Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          PUq6LOMMJGSalqRMBmRISUMg9rTOS7GTK9Q+8RJ2gvs=
Subject key identifier:   30:C4:01:78:4D:36:6C:B4:EB:08:1B:93:20:E9:A2:80:CC:77:A2:4A
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       019D2584443DF60C5E73F196C49ABCEA5A5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          1712
Signing time:             Wed 25 Mar 2026 15:01:58 +0000
Manifest this update:     Wed 25 Mar 2026 15:01:58 +0000
Manifest next update:     Thu 26 Mar 2026 15:01:58 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: Ybg2BxOocKmjosSMUt7PXEtNXgpUrMTLSWQ8oP5bb+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:84:44:3d:f6:0c:5e:73:f1:96:c4:9a:bc:ea:5a:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Mar 25 15:01:58 2026 GMT
            Not After : Mar 26 15:01:58 2026 GMT
        Subject: CN=30c401784d366cb4eb081b9320e9a280cc77a24a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f3:d3:07:a4:64:a8:74:6b:ad:47:96:02:2b:
                    db:cf:db:2b:8f:87:72:6c:41:c5:68:39:c9:98:cb:
                    0b:1e:1f:90:84:da:8e:17:f6:f0:03:b6:7c:7a:bc:
                    82:f3:a1:88:80:c0:40:4c:61:74:66:c6:64:19:22:
                    95:9a:67:72:e4:c6:44:26:d4:de:c3:5c:f3:28:93:
                    c1:17:7d:bf:d0:7f:da:d8:2b:36:07:12:3f:91:5b:
                    ae:58:0a:f4:78:0b:15:1a:b1:54:96:f9:dd:4c:84:
                    18:10:a4:36:87:72:69:e3:41:3f:fa:41:cb:74:e9:
                    e8:2d:9c:1b:a6:0f:0f:57:da:4b:ec:20:f6:fa:1e:
                    59:72:ed:7e:07:e5:d7:fa:03:8c:c2:21:83:a3:17:
                    d4:7a:9d:44:8c:97:ed:04:a9:14:9c:21:f4:3c:f8:
                    8c:eb:93:19:7e:89:e4:9e:5a:e6:28:63:2d:a3:f4:
                    6e:4a:07:8d:09:23:b9:24:d4:3b:d3:82:03:df:c7:
                    bd:b1:11:0f:65:0c:f2:7e:de:17:41:12:2f:d6:6f:
                    e9:f5:01:91:e4:a7:27:b9:b1:51:0e:af:bf:a0:5e:
                    76:2d:7c:a9:dc:21:53:5c:31:24:3a:6e:d9:24:e2:
                    08:e6:1e:75:9c:e1:57:f8:28:8e:81:32:02:49:df:
                    f3:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:C4:01:78:4D:36:6C:B4:EB:08:1B:93:20:E9:A2:80:CC:77:A2:4A
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:18:15:7d:b1:a3:22:61:c1:e4:22:d0:c4:b4:7c:2a:15:3f:
         0e:e7:d6:26:a1:23:72:7b:2e:05:ca:78:99:72:c5:35:d8:43:
         b3:43:26:a4:e7:25:05:27:e5:68:6e:5d:1c:c2:c6:25:0f:1e:
         a9:c2:b6:2a:a7:1e:f0:af:74:4a:86:54:54:91:a0:05:c5:88:
         6d:b4:f6:a3:2b:a6:c9:c4:8e:d0:46:a5:c5:9a:a5:20:78:08:
         60:88:04:5d:e2:d7:62:f5:85:67:57:81:8f:46:e9:bc:ec:2f:
         c7:e1:21:b2:ac:20:cd:31:4f:93:46:e7:b2:12:9f:7d:4f:92:
         b1:95:2a:e2:eb:a1:d1:98:75:34:e6:9c:e6:8b:9b:a6:2d:11:
         54:0a:de:6e:f5:32:89:68:ca:94:29:04:88:f7:4f:71:15:36:
         fc:2e:93:ea:ca:b4:86:db:fb:78:be:99:6a:4e:eb:b1:20:0c:
         dc:68:49:04:26:1b:ae:6a:5c:7d:4d:3b:4c:01:bf:a4:da:5b:
         82:3e:98:03:3b:b8:3d:cd:32:8d:15:15:09:fc:19:c9:46:dc:
         aa:6c:f0:a5:19:08:a6:f4:89:6f:4b:8d:d4:d8:9b:66:c4:a8:
         01:4b:dd:da:93:e5:91:2c:1e:56:22:30:e8:89:f5:62:b7:05:
         9b:3c:2f:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lhEQ99gxec/GWxJq86lpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjYwMzI1MTUwMTU4WhcNMjYwMzI2MTUwMTU4WjAzMTEwLwYDVQQD
EygzMGM0MDE3ODRkMzY2Y2I0ZWIwODFiOTMyMGU5YTI4MGNjNzdhMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/PTB6RkqHRrrUeWAivbz9srj4dy
bEHFaDnJmMsLHh+QhNqOF/bwA7Z8eryC86GIgMBATGF0ZsZkGSKVmmdy5MZEJtTe
w1zzKJPBF32/0H/a2Cs2BxI/kVuuWAr0eAsVGrFUlvndTIQYEKQ2h3Jp40E/+kHL
dOnoLZwbpg8PV9pL7CD2+h5Zcu1+B+XX+gOMwiGDoxfUep1EjJftBKkUnCH0PPiM
65MZfonknlrmKGMto/RuSgeNCSO5JNQ704ID38e9sREPZQzyft4XQRIv1m/p9QGR
5KcnubFRDq+/oF52LXyp3CFTXDEkOm7ZJOII5h51nOFX+CiOgTICSd/zZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDDEAXhNNmy06wgbkyDpooDMd6JKMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANhgVfbGj
ImHB5CLQxLR8KhU/DufWJqEjcnsuBcp4mXLFNdhDs0MmpOclBSflaG5dHMLGJQ8e
qcK2Kqce8K90SoZUVJGgBcWIbbT2oyumycSO0EalxZqlIHgIYIgEXeLXYvWFZ1eB
j0bpvOwvx+EhsqwgzTFPk0bnshKffU+SsZUq4uuh0Zh1NOac5oubpi0RVArebvUy
iWjKlCkEiPdPcRU2/C6T6sq0htv7eL6Zak7rsSAM3GhJBCYbrmpcfU07TAG/pNpb
gj6YAzu4Pc0yjRUVCfwZyUbcqmzwpRkIpvSJb0uN1NibZsSoAUvd2pPlkSweViIw
6In1YrcFmzwvSA==
-----END CERTIFICATE-----