Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
File:                     1MiI65YKABkAwnleiq-iaPYC2EI.mft (raw, json)
Hash identifier:          HN40BbVPFfJFPcEVoHKNdKtNoFCOxMa8F0hsz3/7Xf8=
Subject key identifier:   C5:B6:24:81:D2:78:D8:D3:3A:B2:F0:EB:DC:E1:77:48:F6:3F:CF:CD
Authority key identifier: D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42
Certificate issuer:       /CN=d4c888eb960a001900c2795e8aafa268f602d842
Certificate serial:       019E1E358D776EF1BAE06F9BEE123A41C4E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
Manifest number:          0E12
Signing time:             Tue 12 May 2026 22:01:26 +0000
Manifest this update:     Tue 12 May 2026 22:01:26 +0000
Manifest next update:     Wed 13 May 2026 22:01:26 +0000
Files and hashes:         1: 1MiI65YKABkAwnleiq-iaPYC2EI.crl (hash: BTgsvS5q6vdZ2f2TsePdGgTW01/N4HsH3kZEU9eItqg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:8d:77:6e:f1:ba:e0:6f:9b:ee:12:3a:41:c4:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4c888eb960a001900c2795e8aafa268f602d842
        Validity
            Not Before: May 12 22:01:26 2026 GMT
            Not After : May 13 22:01:26 2026 GMT
        Subject: CN=c5b62481d278d8d33ab2f0ebdce17748f63fcfcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:f0:fb:36:c8:ed:44:b2:64:92:4d:05:e0:2d:
                    68:a7:92:f0:d4:97:42:e9:5f:b1:13:9b:ff:04:44:
                    e8:fc:4d:c5:a6:df:52:1f:0d:1e:23:e5:79:78:39:
                    53:78:94:fb:36:af:9e:d2:e0:69:27:43:4f:f8:68:
                    61:69:f1:e4:21:be:fd:b9:9a:8e:ba:7a:a9:0c:0d:
                    45:88:01:38:a2:37:39:dc:7c:20:9f:de:ad:52:f7:
                    a3:76:8e:b7:5a:c5:45:00:9b:42:53:28:c8:c0:fe:
                    8a:aa:8a:f8:75:75:e1:30:c7:6c:41:53:0d:84:c3:
                    2f:df:b4:cc:6e:f2:41:67:12:a7:07:59:2f:58:28:
                    f2:41:8d:33:3d:d3:28:7a:a0:de:18:2d:ab:47:95:
                    69:1c:55:3b:cf:fb:a4:10:42:a8:04:29:8c:6b:26:
                    1a:51:a0:8f:0b:2c:25:65:de:5e:ca:e9:72:d5:0b:
                    f9:3a:ac:05:d0:41:cb:38:e2:24:a6:ba:5c:8e:0e:
                    bf:34:a1:1a:b2:eb:f4:e1:ed:d2:e1:7e:cd:63:af:
                    8b:b2:57:d8:ca:4e:b7:37:9f:2e:92:e0:ee:02:1f:
                    45:6b:22:7d:8e:e7:e4:ef:ae:92:ec:05:60:8a:84:
                    d3:24:7c:5a:2e:45:6f:0c:6f:2b:b8:8d:08:ca:bf:
                    21:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:B6:24:81:D2:78:D8:D3:3A:B2:F0:EB:DC:E1:77:48:F6:3F:CF:CD
            X509v3 Authority Key Identifier:
                keyid:D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:d8:bd:4f:2a:88:dc:ce:bf:c5:a3:b9:4b:7f:12:21:22:d5:
         85:6f:fc:b0:1f:bf:81:3d:c0:4a:e5:5b:04:7b:8f:0f:ae:61:
         d5:09:1d:cf:be:b4:ab:de:cb:92:50:c3:f6:a7:d7:d4:78:2b:
         ec:17:eb:a2:d3:c4:f7:6c:55:50:dc:8c:d0:b5:62:86:cd:24:
         c3:5c:f0:ef:98:75:e0:92:33:0b:d9:22:33:31:3a:c4:9d:50:
         81:b5:5a:e1:86:cc:1d:39:a1:8f:64:b0:59:9e:e5:ed:ce:eb:
         67:ae:36:5e:3f:0b:3e:ff:c3:60:ac:e5:42:49:dd:59:9e:b8:
         86:c8:7d:18:cb:93:7d:e7:be:de:5b:e0:83:bc:44:95:61:e4:
         0e:bb:1a:a9:2b:b3:da:c1:5d:b8:9c:5f:0a:e7:f4:77:e8:89:
         d8:88:20:32:a7:3d:48:0c:3c:ca:d4:32:89:97:4b:a3:1c:67:
         99:ef:d8:94:8b:7e:16:be:a4:9e:b4:96:41:88:de:89:19:41:
         b1:80:88:ae:4c:c0:a3:82:d6:9d:ad:91:9b:9a:05:d6:ba:cc:
         54:4b:58:39:1c:68:2a:6b:e3:2e:3c:8f:de:e7:7f:25:2a:67:
         71:87:da:1b:aa:69:95:f3:cf:55:8d:8f:f0:14:a6:90:c0:77:
         0e:fa:2f:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNY13bvG64G+b7hI6QcTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yzg4OGViOTYwYTAwMTkwMGMyNzk1ZThhYWZhMjY4ZjYw
MmQ4NDIwHhcNMjYwNTEyMjIwMTI2WhcNMjYwNTEzMjIwMTI2WjAzMTEwLwYDVQQD
EyhjNWI2MjQ4MWQyNzhkOGQzM2FiMmYwZWJkY2UxNzc0OGY2M2ZjZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PD7NsjtRLJkkk0F4C1op5Lw1JdC
6V+xE5v/BETo/E3Fpt9SHw0eI+V5eDlTeJT7Nq+e0uBpJ0NP+GhhafHkIb79uZqO
unqpDA1FiAE4ojc53Hwgn96tUvejdo63WsVFAJtCUyjIwP6Kqor4dXXhMMdsQVMN
hMMv37TMbvJBZxKnB1kvWCjyQY0zPdMoeqDeGC2rR5VpHFU7z/ukEEKoBCmMayYa
UaCPCywlZd5eyuly1Qv5OqwF0EHLOOIkprpcjg6/NKEasuv04e3S4X7NY6+LslfY
yk63N58ukuDuAh9FayJ9jufk766S7AVgioTTJHxaLkVvDG8ruI0Iyr8hywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMW2JIHSeNjTOrLw69zhd0j2P8/NMB8GA1UdIwQY
MBaAFNTIiOuWCgAZAMJ5Xoqvomj2AthCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEt
MTVkNzY5MWY0YTJhLzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEtMTVkNzY5MWY0YTJh
LzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANdi9TyqI
3M6/xaO5S38SISLVhW/8sB+/gT3ASuVbBHuPD65h1Qkdz760q97LklDD9qfX1Hgr
7BfrotPE92xVUNyM0LVihs0kw1zw75h14JIzC9kiMzE6xJ1QgbVa4YbMHTmhj2Sw
WZ7l7c7rZ642Xj8LPv/DYKzlQkndWZ64hsh9GMuTfee+3lvgg7xElWHkDrsaqSuz
2sFduJxfCuf0d+iJ2IggMqc9SAw8ytQyiZdLoxxnme/YlIt+Fr6knrSWQYjeiRlB
sYCIrkzAo4LWna2Rm5oF1rrMVEtYORxoKmvjLjyP3ud/JSpncYfaG6pplfPPVY2P
8BSmkMB3DvovOw==
-----END CERTIFICATE-----