Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
File:                     2ma78NRZYjYmqZu-JCXgIHIJC08.mft (raw, json)
Hash identifier:          xE6ljqGQwzy2s7RkNB4ve9J4Yvji5xhRywxqdkwjs30=
Subject key identifier:   51:51:70:B9:5D:A7:F5:62:D7:6C:35:6B:17:11:99:3E:CD:B2:9B:E6
Authority key identifier: DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F
Certificate issuer:       /CN=da66bbf0d459623626a99bbe2425e02072090b4f
Certificate serial:       019E1E3583FF1DE09D4993F508623545F624
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
Manifest number:          03BA
Signing time:             Tue 12 May 2026 22:01:24 +0000
Manifest this update:     Tue 12 May 2026 22:01:24 +0000
Manifest next update:     Wed 13 May 2026 22:01:24 +0000
Files and hashes:         1: 2ma78NRZYjYmqZu-JCXgIHIJC08.crl (hash: U3MoZD9v5w/LDq/RbFIqPBGdEwq+ZkR933BwuZvP2xM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:83:ff:1d:e0:9d:49:93:f5:08:62:35:45:f6:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da66bbf0d459623626a99bbe2425e02072090b4f
        Validity
            Not Before: May 12 22:01:24 2026 GMT
            Not After : May 13 22:01:24 2026 GMT
        Subject: CN=515170b95da7f562d76c356b1711993ecdb29be6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:04:b0:ba:d6:cc:72:79:5b:7c:87:10:cc:af:
                    c2:6d:7e:11:cd:45:be:80:5e:0e:be:97:01:ee:53:
                    f3:f8:9d:82:a3:36:b5:5d:4b:7f:b5:6a:48:be:7e:
                    73:ee:8f:46:e6:08:09:ad:af:6e:86:c0:2b:5f:b0:
                    c7:93:39:02:84:3f:6c:e7:b0:7a:9e:1a:06:0b:b4:
                    99:9e:d9:8a:ba:97:db:f5:dd:3f:4f:14:51:63:43:
                    1c:e2:96:c8:38:78:77:37:23:7a:14:07:aa:bd:69:
                    e7:54:ca:14:b5:8b:1e:3e:e8:9d:86:ec:8c:e3:49:
                    2b:32:f5:f2:47:05:b4:af:c1:ec:b4:b3:4b:3e:e6:
                    c4:46:7e:c2:9c:b7:36:9c:25:32:73:55:03:cd:24:
                    26:af:a0:54:92:d2:15:81:68:ed:ab:48:ca:63:de:
                    65:60:da:7a:a8:6a:6c:94:df:db:77:17:d8:0c:f7:
                    08:2b:48:5c:00:f1:47:91:f1:d8:4a:96:be:a4:56:
                    19:52:02:71:27:9b:fd:fb:d5:04:22:69:40:64:6a:
                    28:a3:16:61:e0:39:26:86:30:a0:54:07:24:32:8b:
                    f2:e8:c6:12:60:26:37:81:73:ac:a7:b7:b6:21:92:
                    8d:87:3f:c5:5c:76:56:66:29:b5:e4:9d:b1:66:b1:
                    a9:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:51:70:B9:5D:A7:F5:62:D7:6C:35:6B:17:11:99:3E:CD:B2:9B:E6
            X509v3 Authority Key Identifier:
                keyid:DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:8c:4e:ea:5c:6b:c4:49:ae:e5:34:a3:3a:68:da:44:a6:ba:
         b9:56:ad:00:94:4c:2a:25:ff:bb:3c:bc:5a:bd:8f:0c:cf:e7:
         b5:5c:00:b5:3f:3d:38:96:b9:cd:3a:d4:c1:8e:92:b9:7e:b1:
         42:eb:f4:b3:3d:0f:1f:e4:7f:24:30:f0:bf:7a:a6:eb:56:1c:
         77:26:07:ea:ff:c3:cd:44:6b:4a:6e:a1:dd:20:5c:6b:0a:ec:
         43:54:7c:79:d7:aa:73:77:de:0b:6c:3f:59:3d:4f:e1:ec:d6:
         39:00:4f:78:ad:de:c8:0b:bf:2f:0c:a7:aa:84:b9:72:8e:b1:
         39:f5:3b:ba:c7:5d:80:18:98:af:25:61:c1:f5:99:25:d3:c7:
         76:b8:7f:7d:2b:a9:cb:ab:be:b0:23:59:a5:7d:57:14:36:b3:
         32:25:14:a0:56:ee:cf:d8:c1:a5:5d:e5:6f:63:fc:70:3f:15:
         c7:8b:1d:2b:c4:68:c1:82:8e:ad:e7:7a:51:76:4d:f9:dc:ec:
         21:38:af:26:05:e5:80:98:a5:4e:c5:b5:6c:94:02:b7:85:6d:
         c7:f9:8c:08:9c:e8:fa:1d:de:c8:9c:9f:74:3c:37:80:c8:a5:
         10:81:4f:8a:f1:69:ee:81:bb:e4:e2:e4:f9:6b:1b:bf:7b:0e:
         1e:11:4b:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNYP/HeCdSZP1CGI1RfYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjZiYmYwZDQ1OTYyMzYyNmE5OWJiZTI0MjVlMDIwNzIw
OTBiNGYwHhcNMjYwNTEyMjIwMTI0WhcNMjYwNTEzMjIwMTI0WjAzMTEwLwYDVQQD
Eyg1MTUxNzBiOTVkYTdmNTYyZDc2YzM1NmIxNzExOTkzZWNkYjI5YmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgSwutbMcnlbfIcQzK/CbX4RzUW+
gF4OvpcB7lPz+J2Coza1XUt/tWpIvn5z7o9G5ggJra9uhsArX7DHkzkChD9s57B6
nhoGC7SZntmKupfb9d0/TxRRY0Mc4pbIOHh3NyN6FAeqvWnnVMoUtYsePuidhuyM
40krMvXyRwW0r8HstLNLPubERn7CnLc2nCUyc1UDzSQmr6BUktIVgWjtq0jKY95l
YNp6qGpslN/bdxfYDPcIK0hcAPFHkfHYSpa+pFYZUgJxJ5v9+9UEImlAZGoooxZh
4DkmhjCgVAckMovy6MYSYCY3gXOsp7e2IZKNhz/FXHZWZim15J2xZrGp4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFFRcLldp/Vi12w1axcRmT7NspvmMB8GA1UdIwQY
MBaAFNpmu/DUWWI2JqmbviQl4CByCQtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAt
NWE0NzFlZGI4MDE4LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAtNWE0NzFlZGI4MDE4
LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbYxO6lxr
xEmu5TSjOmjaRKa6uVatAJRMKiX/uzy8Wr2PDM/ntVwAtT89OJa5zTrUwY6SuX6x
Quv0sz0PH+R/JDDwv3qm61YcdyYH6v/DzURrSm6h3SBcawrsQ1R8edeqc3feC2w/
WT1P4ezWOQBPeK3eyAu/LwynqoS5co6xOfU7usddgBiYryVhwfWZJdPHdrh/fSup
y6u+sCNZpX1XFDazMiUUoFbuz9jBpV3lb2P8cD8Vx4sdK8RowYKOred6UXZN+dzs
ITivJgXlgJilTsW1bJQCt4Vtx/mMCJzo+h3eyJyfdDw3gMilEIFPivFp7oG75OLk
+Wsbv3sOHhFL3w==
-----END CERTIFICATE-----