Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          xjkqUxyIK5OZkU4Dj56M2hjq3NRh9pKlZKAQOcR8iEQ=
Subject key identifier:   22:29:56:59:5B:32:D7:C5:66:85:16:32:8B:4E:0A:F3:4F:79:DD:7F
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       019E1C46DCC544DDB2045D81E7846D69425D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          1901
Signing time:             Tue 12 May 2026 13:01:06 +0000
Manifest this update:     Tue 12 May 2026 13:01:06 +0000
Manifest next update:     Wed 13 May 2026 13:01:06 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: gCVXZHcOVquzRFMDv2lXzQKFYxgh0NExwKjV6Z6zZRY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:46:dc:c5:44:dd:b2:04:5d:81:e7:84:6d:69:42:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: May 12 13:01:06 2026 GMT
            Not After : May 13 13:01:06 2026 GMT
        Subject: CN=222956595b32d7c5668516328b4e0af34f79dd7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:9b:48:29:56:1f:7d:be:24:cb:a0:37:9c:60:
                    a0:5f:13:b0:f9:4e:b9:f4:87:fe:ca:6c:32:77:7b:
                    80:05:7d:37:f2:56:5d:82:04:a7:62:35:47:30:d1:
                    c0:73:19:d0:dc:0a:63:3b:58:6d:73:01:6e:20:44:
                    8f:de:e6:4c:3e:91:d0:3a:ca:e3:d9:84:97:20:dd:
                    1e:2a:93:6c:76:48:58:d3:af:8d:10:dd:62:d6:e4:
                    9e:02:e1:7c:ac:ab:d3:63:4c:52:45:b8:6b:24:69:
                    36:8f:f8:a1:3a:10:00:b6:0c:f4:a8:94:7c:b0:04:
                    92:ac:b6:75:33:fe:08:ab:e2:0c:a4:25:68:5c:44:
                    b2:b0:13:91:ad:7a:a0:95:0a:9c:0c:bb:3a:8e:5b:
                    5b:77:74:73:08:0a:4a:e1:b5:70:6a:46:8e:21:c6:
                    e8:95:e0:52:0e:70:cb:40:78:cf:8d:65:02:3c:ae:
                    5f:e9:8e:57:3b:16:a7:86:8d:88:e8:e8:70:50:52:
                    c3:77:48:f9:20:92:fe:ee:e3:f1:a3:c2:c5:22:67:
                    8e:8f:58:61:a6:79:a2:52:fb:96:d2:17:7a:0a:7f:
                    d2:3e:a9:72:1d:82:d2:0b:09:43:64:31:31:6a:58:
                    a9:aa:f3:a8:3d:74:5c:ed:7f:29:8e:1a:da:17:9f:
                    29:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:29:56:59:5B:32:D7:C5:66:85:16:32:8B:4E:0A:F3:4F:79:DD:7F
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:23:f0:5e:f0:11:36:ed:fd:20:29:24:42:f6:99:72:fd:7c:
         f7:2f:2b:9a:71:11:e0:16:a0:35:e9:00:87:95:35:08:ee:d8:
         8f:db:44:5a:49:a3:b8:e0:1b:3b:5b:86:a1:1f:17:a1:e7:10:
         b8:a6:a5:97:17:8e:85:da:dd:fb:7e:ca:2b:20:e8:6e:7e:be:
         e3:2e:4b:3c:b3:f8:02:62:0d:7b:c0:99:c5:4e:0e:13:54:6b:
         9e:df:27:6e:c0:a9:2a:07:0c:75:1b:f0:4c:c8:cf:eb:08:0e:
         f7:04:16:db:6f:15:22:5d:ed:e3:2f:07:01:26:f4:eb:73:d0:
         60:97:03:8e:1e:8d:6d:47:ef:06:95:76:5f:0a:95:c4:31:52:
         67:2e:80:ac:a2:11:3b:42:d2:29:19:41:57:97:2a:55:e9:db:
         e9:0b:c8:3f:a6:82:f8:1e:3e:36:2b:5e:fd:f0:8e:c2:d4:8d:
         77:31:c7:5e:0e:59:36:c1:fd:76:7f:cc:de:88:2e:f5:41:18:
         36:ec:4f:44:d4:78:61:27:69:fd:26:1a:f7:eb:9c:85:17:ea:
         68:09:c5:a4:18:d8:07:ae:24:c0:85:f0:db:04:84:47:55:d2:
         71:65:a8:96:f5:91:58:26:79:84:7b:c3:02:96:79:7c:6b:58:
         ac:e2:57:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRtzFRN2yBF2B54RtaUJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjYwNTEyMTMwMTA2WhcNMjYwNTEzMTMwMTA2WjAzMTEwLwYDVQQD
EygyMjI5NTY1OTViMzJkN2M1NjY4NTE2MzI4YjRlMGFmMzRmNzlkZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15tIKVYffb4ky6A3nGCgXxOw+U65
9If+ymwyd3uABX038lZdggSnYjVHMNHAcxnQ3ApjO1htcwFuIESP3uZMPpHQOsrj
2YSXIN0eKpNsdkhY06+NEN1i1uSeAuF8rKvTY0xSRbhrJGk2j/ihOhAAtgz0qJR8
sASSrLZ1M/4Iq+IMpCVoXESysBORrXqglQqcDLs6jltbd3RzCApK4bVwakaOIcbo
leBSDnDLQHjPjWUCPK5f6Y5XOxanho2I6OhwUFLDd0j5IJL+7uPxo8LFImeOj1hh
pnmiUvuW0hd6Cn/SPqlyHYLSCwlDZDExalipqvOoPXRc7X8pjhraF58pfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIpVllbMtfFZoUWMotOCvNPed1/MB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqiPwXvAR
Nu39ICkkQvaZcv189y8rmnER4BagNekAh5U1CO7Yj9tEWkmjuOAbO1uGoR8XoecQ
uKallxeOhdrd+37KKyDobn6+4y5LPLP4AmINe8CZxU4OE1Rrnt8nbsCpKgcMdRvw
TMjP6wgO9wQW228VIl3t4y8HASb063PQYJcDjh6NbUfvBpV2XwqVxDFSZy6ArKIR
O0LSKRlBV5cqVenb6QvIP6aC+B4+Nite/fCOwtSNdzHHXg5ZNsH9dn/M3ogu9UEY
NuxPRNR4YSdp/SYa9+uchRfqaAnFpBjYB64kwIXw2wSER1XScWWolvWRWCZ5hHvD
ApZ5fGtYrOJXKg==
-----END CERTIFICATE-----