0:81:ff:56:f3:dd:6f:b3:
         82:dc:9e:cd:77:2d:6b:c4:33:07:36:c3:76:30:dd:ed:51:69:
         73:a7:63:81:42:dd:37:b2:bb:8e:83:14:3c:e3:85:72:39:3a:
         13:fc:f4:87:7f:b4:c1:7c:26:9c:f1:6d:05:58:4b:70:9a:50:
         b1:45:8f:e0:96:a4:bf:fa:81:6f:05:6a:d7:47:75:8d:46:16:
         01:90:28:52:37:4f:d7:22:9d:d4:78:49:c0:22:52:6e:3b:1e:
         b4:e5:d0:e9:67:27:e2:25:4e:d7:bf:c0:7e:d2:56:d3:6a:69:
         4f:39:85:2b:4b:6a:be:37:d6:ed:00:bf:94:12:c7:2f:4a:2c:
         55:75:63:ff:92:1b:a1:27:9c:6c:46:2c:a6:3c:6c:2b:e8:d0:
         f5:7e:d5:dc:8e:07:34:b6:fa:ac:db:17:86:30:b1:79:85:a3:
         8d:d3:4c:0a:37:e0:8a:d5:96:28:80:30:8e:32:a3:4b:8c:52:
         11:50:cf:80:9f:ed:a0:77:90:30:7b:e7:da:27:8c:4f:d7:0f:
         8a:b7:f1:31:78:99:37:6e:ac:9f:5c:95:30:ef:72:10:37:87:
         b7:a0:e0:1a:94:4e:9e:74:d3:e5:e3:0f:09:12:18:d2:69:e2:
         75:e8:fa:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ci9Py9Ek7KuV/U/L+OqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjExYmUzNzU1NTU5Y2ExMDI1MjBjMTM2NzBkMDg1ODBk
NzAzMzQwHhcNMjYwMzI5MTAwMTAxWhcNMjYwMzMwMTAwMTAxWjAzMTEwLwYDVQQD
EyhhZmNjMjZkZTQwZjljNDM4OGE4MTUxOWQyMjFmNTRjMWE3MDM4MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjU3wijOYpDdMDp3tI1vtDxckTuc
L5cwY9NlZ1dNhuD+f5GZuNZASbWvquRebU+Zhv3tkaU4CJW4vo33dVYsTU9v+uvC
v60o5vxt2uWTUtrmAh3SEtzZWhUrB6SQJr1X4LFAaezGNrBfQ0DL8OQc7MbHxwsN
RFv5CwFFmzrpH/5Mp+BVtsgqrInEBBftSz1Cod8OOPDPG+WCK+Z/+mmyUBVpp830
IX4ukVtvCliXQbnSgS5XkgWfYj/HkIX8a5fb8r6Mb8/leEArFzIsU7i3eOASc4rF
TEOONNQWXFssnQuI6jHFG2jHsEfgTOdDUZO9ntsIVKg5B1QVHHMArTfbgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/MJt5A+cQ4ioFRnSIfVMGnA4CoMB8GA1UdIwQY
MBaAFNshG+N1VVnKECUgwTZw0IWA1wM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMTdjOWItNTc2Ny00ZWRkLTkwN2Mt
ODdhMTk0MWYxYmUzLzEvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMTdjOWItNTc2Ny00ZWRkLTkwN2MtODdhMTk0MWYxYmUz
LzEvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZMugn9C7
I9XUHfCB/1bz3W+zgtyezXcta8QzBzbDdjDd7VFpc6djgULdN7K7joMUPOOFcjk6
E/z0h3+0wXwmnPFtBVhLcJpQsUWP4Jakv/qBbwVq10d1jUYWAZAoUjdP1yKd1HhJ
wCJSbjsetOXQ6Wcn4iVO17/AftJW02ppTzmFK0tqvjfW7QC/lBLHL0osVXVj/5Ib
oSecbEYspjxsK+jQ9X7V3I4HNLb6rNsXhjCxeYWjjdNMCjfgitWWKIAwjjKjS4xS
EVDPgJ/toHeQMHvn2ieMT9cPirfxMXiZN26sn1yVMO9yEDeHt6DgGpROnnTT5eMP
CRIY0mnidej6ZQ==
-----END CERTIFICATE-----