Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          TWVnJqux+9W0kDYbSTNXQCZN2PJUMAxyXFBRYxlaaQs=
Subject key identifier:   C9:CC:0B:DE:E4:37:A7:BA:24:01:BE:B6:B8:7A:B4:23:7A:15:29:6F
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       019D292983D1B2555401B48C0FA7FC02ADE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          0536
Signing time:             Thu 26 Mar 2026 08:01:19 +0000
Manifest this update:     Thu 26 Mar 2026 08:01:19 +0000
Manifest next update:     Fri 27 Mar 2026 08:01:19 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: fqpFP6zB4Z5bAb5NltD+wSZGfcdGa/6pqqcZgz2RmMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 08:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:29:83:d1:b2:55:54:01:b4:8c:0f:a7:fc:02:ad:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: Mar 26 08:01:19 2026 GMT
            Not After : Mar 27 08:01:19 2026 GMT
        Subject: CN=c9cc0bdee437a7ba2401beb6b87ab4237a15296f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:ac:22:9b:c8:63:52:36:8b:26:46:a3:1f:65:
                    88:43:a1:b5:6b:db:fc:81:32:32:b0:98:02:10:20:
                    dd:ce:cf:75:d3:db:4b:af:19:ec:9c:99:32:8f:db:
                    18:18:18:a3:8a:19:94:db:43:5b:77:37:98:df:02:
                    2d:69:12:d2:22:c5:9f:c1:bc:3a:54:e8:4b:d2:51:
                    71:7d:b9:55:a2:59:6d:4a:4a:96:c8:86:37:db:58:
                    6d:f2:48:af:e1:f5:28:7d:33:fe:5d:97:a2:2a:d4:
                    5b:1b:25:57:67:92:36:a3:35:8c:46:44:d3:24:41:
                    e6:b8:ab:f1:00:5a:c7:02:bd:25:91:fc:99:8e:54:
                    39:1e:90:d7:74:f2:52:10:14:b1:5b:d4:3d:5f:bd:
                    cd:f1:1f:06:f5:7a:15:fd:61:3f:fd:e7:01:0c:f9:
                    54:7c:45:1a:06:a7:fa:74:ce:8c:06:71:b0:0e:0a:
                    4e:53:56:63:3a:be:f8:ce:5a:31:75:9d:ff:34:e3:
                    a9:ec:af:74:cc:1e:b3:34:7a:23:82:62:3c:cd:fa:
                    48:6e:12:ec:39:97:d0:d7:73:73:2b:38:f1:bd:56:
                    fd:d5:42:91:21:60:9b:4c:6d:e0:17:36:00:0a:f7:
                    40:b2:15:a7:a0:9d:31:79:5b:d0:c9:b2:5e:de:c2:
                    a8:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:CC:0B:DE:E4:37:A7:BA:24:01:BE:B6:B8:7A:B4:23:7A:15:29:6F
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:a2:5e:5b:f5:5c:58:a8:5f:0a:20:37:0f:a0:ff:85:ab:eb:
         86:60:62:b4:a0:e3:bc:84:ca:4b:7e:22:8a:56:fb:65:9a:3a:
         95:2c:dc:6d:32:75:ed:85:64:f4:e8:09:58:40:38:11:df:54:
         e3:77:a9:32:a2:fb:62:1b:69:e3:ff:d8:9b:27:2f:11:44:73:
         63:74:da:2d:ab:a3:02:08:61:37:ac:55:6d:13:b3:7d:ba:62:
         01:fa:4a:61:9a:84:c3:21:57:b0:7a:4e:9f:5d:1d:92:c2:28:
         dc:78:04:90:63:9e:e8:d4:a9:3e:0d:c4:d1:46:db:ea:f2:e1:
         d9:84:02:34:b0:2a:01:76:fe:28:d7:6a:cb:fc:cd:25:f5:a1:
         18:2f:6a:a1:22:ba:c2:71:9b:14:14:4c:4e:01:11:04:ce:00:
         e9:ba:92:36:a9:d1:23:d7:af:0b:48:68:16:54:67:d7:02:51:
         ee:3c:3b:da:c8:b2:f4:93:b2:f0:02:6e:f0:15:96:62:c1:e0:
         76:f6:03:3c:c6:87:8a:c1:65:69:94:b1:d5:1b:74:dd:12:a3:
         00:a2:38:2e:98:6c:9d:36:65:0a:42:54:a7:d2:50:d5:25:62:
         bd:0d:12:f5:af:a1:14:66:ba:a0:94:6b:05:a8:92:44:d4:14:
         d0:b0:d8:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKYPRslVUAbSMD6f8Aq3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjYwMzI2MDgwMTE5WhcNMjYwMzI3MDgwMTE5WjAzMTEwLwYDVQQD
EyhjOWNjMGJkZWU0MzdhN2JhMjQwMWJlYjZiODdhYjQyMzdhMTUyOTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qwim8hjUjaLJkajH2WIQ6G1a9v8
gTIysJgCECDdzs9109tLrxnsnJkyj9sYGBijihmU20NbdzeY3wItaRLSIsWfwbw6
VOhL0lFxfblVolltSkqWyIY321ht8kiv4fUofTP+XZeiKtRbGyVXZ5I2ozWMRkTT
JEHmuKvxAFrHAr0lkfyZjlQ5HpDXdPJSEBSxW9Q9X73N8R8G9XoV/WE//ecBDPlU
fEUaBqf6dM6MBnGwDgpOU1ZjOr74zloxdZ3/NOOp7K90zB6zNHojgmI8zfpIbhLs
OZfQ13NzKzjxvVb91UKRIWCbTG3gFzYACvdAshWnoJ0xeVvQybJe3sKoYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnMC97kN6e6JAG+trh6tCN6FSlvMB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApqJeW/Vc
WKhfCiA3D6D/havrhmBitKDjvITKS34iilb7ZZo6lSzcbTJ17YVk9OgJWEA4Ed9U
43epMqL7Yhtp4//YmycvEURzY3TaLaujAghhN6xVbROzfbpiAfpKYZqEwyFXsHpO
n10dksIo3HgEkGOe6NSpPg3E0Ubb6vLh2YQCNLAqAXb+KNdqy/zNJfWhGC9qoSK6
wnGbFBRMTgERBM4A6bqSNqnRI9evC0hoFlRn1wJR7jw72siy9JOy8AJu8BWWYsHg
dvYDPMaHisFlaZSx1Rt03RKjAKI4LphsnTZlCkJUp9JQ1SVivQ0S9a+hFGa6oJRr
BaiSRNQU0LDYqw==
-----END CERTIFICATE-----