Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          RtAIsWduboJsSi+HwKm+7W4LAe5RvW/6NIm0mKgQKSo=
Subject key identifier:   2C:91:6D:97:5E:13:D0:CA:6A:D1:66:1E:DD:74:A0:68:97:F0:5C:DA
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       019E1E35D4524A0240F9BC1CD26456FF086E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          0997
Signing time:             Tue 12 May 2026 22:01:44 +0000
Manifest this update:     Tue 12 May 2026 22:01:44 +0000
Manifest next update:     Wed 13 May 2026 22:01:44 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: KJJm4F/eYYc+AMQ3hm9wV/YxaP382BRZkFbWHPHQEbo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:d4:52:4a:02:40:f9:bc:1c:d2:64:56:ff:08:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: May 12 22:01:44 2026 GMT
            Not After : May 13 22:01:44 2026 GMT
        Subject: CN=2c916d975e13d0ca6ad1661edd74a06897f05cda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:8d:89:d6:6a:f7:21:30:4d:25:ab:3c:c2:f2:
                    a2:cc:a6:4c:43:83:ff:48:f9:b9:f3:e3:20:d4:19:
                    5c:8b:2c:8c:ad:20:8f:68:d8:22:7c:b1:1e:83:6c:
                    9c:4f:d7:0c:cc:4f:7c:a5:8f:e3:56:c4:d5:2e:05:
                    07:29:68:fa:88:78:1d:f7:fd:91:11:79:28:5d:5a:
                    68:fa:80:bc:17:cd:71:c8:9c:d5:f6:ee:6b:48:86:
                    bd:15:79:54:83:18:4e:b0:d9:49:0c:ae:bd:9e:03:
                    85:01:ed:91:34:2a:48:2a:3d:d4:18:72:11:89:08:
                    d1:a7:d6:c0:d8:22:db:04:6b:de:3a:eb:12:d0:eb:
                    9c:4b:4c:4d:8c:a9:80:a8:8b:58:ac:91:60:b6:4b:
                    44:42:f7:28:b7:17:84:46:88:04:3c:cd:2c:d4:d0:
                    45:26:7f:89:ea:aa:c2:76:13:2e:d2:43:ed:a6:94:
                    7a:fe:9e:b7:e3:63:46:3b:61:ef:11:17:d0:76:0a:
                    2d:73:32:6e:4e:1b:29:9c:ff:39:41:3a:c1:bb:99:
                    d5:89:f6:c5:a8:b1:33:38:69:f6:c1:a7:04:a9:44:
                    7c:d1:4d:e5:17:d4:49:67:fb:68:5b:64:e9:74:72:
                    c0:d7:13:ec:36:c4:c4:f8:ce:19:1f:51:89:d1:bf:
                    25:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:91:6D:97:5E:13:D0:CA:6A:D1:66:1E:DD:74:A0:68:97:F0:5C:DA
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:ee:c8:13:70:15:9a:e5:ff:43:f2:fc:3c:24:30:76:00:20:
         94:2a:71:42:63:b0:bb:b1:b7:52:54:e9:32:27:69:11:90:1c:
         fd:08:81:fd:e2:dc:b8:7e:71:d9:cb:e6:51:6f:b5:84:a9:97:
         7f:40:5c:96:5f:04:4c:99:2f:3b:1e:15:ce:11:f8:0e:ee:ed:
         07:db:93:db:7c:22:b1:71:00:82:62:eb:f0:b8:f1:8d:23:eb:
         33:09:f4:85:2c:45:30:2e:b9:dd:cb:c0:28:38:5d:7c:94:dd:
         65:b7:b6:c2:1a:36:69:7e:df:87:9c:d4:f7:59:58:73:35:8b:
         29:85:ee:d6:e9:85:db:e2:16:da:b7:3e:18:c6:eb:2c:76:94:
         56:9e:34:55:9f:07:1e:73:b8:70:b3:fd:3c:92:eb:a8:89:81:
         09:f6:cf:f1:28:02:af:7e:a9:aa:2e:bc:83:06:bb:08:c1:11:
         d8:01:7b:48:46:a9:47:bc:2b:af:e5:6d:0c:4a:01:5d:9f:6b:
         be:9a:c2:93:48:9c:04:f9:50:3b:87:4e:6c:44:b4:87:5a:c1:
         fc:d8:5d:c5:34:ab:e1:f6:ff:6f:b1:46:ca:e2:5c:22:d5:17:
         e1:e2:da:56:61:35:09:25:c6:94:22:d5:ce:b1:a7:f3:85:b2:
         07:88:36:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNdRSSgJA+bwc0mRW/whuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjYwNTEyMjIwMTQ0WhcNMjYwNTEzMjIwMTQ0WjAzMTEwLwYDVQQD
EygyYzkxNmQ5NzVlMTNkMGNhNmFkMTY2MWVkZDc0YTA2ODk3ZjA1Y2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA442J1mr3ITBNJas8wvKizKZMQ4P/
SPm58+Mg1BlciyyMrSCPaNgifLEeg2ycT9cMzE98pY/jVsTVLgUHKWj6iHgd9/2R
EXkoXVpo+oC8F81xyJzV9u5rSIa9FXlUgxhOsNlJDK69ngOFAe2RNCpIKj3UGHIR
iQjRp9bA2CLbBGveOusS0OucS0xNjKmAqItYrJFgtktEQvcotxeERogEPM0s1NBF
Jn+J6qrCdhMu0kPtppR6/p6342NGO2HvERfQdgotczJuThspnP85QTrBu5nVifbF
qLEzOGn2wacEqUR80U3lF9RJZ/toW2TpdHLA1xPsNsTE+M4ZH1GJ0b8lWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyRbZdeE9DKatFmHt10oGiX8FzaMB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQu7IE3AV
muX/Q/L8PCQwdgAglCpxQmOwu7G3UlTpMidpEZAc/QiB/eLcuH5x2cvmUW+1hKmX
f0Bcll8ETJkvOx4VzhH4Du7tB9uT23wisXEAgmLr8LjxjSPrMwn0hSxFMC653cvA
KDhdfJTdZbe2who2aX7fh5zU91lYczWLKYXu1umF2+IW2rc+GMbrLHaUVp40VZ8H
HnO4cLP9PJLrqImBCfbP8SgCr36pqi68gwa7CMER2AF7SEapR7wrr+VtDEoBXZ9r
vprCk0icBPlQO4dObES0h1rB/NhdxTSr4fb/b7FGyuJcItUX4eLaVmE1CSXGlCLV
zrGn84WyB4g2wA==
-----END CERTIFICATE-----