Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          JYzmtZI+vouwhzz5Iq37ENzKyh7ZQnnhxCGOjAdA7pY=
Subject key identifier:   24:51:E7:66:0D:1C:93:96:86:57:19:4D:02:15:34:5F:D3:18:19:32
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       019E1C7DB2E8ABC341C32E8F61D7E8A0C584
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          05B4
Signing time:             Tue 12 May 2026 14:01:00 +0000
Manifest this update:     Tue 12 May 2026 14:01:00 +0000
Manifest next update:     Wed 13 May 2026 14:01:00 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: hls6ZLAeZqRHdkzzwenle+tOyOio5yTe4XHsssEfqVo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:7d:b2:e8:ab:c3:41:c3:2e:8f:61:d7:e8:a0:c5:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: May 12 14:01:00 2026 GMT
            Not After : May 13 14:01:00 2026 GMT
        Subject: CN=2451e7660d1c93968657194d0215345fd3181932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c7:13:7c:7a:47:e0:48:e2:bc:ab:d2:0c:ca:
                    9b:c9:e5:4d:8c:94:7f:7b:12:51:08:dc:3f:67:de:
                    31:25:30:4e:77:f2:60:f1:c5:8d:c2:76:16:b3:75:
                    05:27:81:f9:ab:b6:39:b3:10:5d:27:fb:99:75:ee:
                    04:2e:ff:d8:14:22:be:da:13:9a:85:ac:73:59:2d:
                    66:08:0e:36:2b:b0:2b:80:fb:23:66:85:7f:c6:b4:
                    2e:ed:79:b0:3f:7a:da:d3:fc:20:d4:fc:95:3f:76:
                    6f:f7:97:ed:4d:25:bc:33:17:b7:e6:f3:aa:4d:31:
                    af:20:a4:22:b6:fd:88:b9:e0:2a:33:fc:0e:90:e1:
                    76:65:6d:1c:71:a0:2e:56:a0:97:25:01:be:9a:83:
                    32:88:97:43:0f:7e:84:d1:b1:6e:7a:f7:6f:b3:bf:
                    db:b1:8a:9e:74:fe:78:3f:84:6d:70:ee:28:3f:b5:
                    8d:04:e8:c6:5d:40:3a:12:dd:c1:76:97:b0:06:73:
                    dd:58:f2:b8:90:37:15:8c:28:43:a3:58:b6:68:9b:
                    4a:b0:4d:43:72:a5:02:71:a8:4d:14:a0:53:c9:67:
                    86:93:ab:5d:63:9a:fc:4e:62:2e:16:79:5c:c9:6a:
                    7c:c6:6d:64:b1:d7:5d:b2:0d:42:e0:da:29:23:36:
                    0a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:51:E7:66:0D:1C:93:96:86:57:19:4D:02:15:34:5F:D3:18:19:32
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:a6:9c:e6:4a:e9:91:ec:a8:77:99:77:d0:7f:d5:a3:d4:15:
         ab:d4:9c:7f:0d:5f:42:ed:60:e7:0c:c1:af:33:21:31:cc:80:
         39:30:a6:b7:da:ec:d2:99:08:7a:70:75:9d:fe:db:b3:e8:14:
         50:43:39:26:b4:d7:98:19:23:21:53:2e:36:16:67:0c:57:a8:
         f2:23:54:99:01:02:0c:37:6c:b4:ba:85:a0:48:c9:0c:d8:86:
         e5:71:bd:90:24:6c:a6:09:5c:31:7c:f9:d4:8f:e9:d5:81:ed:
         4f:56:b8:50:6f:fb:de:95:7e:f6:b6:10:ed:aa:79:a9:68:2f:
         14:9e:f1:cc:53:f1:c9:83:7d:aa:f2:0b:15:15:90:01:2d:e2:
         dd:12:12:4e:14:13:79:a8:44:0d:63:b4:03:b8:41:5d:a7:ee:
         05:1b:bb:3a:b5:ce:18:3c:c1:63:a2:ea:16:94:4a:63:3a:bd:
         2c:fb:31:e8:e4:ec:ef:24:c0:24:e1:61:fd:21:bc:aa:e3:10:
         b3:ef:22:79:3a:8a:66:bc:73:4d:2b:7e:aa:5a:11:f0:4f:41:
         16:42:ba:cf:5c:4d:68:5a:65:89:89:13:4f:e0:13:fc:6a:d8:
         c4:e3:ac:10:f4:75:b3:ab:78:59:cc:ee:25:71:50:65:28:dc:
         e4:78:44:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cfbLoq8NBwy6PYdfooMWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjYwNTEyMTQwMTAwWhcNMjYwNTEzMTQwMTAwWjAzMTEwLwYDVQQD
EygyNDUxZTc2NjBkMWM5Mzk2ODY1NzE5NGQwMjE1MzQ1ZmQzMTgxOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8cTfHpH4EjivKvSDMqbyeVNjJR/
exJRCNw/Z94xJTBOd/Jg8cWNwnYWs3UFJ4H5q7Y5sxBdJ/uZde4ELv/YFCK+2hOa
haxzWS1mCA42K7ArgPsjZoV/xrQu7XmwP3ra0/wg1PyVP3Zv95ftTSW8Mxe35vOq
TTGvIKQitv2IueAqM/wOkOF2ZW0ccaAuVqCXJQG+moMyiJdDD36E0bFuevdvs7/b
sYqedP54P4RtcO4oP7WNBOjGXUA6Et3BdpewBnPdWPK4kDcVjChDo1i2aJtKsE1D
cqUCcahNFKBTyWeGk6tdY5r8TmIuFnlcyWp8xm1ksdddsg1C4NopIzYKowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRR52YNHJOWhlcZTQIVNF/TGBkyMB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOqac5krp
keyod5l30H/Vo9QVq9Scfw1fQu1g5wzBrzMhMcyAOTCmt9rs0pkIenB1nf7bs+gU
UEM5JrTXmBkjIVMuNhZnDFeo8iNUmQECDDdstLqFoEjJDNiG5XG9kCRspglcMXz5
1I/p1YHtT1a4UG/73pV+9rYQ7ap5qWgvFJ7xzFPxyYN9qvILFRWQAS3i3RISThQT
eahEDWO0A7hBXafuBRu7OrXOGDzBY6LqFpRKYzq9LPsx6OTs7yTAJOFh/SG8quMQ
s+8ieTqKZrxzTSt+qloR8E9BFkK6z1xNaFpliYkTT+AT/GrYxOOsEPR1s6t4Wczu
JXFQZSjc5HhEgw==
-----END CERTIFICATE-----