Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          27hxvoPW/A//m0U0Atq18O3AX1XYR6AtEaTallGV1+4=
Subject key identifier:   19:C0:1B:4D:03:1E:AB:1D:A4:85:A6:A9:05:20:1D:18:F9:1D:31:F9
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       019E1F10C212B984A5BF8A2ADE1C142483FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0D13
Signing time:             Wed 13 May 2026 02:00:52 +0000
Manifest this update:     Wed 13 May 2026 02:00:52 +0000
Manifest next update:     Thu 14 May 2026 02:00:52 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: zjtqSvyngq9OVLfszQH9q057/C8LuF+d4+JExI1DEkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1f:10:c2:12:b9:84:a5:bf:8a:2a:de:1c:14:24:83:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: May 13 02:00:52 2026 GMT
            Not After : May 14 02:00:52 2026 GMT
        Subject: CN=19c01b4d031eab1da485a6a905201d18f91d31f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d9:09:7d:13:04:dc:b6:1c:19:b4:1e:86:f4:
                    c5:9e:c9:ff:23:9b:55:db:54:3f:39:43:ad:34:89:
                    41:4f:40:a8:b3:af:80:79:c2:00:7e:52:2c:07:86:
                    8f:f3:aa:7a:cf:91:0a:4c:29:c2:34:7a:2d:64:49:
                    23:bf:85:17:5b:21:a1:67:db:2e:ad:2f:b2:82:6f:
                    f3:0a:4e:b6:d3:75:f9:d6:7e:9c:29:70:5a:cd:0a:
                    44:12:6b:51:6c:01:12:10:53:2c:80:b7:aa:98:55:
                    b7:10:4f:71:84:3d:65:d3:bf:f9:4e:b3:6a:80:e8:
                    00:73:d2:d1:fc:1a:32:76:e2:aa:d8:da:ce:e6:8a:
                    d7:7e:59:ae:d9:d5:e7:57:d3:db:09:8e:16:14:bb:
                    ca:77:40:4f:b2:2b:e2:cf:01:f0:ab:2e:bb:be:d5:
                    ce:78:f1:84:be:89:aa:f7:58:f1:61:df:24:be:12:
                    6f:c0:48:00:ef:1d:ea:cc:ac:b1:50:87:b0:9e:59:
                    a3:e6:ae:fe:46:ef:59:c5:bd:58:0f:53:b5:2e:79:
                    08:10:c0:22:ff:c6:27:73:6c:bd:6f:db:6a:50:c3:
                    05:a8:d6:88:ac:a2:2f:13:bc:95:e1:63:b2:8d:11:
                    d2:bf:60:a7:76:69:47:31:02:37:41:38:02:f7:1b:
                    d1:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:C0:1B:4D:03:1E:AB:1D:A4:85:A6:A9:05:20:1D:18:F9:1D:31:F9
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:44:f3:36:4e:89:45:eb:b0:5c:09:48:12:ac:69:56:ad:b9:
         19:80:12:00:8d:f2:69:ca:34:54:c0:5c:b4:9a:21:48:07:53:
         09:9e:7f:15:66:c8:32:71:22:1c:10:5e:fc:f2:ea:82:39:77:
         a9:e8:f9:51:c1:06:1b:e6:d9:9c:82:68:56:ff:3e:bf:9f:5b:
         d4:db:8f:aa:11:67:76:c4:c1:16:fb:7c:c4:25:06:3d:9d:5b:
         4a:dc:9c:63:25:04:da:94:d8:9b:44:4c:19:09:d4:e0:54:0c:
         55:56:88:82:4a:c5:94:f0:d3:22:0c:ca:85:78:d6:f7:0f:fb:
         35:de:72:15:7c:97:1f:d2:ec:0c:42:ad:29:cb:aa:95:65:2b:
         a7:9f:a7:f2:33:28:35:7a:8b:5f:f6:ea:0e:da:4c:d6:86:b1:
         26:40:e8:03:7b:8d:eb:a7:a8:0c:e8:bd:5a:38:24:75:f6:e2:
         24:0e:34:d3:fa:5a:e0:6d:27:93:9c:20:ee:d8:87:3b:ac:5e:
         1a:9d:9a:64:4e:6b:99:78:fa:01:8e:ff:e0:00:cc:2e:0f:e3:
         84:b2:5f:92:ae:ad:29:3d:bc:8d:4c:7b:56:03:20:98:43:a8:
         a2:8b:c7:ce:9f:ef:99:df:f2:f9:8d:a6:07:a4:c3:67:58:23:
         7c:ec:52:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fEMISuYSlv4oq3hwUJIP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjYwNTEzMDIwMDUyWhcNMjYwNTE0MDIwMDUyWjAzMTEwLwYDVQQD
EygxOWMwMWI0ZDAzMWVhYjFkYTQ4NWE2YTkwNTIwMWQxOGY5MWQzMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNkJfRME3LYcGbQehvTFnsn/I5tV
21Q/OUOtNIlBT0Cos6+AecIAflIsB4aP86p6z5EKTCnCNHotZEkjv4UXWyGhZ9su
rS+ygm/zCk6203X51n6cKXBazQpEEmtRbAESEFMsgLeqmFW3EE9xhD1l07/5TrNq
gOgAc9LR/BoyduKq2NrO5orXflmu2dXnV9PbCY4WFLvKd0BPsivizwHwqy67vtXO
ePGEvomq91jxYd8kvhJvwEgA7x3qzKyxUIewnlmj5q7+Ru9Zxb1YD1O1LnkIEMAi
/8Ync2y9b9tqUMMFqNaIrKIvE7yV4WOyjRHSv2CndmlHMQI3QTgC9xvR2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBnAG00DHqsdpIWmqQUgHRj5HTH5MB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXUTzNk6J
ReuwXAlIEqxpVq25GYASAI3yaco0VMBctJohSAdTCZ5/FWbIMnEiHBBe/PLqgjl3
qej5UcEGG+bZnIJoVv8+v59b1NuPqhFndsTBFvt8xCUGPZ1bStycYyUE2pTYm0RM
GQnU4FQMVVaIgkrFlPDTIgzKhXjW9w/7Nd5yFXyXH9LsDEKtKcuqlWUrp5+n8jMo
NXqLX/bqDtpM1oaxJkDoA3uN66eoDOi9WjgkdfbiJA400/pa4G0nk5wg7tiHO6xe
Gp2aZE5rmXj6AY7/4ADMLg/jhLJfkq6tKT28jUx7VgMgmEOooovHzp/vmd/y+Y2m
B6TDZ1gjfOxSBg==
-----END CERTIFICATE-----