Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
File:                     2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft (raw, json)
Hash identifier:          ary87gJoZc5RyEDqx9ukQyZovyR3PI12KMNkZOucgu4=
Subject key identifier:   37:E4:DC:AF:EF:FB:F9:D6:EC:7B:17:2A:69:B1:DC:2A:32:BB:02:E6
Authority key identifier: DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
Certificate issuer:       /CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Certificate serial:       019E1F10F2D8383F0D6AC2A107C15F89B6F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
Manifest number:          0748
Signing time:             Wed 13 May 2026 02:01:04 +0000
Manifest this update:     Wed 13 May 2026 02:01:04 +0000
Manifest next update:     Thu 14 May 2026 02:01:04 +0000
Files and hashes:         1: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl (hash: AhVeJl7OxShNWLfcO+Gbrdf+Hbxj6y91SEtM+rtCs+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1f:10:f2:d8:38:3f:0d:6a:c2:a1:07:c1:5f:89:b6:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
        Validity
            Not Before: May 13 02:01:04 2026 GMT
            Not After : May 14 02:01:04 2026 GMT
        Subject: CN=37e4dcafeffbf9d6ec7b172a69b1dc2a32bb02e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e8:38:59:f1:69:56:a1:c4:19:ce:27:47:69:
                    0c:60:56:e1:67:20:8f:99:53:42:95:e4:8c:4b:40:
                    e6:3f:07:ba:b1:b6:d2:e1:5f:f8:4e:01:2f:75:d6:
                    80:f4:46:ed:24:a3:6d:d9:56:48:7f:29:66:08:65:
                    d0:d4:d2:b7:af:38:d0:9e:07:b7:da:ed:e6:45:46:
                    13:51:2b:51:66:8c:d5:4c:12:d0:5a:ab:b8:0c:2e:
                    ba:c6:35:17:07:b0:eb:f5:3b:29:6b:2f:7c:32:7d:
                    84:80:91:c4:a4:63:31:94:92:01:72:b9:81:28:ee:
                    eb:40:e5:bc:07:57:41:ee:a5:ee:5c:bd:71:86:3a:
                    c9:a1:18:5f:c9:16:8a:39:59:06:fa:2d:aa:df:72:
                    4f:6a:df:37:aa:97:7c:4a:d2:9c:bb:d7:d9:d8:68:
                    e8:7f:ff:06:e5:3a:ca:92:36:f2:be:98:3a:bf:c9:
                    c8:ab:bc:2f:7c:3e:55:9f:16:55:e5:1c:a2:7e:b6:
                    b0:ce:ad:bb:f4:b1:63:08:99:d5:31:66:e9:66:87:
                    1a:6e:75:3c:ee:50:f1:d2:e6:70:14:03:ad:02:e2:
                    dd:da:99:bb:c5:bb:6c:24:13:8b:74:1b:49:d0:fe:
                    40:45:a0:59:8b:1a:52:5f:25:9c:87:52:0c:c6:b1:
                    86:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:E4:DC:AF:EF:FB:F9:D6:EC:7B:17:2A:69:B1:DC:2A:32:BB:02:E6
            X509v3 Authority Key Identifier:
                keyid:DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:bb:64:87:a5:07:d3:0d:b6:57:df:4b:93:e6:7b:86:05:89:
         14:33:80:41:36:68:69:d0:74:2d:11:f8:6e:22:47:49:ed:29:
         14:97:a8:c7:cf:db:30:66:09:32:30:e8:69:ca:59:0b:04:95:
         fa:85:32:d4:fd:8e:2f:52:09:bd:14:f3:2e:22:8d:bb:3a:f4:
         87:b3:79:71:02:d6:d4:3f:0d:ad:95:94:c1:90:36:e6:9e:1d:
         b7:86:fc:66:7e:ae:ac:9d:ed:13:2f:4c:95:84:cc:b7:5b:06:
         ff:41:09:e4:c4:d5:49:20:d4:dd:43:5a:0b:5b:ba:ce:f1:e7:
         f2:ff:6b:a9:68:f8:9f:b5:ae:cd:bb:ff:20:67:c5:ca:a3:38:
         95:6f:ff:52:f3:1c:1a:de:68:02:c5:3a:af:83:5a:36:bd:29:
         d8:8d:ce:1c:29:96:8f:57:38:d7:f9:66:d7:16:d8:5e:bc:99:
         b4:d4:b4:6a:b2:27:66:c0:e5:e7:83:75:2a:17:a0:61:7b:3c:
         b7:6e:c5:fd:27:8f:48:15:9f:99:06:eb:95:d3:73:24:98:62:
         83:56:76:ab:80:c7:81:9c:d4:df:23:43:dd:bc:15:71:e7:f6:
         17:dd:49:e2:fd:53:79:bf:5b:4e:8f:ff:0e:59:cf:31:8b:a4:
         48:a9:7d:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fEPLYOD8NasKhB8FfibbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTY3YzU4YjRhNmZlMjEyZmMyMGZiNzU2OTQ5YWRkYzFh
OWE2MmMwHhcNMjYwNTEzMDIwMTA0WhcNMjYwNTE0MDIwMTA0WjAzMTEwLwYDVQQD
EygzN2U0ZGNhZmVmZmJmOWQ2ZWM3YjE3MmE2OWIxZGMyYTMyYmIwMmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOg4WfFpVqHEGc4nR2kMYFbhZyCP
mVNCleSMS0DmPwe6sbbS4V/4TgEvddaA9EbtJKNt2VZIfylmCGXQ1NK3rzjQnge3
2u3mRUYTUStRZozVTBLQWqu4DC66xjUXB7Dr9Tspay98Mn2EgJHEpGMxlJIBcrmB
KO7rQOW8B1dB7qXuXL1xhjrJoRhfyRaKOVkG+i2q33JPat83qpd8StKcu9fZ2Gjo
f/8G5TrKkjbyvpg6v8nIq7wvfD5VnxZV5Ryifrawzq279LFjCJnVMWbpZocabnU8
7lDx0uZwFAOtAuLd2pm7xbtsJBOLdBtJ0P5ARaBZixpSXyWch1IMxrGG+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfk3K/v+/nW7HsXKmmx3CoyuwLmMB8GA1UdIwQY
MBaAFNqmfFi0pv4hL8IPt1aUmt3BqaYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYt
NTBmMzRmNDM1ZjAzLzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYtNTBmMzRmNDM1ZjAz
LzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPLtkh6UH
0w22V99Lk+Z7hgWJFDOAQTZoadB0LRH4biJHSe0pFJeox8/bMGYJMjDoacpZCwSV
+oUy1P2OL1IJvRTzLiKNuzr0h7N5cQLW1D8NrZWUwZA25p4dt4b8Zn6urJ3tEy9M
lYTMt1sG/0EJ5MTVSSDU3UNaC1u6zvHn8v9rqWj4n7Wuzbv/IGfFyqM4lW//UvMc
Gt5oAsU6r4NaNr0p2I3OHCmWj1c41/lm1xbYXryZtNS0arInZsDl54N1KhegYXs8
t27F/SePSBWfmQbrldNzJJhig1Z2q4DHgZzU3yND3bwVcef2F91J4v1Teb9bTo//
DlnPMYukSKl9uw==
-----END CERTIFICATE-----