Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          H08DPZCHIsb8D/qCBiLssTzmwpyWi6LWRdeTQLxEJlE=
Subject key identifier:   93:47:1D:6C:AE:3B:85:1C:6A:16:2A:43:8F:6E:B3:36:F9:BC:F6:AF
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       019E1C4754AFFA63C9689693C172FE0C57B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          120A
Signing time:             Tue 12 May 2026 13:01:37 +0000
Manifest this update:     Tue 12 May 2026 13:01:37 +0000
Manifest next update:     Wed 13 May 2026 13:01:37 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: 8F8rBMHB6q4dsN8UfeVUV+CpvjJPv4ykC5u0FmisoZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:47:54:af:fa:63:c9:68:96:93:c1:72:fe:0c:57:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: May 12 13:01:37 2026 GMT
            Not After : May 13 13:01:37 2026 GMT
        Subject: CN=93471d6cae3b851c6a162a438f6eb336f9bcf6af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a7:77:e2:54:28:2d:ae:4c:4e:5a:47:56:28:
                    75:c4:f6:e8:ff:44:88:61:bf:c8:35:8a:c4:64:57:
                    dc:33:74:60:17:de:7b:3e:7e:1d:74:cf:aa:b7:88:
                    98:33:28:10:dd:aa:40:10:32:0e:ad:8c:41:1a:49:
                    1a:15:dc:c7:e0:c7:91:74:15:d4:00:3d:55:27:d1:
                    93:3f:5d:5e:b2:33:2e:1b:31:df:84:59:d4:8f:27:
                    df:f1:df:9d:00:0d:c2:f2:a8:56:e2:55:9d:3f:d8:
                    80:79:af:6e:3c:e2:0d:88:0d:0f:74:70:8d:15:3b:
                    3f:63:3c:cb:b0:83:48:a2:e5:94:14:a1:f9:18:d2:
                    ff:ca:38:7c:05:90:ec:8e:7b:4e:73:d9:f6:c2:59:
                    95:2a:1f:51:27:52:d7:2f:00:5f:24:85:2a:7b:58:
                    2e:df:3a:42:db:32:7d:63:51:94:3d:dc:39:24:d4:
                    db:23:81:59:f3:a8:68:aa:c8:fe:a7:1c:87:1f:b9:
                    3d:14:ca:cb:f3:e2:b6:b0:9d:b9:62:82:b8:b6:fa:
                    5d:55:87:c6:99:64:6f:8a:d7:6f:fa:44:86:f5:30:
                    ff:72:74:34:06:39:fa:81:4f:47:02:e5:bd:97:cc:
                    d9:5b:68:a1:39:aa:fc:35:f7:b3:92:35:e3:2a:8e:
                    24:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:47:1D:6C:AE:3B:85:1C:6A:16:2A:43:8F:6E:B3:36:F9:BC:F6:AF
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:2c:31:f6:48:3b:41:7e:2c:fc:c8:37:cc:57:0e:3d:de:d3:
         02:44:25:85:ef:e9:5d:27:9b:81:a6:25:f6:57:72:fc:97:ee:
         46:ed:7c:50:32:0c:81:e7:a5:d6:f1:de:d9:09:38:f8:6e:b6:
         d0:6a:7f:22:5c:a0:b1:99:8c:71:02:99:75:50:25:14:77:12:
         62:80:1f:68:5d:58:35:3a:8b:9f:a1:db:b5:20:e4:6f:89:36:
         88:f0:82:f4:94:a6:e1:43:9f:56:2a:7b:fb:e3:6f:64:98:7b:
         13:87:ae:df:45:85:0f:da:d1:87:ca:be:63:c9:5e:9d:72:01:
         f2:66:c4:6b:c2:12:c6:7b:79:9b:29:27:18:a8:a4:50:78:2b:
         54:f7:44:05:26:f7:c7:be:71:02:78:a2:39:21:8d:93:f3:55:
         83:b7:f7:82:9d:e7:28:6a:5f:32:3c:05:f8:f9:f0:54:ba:1a:
         70:b0:d2:b6:75:d1:b4:12:0b:3a:c1:b8:8b:d7:8b:9a:53:f4:
         73:6e:57:80:29:2a:19:b1:e3:9d:af:ca:66:e8:13:d3:62:87:
         51:41:d6:e3:54:5c:2e:16:bf:e5:ff:43:ec:f9:88:10:14:19:
         7a:a8:14:6d:fb:5a:e4:de:8a:81:af:2d:8b:02:3e:29:c0:27:
         52:66:9e:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cR1Sv+mPJaJaTwXL+DFexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjYwNTEyMTMwMTM3WhcNMjYwNTEzMTMwMTM3WjAzMTEwLwYDVQQD
Eyg5MzQ3MWQ2Y2FlM2I4NTFjNmExNjJhNDM4ZjZlYjMzNmY5YmNmNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6d34lQoLa5MTlpHVih1xPbo/0SI
Yb/INYrEZFfcM3RgF957Pn4ddM+qt4iYMygQ3apAEDIOrYxBGkkaFdzH4MeRdBXU
AD1VJ9GTP11esjMuGzHfhFnUjyff8d+dAA3C8qhW4lWdP9iAea9uPOINiA0PdHCN
FTs/YzzLsINIouWUFKH5GNL/yjh8BZDsjntOc9n2wlmVKh9RJ1LXLwBfJIUqe1gu
3zpC2zJ9Y1GUPdw5JNTbI4FZ86hoqsj+pxyHH7k9FMrL8+K2sJ25YoK4tvpdVYfG
mWRvitdv+kSG9TD/cnQ0Bjn6gU9HAuW9l8zZW2ihOar8NfezkjXjKo4kvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNHHWyuO4UcahYqQ49uszb5vPavMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdywx9kg7
QX4s/Mg3zFcOPd7TAkQlhe/pXSebgaYl9ldy/JfuRu18UDIMgeel1vHe2Qk4+G62
0Gp/IlygsZmMcQKZdVAlFHcSYoAfaF1YNTqLn6HbtSDkb4k2iPCC9JSm4UOfVip7
++NvZJh7E4eu30WFD9rRh8q+Y8lenXIB8mbEa8ISxnt5myknGKikUHgrVPdEBSb3
x75xAniiOSGNk/NVg7f3gp3nKGpfMjwF+PnwVLoacLDStnXRtBILOsG4i9eLmlP0
c25XgCkqGbHjna/KZugT02KHUUHW41RcLha/5f9D7PmIEBQZeqgUbfta5N6Kga8t
iwI+KcAnUmaegQ==
-----END CERTIFICATE-----