Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          SjjpSD4xR/p04UWnjrrd8cx7JgYEWZnARisxhbLqfhg=
Subject key identifier:   28:A0:C2:81:F8:F7:A9:C0:2F:BB:7F:EC:B3:78:F3:78:3C:B1:08:B9
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       019D26964BAB6156583AC3511DEF6CE82FF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          05EB
Signing time:             Wed 25 Mar 2026 20:01:17 +0000
Manifest this update:     Wed 25 Mar 2026 20:01:17 +0000
Manifest next update:     Thu 26 Mar 2026 20:01:17 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: nk0D4Fisb0l94q/H6DOAGsMaAL1p3CSi+/lFSf+XrxY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:96:4b:ab:61:56:58:3a:c3:51:1d:ef:6c:e8:2f:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: Mar 25 20:01:17 2026 GMT
            Not After : Mar 26 20:01:17 2026 GMT
        Subject: CN=28a0c281f8f7a9c02fbb7fecb378f3783cb108b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d9:45:07:33:db:d0:65:27:fc:c2:52:b8:78:
                    b9:fb:41:d2:0d:a4:a0:96:1c:14:be:5e:50:ef:c9:
                    d6:44:d3:a6:0d:79:e9:5b:1f:da:da:6b:db:50:1e:
                    55:f6:aa:77:80:82:dd:fe:5a:3c:0e:b5:3b:7a:2b:
                    71:9a:80:9b:d2:c0:4c:95:e3:31:cf:e1:0e:2f:71:
                    ca:ec:94:30:f2:ef:a9:5c:9a:4f:1b:15:28:33:8c:
                    a9:6f:09:a3:b4:d9:30:be:97:3a:2e:e0:4f:7b:2f:
                    af:3d:a6:75:88:49:86:62:a2:b0:d1:79:10:ee:a0:
                    52:9e:8e:be:ae:86:e1:b4:2c:75:ed:9d:1f:fb:76:
                    11:72:4c:81:98:63:f7:31:2d:2a:01:7d:b4:29:42:
                    7c:5c:51:a3:02:af:5f:bb:c2:a0:33:97:70:4f:3e:
                    63:10:c2:16:2d:da:7f:81:46:b6:59:99:5f:6b:b3:
                    93:fe:4f:e5:b3:e5:a2:20:47:12:50:56:20:da:20:
                    74:1c:d1:b8:18:a8:7c:36:c5:1f:b5:08:5b:16:00:
                    d9:03:69:4c:f7:d2:d8:00:d3:46:8d:7e:da:ee:e1:
                    f5:e3:29:86:d7:00:97:4d:23:7f:ff:70:a9:f1:e7:
                    07:10:66:b3:e9:44:12:a0:cf:a1:66:5b:79:e5:44:
                    48:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A0:C2:81:F8:F7:A9:C0:2F:BB:7F:EC:B3:78:F3:78:3C:B1:08:B9
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:38:d6:a1:fb:30:45:62:c1:87:c4:c8:39:79:a0:6d:51:f9:
         90:9b:ec:2c:df:c4:4f:7f:9d:1c:87:41:fb:73:db:d0:e2:6c:
         a7:75:ad:17:17:a0:c6:24:cf:c8:f3:97:82:0d:52:68:e5:5c:
         7e:3d:b1:0f:0e:f7:96:4e:bf:9b:68:51:0b:27:b2:a6:0d:4e:
         45:45:d6:07:b4:85:2d:33:e0:40:9b:95:b9:a9:c7:53:56:06:
         1a:8f:7e:f5:51:86:ed:d0:3e:da:16:42:38:ab:f1:4e:8b:cc:
         18:8f:b6:d6:5e:c7:b3:ca:5f:73:82:b2:48:e6:25:be:59:59:
         a4:e5:ca:28:99:4a:67:78:34:09:78:a0:4c:54:ee:b5:e7:fb:
         15:4a:53:8c:cd:2a:83:8b:5d:33:9a:49:72:f5:a4:9c:2b:7e:
         7d:84:d3:ff:0a:36:38:0f:2b:a7:73:9f:11:78:e7:97:48:8c:
         48:a5:fb:b5:23:3f:c0:21:61:b1:05:16:0e:3f:f8:29:f4:cf:
         cc:b7:85:93:06:1a:e7:df:16:cc:1d:99:cf:88:c2:09:62:eb:
         eb:1a:08:3d:61:29:25:b5:dd:99:c2:31:3f:e8:8b:e3:45:37:
         b9:47:20:a8:f2:9d:61:72:36:47:c5:f5:2a:89:69:f6:40:86:
         58:1e:99:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlkurYVZYOsNRHe9s6C/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjYwMzI1MjAwMTE3WhcNMjYwMzI2MjAwMTE3WjAzMTEwLwYDVQQD
EygyOGEwYzI4MWY4ZjdhOWMwMmZiYjdmZWNiMzc4ZjM3ODNjYjEwOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtlFBzPb0GUn/MJSuHi5+0HSDaSg
lhwUvl5Q78nWRNOmDXnpWx/a2mvbUB5V9qp3gILd/lo8DrU7eitxmoCb0sBMleMx
z+EOL3HK7JQw8u+pXJpPGxUoM4ypbwmjtNkwvpc6LuBPey+vPaZ1iEmGYqKw0XkQ
7qBSno6+robhtCx17Z0f+3YRckyBmGP3MS0qAX20KUJ8XFGjAq9fu8KgM5dwTz5j
EMIWLdp/gUa2WZlfa7OT/k/ls+WiIEcSUFYg2iB0HNG4GKh8NsUftQhbFgDZA2lM
99LYANNGjX7a7uH14ymG1wCXTSN//3Cp8ecHEGaz6UQSoM+hZlt55URIFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCigwoH496nAL7t/7LN483g8sQi5MB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAizjWofsw
RWLBh8TIOXmgbVH5kJvsLN/ET3+dHIdB+3Pb0OJsp3WtFxegxiTPyPOXgg1SaOVc
fj2xDw73lk6/m2hRCyeypg1ORUXWB7SFLTPgQJuVuanHU1YGGo9+9VGG7dA+2hZC
OKvxTovMGI+21l7Hs8pfc4KySOYlvllZpOXKKJlKZ3g0CXigTFTutef7FUpTjM0q
g4tdM5pJcvWknCt+fYTT/wo2OA8rp3OfEXjnl0iMSKX7tSM/wCFhsQUWDj/4KfTP
zLeFkwYa598WzB2Zz4jCCWLr6xoIPWEpJbXdmcIxP+iL40U3uUcgqPKdYXI2R8X1
Kolp9kCGWB6ZEg==
-----END CERTIFICATE-----