Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          8RLPnmd1/BmwXSQNUBVuVxZqZZqi9U6Lunc4z5p8jPY=
Subject key identifier:   F8:8A:F3:A2:AD:BF:11:B6:AD:16:92:FF:C5:5D:28:41:AC:67:24:A8
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       019E1BD935584326E6C38EBFBCC4BFF994FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          066A
Signing time:             Tue 12 May 2026 11:01:20 +0000
Manifest this update:     Tue 12 May 2026 11:01:20 +0000
Manifest next update:     Wed 13 May 2026 11:01:20 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: WoZuE2rICy3eildc58OE/5aKeqolOH8WtaN5LxM9qq4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 11:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1b:d9:35:58:43:26:e6:c3:8e:bf:bc:c4:bf:f9:94:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: May 12 11:01:20 2026 GMT
            Not After : May 13 11:01:20 2026 GMT
        Subject: CN=f88af3a2adbf11b6ad1692ffc55d2841ac6724a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:bc:cd:f0:e9:53:df:40:12:5e:f6:7a:66:bb:
                    bc:03:38:b2:72:14:42:c7:dd:ec:2f:4e:33:e7:fb:
                    61:94:39:a4:d5:6b:33:9a:6a:d7:be:21:ea:59:c6:
                    63:55:e8:27:fd:c6:40:76:36:3c:15:e2:2e:25:42:
                    fc:c8:10:83:fe:d7:e3:68:d1:6c:47:f0:44:fa:a0:
                    27:77:eb:28:b1:29:4f:70:ec:6a:02:c5:99:ac:73:
                    a4:a3:3e:5a:b5:5d:ca:b1:c4:eb:87:04:da:44:a3:
                    3d:bd:81:87:28:5c:ef:02:52:be:81:be:5b:db:e7:
                    1c:b5:0c:0c:2d:27:d8:54:6d:51:cb:f3:32:13:26:
                    2e:02:a5:51:5a:28:c4:8f:3b:40:77:87:12:0d:18:
                    46:79:2a:cf:28:74:23:a0:03:20:de:7b:c7:e9:3c:
                    77:92:37:c7:6c:ef:6a:d9:09:36:28:5f:ac:7a:85:
                    7a:8c:91:5d:63:99:1a:5f:76:c6:4b:0a:8b:6d:33:
                    2c:44:27:54:90:7d:2b:20:54:05:0e:e3:25:76:37:
                    dd:55:5e:26:79:40:64:bc:e1:5e:05:9a:6b:75:ab:
                    1b:12:d5:ed:9c:45:39:9a:aa:7a:a6:ab:76:b5:85:
                    e6:c7:3b:a1:ea:54:bc:a2:25:8f:fb:e3:5d:8b:9a:
                    2d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:8A:F3:A2:AD:BF:11:B6:AD:16:92:FF:C5:5D:28:41:AC:67:24:A8
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:d9:d5:3c:92:de:8e:1f:7c:1c:9b:41:14:af:f8:d6:2a:5b:
         46:3c:1b:e6:71:d3:6b:18:33:01:ad:40:18:56:fc:13:ae:4b:
         5a:bc:20:3c:64:51:ad:9d:b6:24:ce:1f:2b:9b:4a:5e:cb:9b:
         a4:b9:18:ad:8b:60:9c:1f:8a:48:31:d7:a5:83:40:3c:29:23:
         84:ff:f8:8c:a0:4b:4c:31:16:98:e9:01:b1:d7:c5:e8:19:59:
         32:0f:90:7b:f6:d7:a1:b0:d6:02:b4:e5:6e:4f:41:e6:e4:78:
         3b:59:52:f1:73:04:f4:f8:24:ab:6f:d7:94:e7:ff:3d:2e:03:
         40:26:99:2c:50:cd:d1:af:dd:3c:7b:67:94:5c:0a:fd:87:a9:
         74:d9:b3:e2:cc:17:20:d2:b7:4e:51:1d:92:f4:38:06:1d:04:
         65:e6:86:53:bd:c6:af:f3:6c:d1:9a:c9:93:5c:29:ff:24:19:
         a7:c2:2e:8a:c1:36:dc:0b:96:d5:5a:3c:d8:69:2d:61:a4:39:
         58:d2:1e:83:21:e2:df:f4:43:95:4c:b2:80:83:3a:65:a5:f5:
         c1:3e:6c:3e:b7:b5:d9:cc:f2:a0:07:ce:dd:10:96:38:31:45:
         1a:52:02:14:d5:3e:9f:df:8d:25:db:17:7b:d7:b9:6f:67:e3:
         95:df:79:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4b2TVYQybmw46/vMS/+ZT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjYwNTEyMTEwMTIwWhcNMjYwNTEzMTEwMTIwWjAzMTEwLwYDVQQD
EyhmODhhZjNhMmFkYmYxMWI2YWQxNjkyZmZjNTVkMjg0MWFjNjcyNGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbzN8OlT30ASXvZ6Zru8AziychRC
x93sL04z5/thlDmk1WszmmrXviHqWcZjVegn/cZAdjY8FeIuJUL8yBCD/tfjaNFs
R/BE+qAnd+sosSlPcOxqAsWZrHOkoz5atV3KscTrhwTaRKM9vYGHKFzvAlK+gb5b
2+cctQwMLSfYVG1Ry/MyEyYuAqVRWijEjztAd4cSDRhGeSrPKHQjoAMg3nvH6Tx3
kjfHbO9q2Qk2KF+seoV6jJFdY5kaX3bGSwqLbTMsRCdUkH0rIFQFDuMldjfdVV4m
eUBkvOFeBZprdasbEtXtnEU5mqp6pqt2tYXmxzuh6lS8oiWP++Ndi5ot7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPiK86KtvxG2rRaS/8VdKEGsZySoMB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAptnVPJLe
jh98HJtBFK/41ipbRjwb5nHTaxgzAa1AGFb8E65LWrwgPGRRrZ22JM4fK5tKXsub
pLkYrYtgnB+KSDHXpYNAPCkjhP/4jKBLTDEWmOkBsdfF6BlZMg+Qe/bXobDWArTl
bk9B5uR4O1lS8XME9Pgkq2/XlOf/PS4DQCaZLFDN0a/dPHtnlFwK/YepdNmz4swX
INK3TlEdkvQ4Bh0EZeaGU73Gr/Ns0ZrJk1wp/yQZp8IuisE23AuW1Vo82GktYaQ5
WNIegyHi3/RDlUyygIM6ZaX1wT5sPre12czyoAfO3RCWODFFGlICFNU+n9+NJdsX
e9e5b2fjld95mA==
-----END CERTIFICATE-----