Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          IgiIBcquujzxJZg4ausQCsTLeReR6sOR0HT1qOZOexc=
Subject key identifier:   10:D4:99:AA:80:45:E8:F6:AF:09:4A:46:4A:9F:46:A4:56:52:5A:14
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       019E1E358D19EBE03C73E22FA2FFAFF76FA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0D14
Signing time:             Tue 12 May 2026 22:01:26 +0000
Manifest this update:     Tue 12 May 2026 22:01:26 +0000
Manifest next update:     Wed 13 May 2026 22:01:26 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: h0wuSG9pGxA7nlPIOLxsJ9ygKMZSFv6tRpGQ2wfSCu4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:8d:19:eb:e0:3c:73:e2:2f:a2:ff:af:f7:6f:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: May 12 22:01:26 2026 GMT
            Not After : May 13 22:01:26 2026 GMT
        Subject: CN=10d499aa8045e8f6af094a464a9f46a456525a14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:4d:16:c3:39:b2:8e:84:1b:2f:31:97:44:ec:
                    d3:ee:3e:c1:b2:5a:c7:c0:bd:9b:d5:a9:c4:27:bb:
                    fc:99:98:09:8a:09:a3:a0:e1:9c:6f:b9:95:69:a3:
                    2e:71:57:cd:b4:3e:b4:92:c0:48:9d:a7:20:56:56:
                    6f:6d:7e:83:9f:4b:36:1e:6b:b4:b6:c9:59:61:83:
                    24:d0:38:9e:e0:ce:28:91:88:fc:fb:19:06:34:a7:
                    02:7b:bd:ca:2a:f2:3d:55:64:69:ed:68:8e:09:76:
                    6a:89:d3:46:d2:45:e5:33:e9:94:54:b0:0d:6f:93:
                    ed:f0:d9:3f:82:20:be:2c:60:fc:a4:7a:7e:f7:73:
                    c9:5b:d1:86:69:a6:f5:3e:4c:14:9b:4b:ae:6b:bb:
                    b2:4a:d2:a4:17:88:93:15:37:1b:cc:03:32:11:b8:
                    0e:c2:ff:85:35:4c:ce:43:ec:56:e3:ee:e7:cc:03:
                    c8:3a:8b:98:21:2d:ca:af:d2:07:a6:b8:f2:bb:9e:
                    50:35:b3:00:d1:7d:0d:12:8e:33:c9:33:34:e6:62:
                    ac:0d:54:19:ff:49:ad:5f:f7:4d:85:6f:d4:72:81:
                    23:bf:d9:db:1d:06:d7:b8:d5:e4:74:40:76:7f:b7:
                    e0:5a:32:00:54:4b:82:77:00:3d:ca:0b:7c:67:eb:
                    23:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:D4:99:AA:80:45:E8:F6:AF:09:4A:46:4A:9F:46:A4:56:52:5A:14
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:97:7a:ef:30:c4:ab:f8:d0:f6:70:a7:a3:c9:a6:7b:48:34:
         55:a3:97:b4:d1:a1:3a:fd:54:a5:4d:05:45:98:0d:2b:e5:73:
         cb:32:9f:64:55:bc:5f:c8:4c:75:84:24:7f:f7:d7:49:fe:5d:
         42:c0:05:3c:ec:d1:17:49:4e:a9:d4:40:c1:91:0a:ca:b0:a8:
         bf:48:35:cf:6f:54:2b:9a:40:38:bd:0e:d1:06:d2:3b:43:c9:
         ff:d7:3b:e1:f3:da:09:22:69:7e:dc:4c:db:0c:cf:66:b7:8e:
         9d:45:b7:89:f6:fc:6d:b3:26:fe:5b:83:15:02:70:4a:e3:bb:
         36:c2:74:c5:69:58:97:f4:ab:0d:18:c1:3d:09:f4:42:b8:87:
         4e:3d:10:d1:5e:dc:84:42:d4:b8:58:96:f7:70:4f:c1:ca:9b:
         6b:5e:3a:4b:e2:c5:f5:c7:ed:87:db:37:21:9a:cb:db:20:59:
         c1:ff:f3:45:1d:84:43:5c:26:bd:8a:21:d9:02:27:2a:c1:77:
         ec:71:4f:40:78:23:71:21:40:41:ed:48:99:45:37:b3:1d:8a:
         f5:3b:59:8f:44:12:71:7a:10:30:79:a0:ee:e7:ee:cc:57:94:
         a1:41:93:10:cf:93:64:64:c0:32:e4:2a:cd:97:25:7e:02:34:
         90:21:83:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNY0Z6+A8c+Ivov+v92+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjYwNTEyMjIwMTI2WhcNMjYwNTEzMjIwMTI2WjAzMTEwLwYDVQQD
EygxMGQ0OTlhYTgwNDVlOGY2YWYwOTRhNDY0YTlmNDZhNDU2NTI1YTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2E0WwzmyjoQbLzGXROzT7j7BslrH
wL2b1anEJ7v8mZgJigmjoOGcb7mVaaMucVfNtD60ksBInacgVlZvbX6Dn0s2Hmu0
tslZYYMk0Die4M4okYj8+xkGNKcCe73KKvI9VWRp7WiOCXZqidNG0kXlM+mUVLAN
b5Pt8Nk/giC+LGD8pHp+93PJW9GGaab1PkwUm0uua7uyStKkF4iTFTcbzAMyEbgO
wv+FNUzOQ+xW4+7nzAPIOouYIS3Kr9IHprjyu55QNbMA0X0NEo4zyTM05mKsDVQZ
/0mtX/dNhW/UcoEjv9nbHQbXuNXkdEB2f7fgWjIAVEuCdwA9ygt8Z+sj5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDUmaqARej2rwlKRkqfRqRWUloUMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtJd67zDE
q/jQ9nCno8mme0g0VaOXtNGhOv1UpU0FRZgNK+VzyzKfZFW8X8hMdYQkf/fXSf5d
QsAFPOzRF0lOqdRAwZEKyrCov0g1z29UK5pAOL0O0QbSO0PJ/9c74fPaCSJpftxM
2wzPZreOnUW3ifb8bbMm/luDFQJwSuO7NsJ0xWlYl/SrDRjBPQn0QriHTj0Q0V7c
hELUuFiW93BPwcqba146S+LF9cfth9s3IZrL2yBZwf/zRR2EQ1wmvYoh2QInKsF3
7HFPQHgjcSFAQe1ImUU3sx2K9TtZj0QScXoQMHmg7ufuzFeUoUGTEM+TZGTAMuQq
zZclfgI0kCGDOQ==
-----END CERTIFICATE-----