Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
File:                     2TLsITGy__Du_D-3jLxbjTLvHGE.mft (raw, json)
Hash identifier:          9asGK8trwQFyo0Gh9ZfhMMB5ziaXeHJi24sc0ddzkcw=
Subject key identifier:   C7:D7:3D:EB:4E:3B:EF:F1:CF:10:EE:AE:2D:8E:C7:34:67:9A:AB:14
Authority key identifier: D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61
Certificate issuer:       /CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
Certificate serial:       019D265F3EDFB9E15984030DE660E1692B74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
Manifest number:          1351
Signing time:             Wed 25 Mar 2026 19:01:09 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:09 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:09 +0000
Files and hashes:         1: 2TLsITGy__Du_D-3jLxbjTLvHGE.crl (hash: wZzkQ6j8KgrU5vIS+0bNNBiXQnZe3iWJnxNliWLHMeE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:3e:df:b9:e1:59:84:03:0d:e6:60:e1:69:2b:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
        Validity
            Not Before: Mar 25 19:01:09 2026 GMT
            Not After : Mar 26 19:01:09 2026 GMT
        Subject: CN=c7d73deb4e3beff1cf10eeae2d8ec734679aab14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:6b:d8:3d:72:95:fd:2b:c0:41:f4:ec:30:7c:
                    d8:06:45:d2:eb:e1:15:5e:6e:d3:04:bc:d8:57:93:
                    0c:f8:d7:18:66:47:9a:37:01:0b:f8:f8:93:57:46:
                    c4:c0:97:a1:c4:1e:92:9a:d3:bf:96:6f:e5:ab:81:
                    cb:6a:ff:ba:86:61:f9:20:be:04:4a:48:ec:fd:bd:
                    43:3a:fd:9e:4e:9f:a0:07:a0:0e:64:17:c7:93:a5:
                    7b:f0:ab:05:79:2d:61:42:26:a3:87:5e:98:95:25:
                    cf:95:a8:c3:2b:90:9c:7d:32:e4:34:91:5b:24:04:
                    fa:43:bf:73:75:1e:67:ce:d6:70:e4:67:82:30:cf:
                    ce:ef:30:5a:2f:e4:a5:2a:7e:c4:53:12:6b:17:01:
                    2d:aa:98:f2:90:09:11:cb:87:66:1e:e9:62:32:ce:
                    c6:66:03:b7:fa:19:12:33:ec:30:69:9f:be:5d:15:
                    7c:73:19:ef:e1:95:1c:52:ed:f0:0b:04:28:c8:f6:
                    e7:e8:c6:de:c4:27:39:60:c2:7d:44:59:d1:cd:63:
                    b0:0f:b3:f2:c3:69:2a:b1:f9:1f:9a:4d:cd:a6:05:
                    3c:b6:93:73:a1:37:2a:fe:cc:dc:2f:76:6f:db:3a:
                    28:a0:17:5f:3b:85:ec:cb:ea:1c:6f:5c:c7:89:9d:
                    23:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:D7:3D:EB:4E:3B:EF:F1:CF:10:EE:AE:2D:8E:C7:34:67:9A:AB:14
            X509v3 Authority Key Identifier:
                keyid:D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:82:e2:18:26:a0:ae:a5:05:45:fd:f8:8c:ac:29:96:c9:4e:
         32:a4:6f:e7:9b:de:45:ef:96:20:27:0e:f6:de:dd:b9:c9:48:
         98:21:a7:d7:e7:4e:cd:fb:15:9e:34:7c:c9:ea:5f:de:0e:54:
         7d:35:7f:82:57:ce:e6:28:33:68:c0:ef:38:90:e2:b4:f2:57:
         54:71:7b:57:42:b4:76:f1:29:dc:dc:a3:fa:ca:e1:76:7d:1b:
         a2:7c:ca:9c:db:8b:1b:a1:27:c4:60:d8:54:ef:7e:d2:0c:d0:
         77:d3:55:15:ce:0c:f9:61:28:4d:03:62:ee:46:f3:ab:41:6b:
         d4:a1:cf:ed:6d:4a:45:02:34:83:2f:28:11:77:b4:f7:e0:de:
         e4:c0:89:be:10:fc:c1:b6:ae:ea:d7:c3:7a:bb:7b:41:12:3a:
         12:19:4f:8f:c0:2f:5e:63:89:b4:82:43:61:80:a4:58:27:2d:
         8d:83:19:87:84:ad:f4:50:8d:50:a1:7d:4b:d7:bc:75:7c:e5:
         9c:03:03:5c:79:ef:92:58:6d:0c:1f:0c:20:f3:aa:c7:7e:8a:
         31:44:84:9c:56:99:83:6f:f7:fe:d0:e6:9d:ea:a1:f9:ae:ae:
         cf:65:29:51:77:33:27:22:ba:10:6d:fb:db:12:5c:02:a7:82:
         38:77:47:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXz7fueFZhAMN5mDhaSt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MzJlYzIxMzFiMmZmZjBlZWZjM2ZiNzhjYmM1YjhkMzJl
ZjFjNjEwHhcNMjYwMzI1MTkwMTA5WhcNMjYwMzI2MTkwMTA5WjAzMTEwLwYDVQQD
EyhjN2Q3M2RlYjRlM2JlZmYxY2YxMGVlYWUyZDhlYzczNDY3OWFhYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGvYPXKV/SvAQfTsMHzYBkXS6+EV
Xm7TBLzYV5MM+NcYZkeaNwEL+PiTV0bEwJehxB6SmtO/lm/lq4HLav+6hmH5IL4E
Skjs/b1DOv2eTp+gB6AOZBfHk6V78KsFeS1hQiajh16YlSXPlajDK5CcfTLkNJFb
JAT6Q79zdR5nztZw5GeCMM/O7zBaL+SlKn7EUxJrFwEtqpjykAkRy4dmHuliMs7G
ZgO3+hkSM+wwaZ++XRV8cxnv4ZUcUu3wCwQoyPbn6MbexCc5YMJ9RFnRzWOwD7Py
w2kqsfkfmk3NpgU8tpNzoTcq/szcL3Zv2zoooBdfO4Xsy+ocb1zHiZ0j1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMfXPetOO+/xzxDuri2OxzRnmqsUMB8GA1UdIwQY
MBaAFNky7CExsv/w7vw/t4y8W40y7xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzIt
ZjIyOTgwZTVjYTkyLzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzItZjIyOTgwZTVjYTky
LzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgoLiGCag
rqUFRf34jKwplslOMqRv55veRe+WICcO9t7duclImCGn1+dOzfsVnjR8yepf3g5U
fTV/glfO5igzaMDvOJDitPJXVHF7V0K0dvEp3Nyj+srhdn0bonzKnNuLG6EnxGDY
VO9+0gzQd9NVFc4M+WEoTQNi7kbzq0Fr1KHP7W1KRQI0gy8oEXe09+De5MCJvhD8
wbau6tfDert7QRI6EhlPj8AvXmOJtIJDYYCkWCctjYMZh4St9FCNUKF9S9e8dXzl
nAMDXHnvklhtDB8MIPOqx36KMUSEnFaZg2/3/tDmneqh+a6uz2UpUXczJyK6EG37
2xJcAqeCOHdHjQ==
-----END CERTIFICATE-----