Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          TF1/SoGokSQQT2MtjGR0sTyh41YCEUkbPbJpEfYKK+8=
Subject key identifier:   86:7D:84:52:3F:73:E9:85:64:3B:2C:9B:66:61:53:D4:77:DD:AE:EB
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       019D27039F990EBEBD5A8F36667B45F58980
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          118B
Signing time:             Wed 25 Mar 2026 22:00:41 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:41 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:41 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: 5jzhSYrCBL4nNZ+rX6ROVdGDEvlpAmELBWmHyCyqJXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:9f:99:0e:be:bd:5a:8f:36:66:7b:45:f5:89:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Mar 25 22:00:41 2026 GMT
            Not After : Mar 26 22:00:41 2026 GMT
        Subject: CN=867d84523f73e985643b2c9b666153d477ddaeeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:28:75:10:b6:c1:46:cc:fa:12:7a:8c:ea:12:
                    69:c5:24:c6:c0:76:4e:a0:d8:c1:e4:e4:f0:b5:8d:
                    5d:e0:d5:d6:d1:83:8a:92:e1:0b:c0:91:0d:85:95:
                    41:d9:80:05:47:53:d8:37:2c:a7:58:34:44:25:5e:
                    68:94:4d:ac:52:a9:08:da:10:3a:a0:7b:96:94:ee:
                    94:c0:34:c2:c2:ca:80:ab:34:c5:cf:b7:dc:da:18:
                    f1:d4:b1:15:54:30:45:7c:b3:53:1b:3b:37:fd:0a:
                    fa:e0:ce:96:d7:46:a0:c8:6a:3b:22:a4:ca:23:cb:
                    d5:5f:c6:0f:a1:ec:e6:1c:cb:3b:bd:92:7a:d2:dd:
                    3f:62:b4:3f:9f:76:29:c1:75:3b:d5:7a:50:a3:1d:
                    f0:c2:86:6c:1e:95:08:e5:ef:0a:41:5e:2d:2a:86:
                    31:0b:e7:2a:d0:e5:09:b5:fd:96:50:91:87:97:21:
                    30:68:2b:47:81:d1:4e:5e:a7:b7:34:20:2f:14:88:
                    05:e9:16:1e:b0:20:31:4e:2f:d2:13:e0:5c:b6:a7:
                    31:12:98:77:a4:e7:58:dd:8e:f1:8b:73:90:3a:cb:
                    ac:5b:05:e7:2d:a1:d9:54:ed:e5:08:57:24:b4:a9:
                    82:5b:26:59:14:ab:d3:39:55:11:ec:12:17:69:0d:
                    fb:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:7D:84:52:3F:73:E9:85:64:3B:2C:9B:66:61:53:D4:77:DD:AE:EB
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:e4:2d:e8:ce:4e:02:99:ae:9d:28:3f:8e:51:52:25:51:b6:
         79:06:74:7e:ff:1e:7b:cc:de:a5:b2:6a:f0:d9:b7:19:d9:5e:
         84:64:cb:d7:c2:ff:36:fd:ea:34:2b:50:b7:71:a8:d4:e2:9c:
         5c:95:0d:46:5b:e6:14:36:46:c4:9e:68:be:bd:e0:f4:bd:04:
         bd:75:7a:69:c8:10:f4:5a:cc:31:0f:71:9c:47:fc:b6:c5:d7:
         18:d8:22:4c:80:72:9b:e5:e4:0a:f2:ec:dd:a9:9b:3f:e8:84:
         68:6b:f2:80:d1:cc:ce:79:c0:51:d8:9c:10:5c:81:58:3d:51:
         f0:92:5a:2f:66:c9:8a:57:c3:b8:6b:6d:5c:40:ff:8d:85:6a:
         72:e6:ef:7d:80:bd:d2:f7:c3:c6:8d:93:57:14:d7:85:08:a9:
         74:e9:40:fd:e9:e7:0e:d7:0a:75:38:d7:51:cf:ff:a2:fc:4e:
         e9:8b:0b:4f:3c:d1:6f:ab:61:16:41:72:1a:24:de:6f:c2:0d:
         c7:f3:4c:ef:ce:5c:e8:dd:cf:ec:ca:f4:09:c9:06:ee:d6:77:
         55:51:b5:42:f0:8b:e3:f7:85:39:77:f6:8a:88:aa:02:d5:53:
         50:71:0d:e8:1d:c6:63:39:29:b1:e8:3c:5e:e6:f1:51:92:12:
         10:8f:d0:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA5+ZDr69Wo82ZntF9YmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjYwMzI1MjIwMDQxWhcNMjYwMzI2MjIwMDQxWjAzMTEwLwYDVQQD
Eyg4NjdkODQ1MjNmNzNlOTg1NjQzYjJjOWI2NjYxNTNkNDc3ZGRhZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyh1ELbBRsz6EnqM6hJpxSTGwHZO
oNjB5OTwtY1d4NXW0YOKkuELwJENhZVB2YAFR1PYNyynWDREJV5olE2sUqkI2hA6
oHuWlO6UwDTCwsqAqzTFz7fc2hjx1LEVVDBFfLNTGzs3/Qr64M6W10agyGo7IqTK
I8vVX8YPoezmHMs7vZJ60t0/YrQ/n3YpwXU71XpQox3wwoZsHpUI5e8KQV4tKoYx
C+cq0OUJtf2WUJGHlyEwaCtHgdFOXqe3NCAvFIgF6RYesCAxTi/SE+BctqcxEph3
pOdY3Y7xi3OQOsusWwXnLaHZVO3lCFcktKmCWyZZFKvTOVUR7BIXaQ37YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZ9hFI/c+mFZDssm2ZhU9R33a7rMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQeQt6M5O
ApmunSg/jlFSJVG2eQZ0fv8ee8zepbJq8Nm3GdlehGTL18L/Nv3qNCtQt3Go1OKc
XJUNRlvmFDZGxJ5ovr3g9L0EvXV6acgQ9FrMMQ9xnEf8tsXXGNgiTIBym+XkCvLs
3ambP+iEaGvygNHMznnAUdicEFyBWD1R8JJaL2bJilfDuGttXED/jYVqcubvfYC9
0vfDxo2TVxTXhQipdOlA/ennDtcKdTjXUc//ovxO6YsLTzzRb6thFkFyGiTeb8IN
x/NM785c6N3P7Mr0CckG7tZ3VVG1QvCL4/eFOXf2ioiqAtVTUHEN6B3GYzkpseg8
XubxUZISEI/QKw==
-----END CERTIFICATE-----