Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          aSV31TUDFCpPjXFGynuYS+FpBKkXEPyzkYYbMIZL0rs=
Subject key identifier:   64:CC:4D:CE:A1:4E:58:5B:53:A2:A9:CD:6B:13:92:AA:3E:0E:DF:55
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       019D27046152598F28DB65BC8B8CF259A9A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 22:01:31 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:31 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:31 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: sxK7Fx5POxz8sft5VzQMa1UftwWSIzSQo+/tX1M7/dg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:61:52:59:8f:28:db:65:bc:8b:8c:f2:59:a9:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Mar 25 22:01:31 2026 GMT
            Not After : Mar 26 22:01:31 2026 GMT
        Subject: CN=64cc4dcea14e585b53a2a9cd6b1392aa3e0edf55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:be:14:e5:8b:b5:79:77:b3:b9:4b:3e:bd:4f:
                    6c:63:4d:ed:c2:5f:17:b2:b6:dd:ce:dc:dc:1b:84:
                    f4:1e:0f:99:bc:07:c5:42:fd:9b:9f:35:ce:b0:a5:
                    9c:f6:a5:5b:e9:9d:54:2a:0f:d1:65:83:f5:3a:40:
                    53:9c:aa:e2:51:ad:f6:e3:f3:58:2f:d2:d0:3c:4e:
                    4b:9f:88:35:1c:6a:7a:3e:9b:db:e1:53:e8:a2:40:
                    8d:00:2f:d2:5d:b8:62:6a:70:36:8b:2c:5b:ab:da:
                    3a:6e:24:37:97:24:6b:37:12:87:e6:0f:f1:3b:d0:
                    08:53:e3:95:4e:16:ca:8b:60:0b:5b:25:75:af:c2:
                    af:01:f1:f3:33:6c:ed:ad:20:c8:9e:71:96:28:81:
                    fd:31:40:c9:a0:ad:65:2b:f1:83:7e:a6:70:b5:66:
                    44:d3:ce:b8:81:87:27:6f:26:e3:86:0c:5f:b5:d0:
                    b8:5d:5e:7b:44:da:e0:32:c2:a6:28:d3:fb:01:11:
                    61:9f:24:80:e5:d7:43:6a:0c:70:c8:89:dc:c7:97:
                    5f:43:52:74:a3:0a:b8:cb:57:cd:ff:98:f2:28:04:
                    af:86:75:1b:8a:aa:d1:99:6a:a2:a5:8e:cd:1f:8f:
                    99:ea:e6:39:62:f6:d3:bb:4e:ba:93:d2:28:1b:a0:
                    03:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:CC:4D:CE:A1:4E:58:5B:53:A2:A9:CD:6B:13:92:AA:3E:0E:DF:55
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:84:2d:67:e6:05:66:40:67:0c:8e:7f:46:b4:df:fe:bb:c7:
         5f:53:2d:a7:5d:7a:99:93:e3:fd:bf:d1:07:19:fd:e6:33:8f:
         85:1c:e8:28:c6:37:fe:04:5e:62:52:87:17:de:26:ec:29:71:
         41:20:bc:31:e4:97:48:9a:10:67:aa:e7:5c:bf:c2:db:10:79:
         48:81:02:02:c0:a1:79:2f:1c:8d:36:35:f6:cc:54:6c:7e:97:
         bc:56:fc:28:cd:27:3c:e7:69:be:fe:06:bc:d5:f4:06:bb:4f:
         e1:88:3a:c2:8f:35:07:e8:2f:37:02:7c:35:1d:55:90:83:80:
         58:ee:e3:9c:81:3a:1f:52:35:44:92:1b:83:7e:5e:9b:b9:ac:
         5a:f2:da:c9:d1:f4:fe:d5:a2:04:e4:88:aa:eb:65:1f:44:71:
         f1:c4:72:b5:17:89:1d:2c:c1:ef:7a:2a:23:e7:0f:30:5a:37:
         d6:d7:4f:2a:3d:a0:aa:ff:d9:21:2f:0c:53:81:1f:c9:74:f2:
         05:19:c2:25:9d:ca:b2:af:d6:7a:5f:c3:83:52:7d:43:aa:03:
         9c:ca:9f:db:e4:05:b1:2c:54:62:41:77:76:60:c3:0b:ab:69:
         38:53:71:91:d7:b4:e2:e8:44:fe:4b:3d:43:35:55:db:f9:71:
         b6:69:90:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBGFSWY8o22W8i4zyWamnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjYwMzI1MjIwMTMxWhcNMjYwMzI2MjIwMTMxWjAzMTEwLwYDVQQD
Eyg2NGNjNGRjZWExNGU1ODViNTNhMmE5Y2Q2YjEzOTJhYTNlMGVkZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L4U5Yu1eXezuUs+vU9sY03twl8X
srbdztzcG4T0Hg+ZvAfFQv2bnzXOsKWc9qVb6Z1UKg/RZYP1OkBTnKriUa324/NY
L9LQPE5Ln4g1HGp6Ppvb4VPookCNAC/SXbhianA2iyxbq9o6biQ3lyRrNxKH5g/x
O9AIU+OVThbKi2ALWyV1r8KvAfHzM2ztrSDInnGWKIH9MUDJoK1lK/GDfqZwtWZE
0864gYcnbybjhgxftdC4XV57RNrgMsKmKNP7ARFhnySA5ddDagxwyIncx5dfQ1J0
owq4y1fN/5jyKASvhnUbiqrRmWqipY7NH4+Z6uY5YvbTu066k9IoG6ADkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGTMTc6hTlhbU6KpzWsTkqo+Dt9VMB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgYQtZ+YF
ZkBnDI5/RrTf/rvHX1Mtp116mZPj/b/RBxn95jOPhRzoKMY3/gReYlKHF94m7Clx
QSC8MeSXSJoQZ6rnXL/C2xB5SIECAsCheS8cjTY19sxUbH6XvFb8KM0nPOdpvv4G
vNX0BrtP4Yg6wo81B+gvNwJ8NR1VkIOAWO7jnIE6H1I1RJIbg35em7msWvLaydH0
/tWiBOSIqutlH0Rx8cRytReJHSzB73oqI+cPMFo31tdPKj2gqv/ZIS8MU4EfyXTy
BRnCJZ3Ksq/Wel/Dg1J9Q6oDnMqf2+QFsSxUYkF3dmDDC6tpOFNxkde04uhE/ks9
QzVV2/lxtmmQ5A==
-----END CERTIFICATE-----