Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          6fLb7XsKqNceaa/YC/3NZhE9n6WxRV+816r9tko8Qco=
Subject key identifier:   9C:FD:47:43:08:EC:EE:19:53:F6:2C:27:A3:11:AD:68:45:09:9D:BB
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       019E1F7ED3AB089AC0AEFEADE02B43DB9FE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          0867
Signing time:             Wed 13 May 2026 04:01:05 +0000
Manifest this update:     Wed 13 May 2026 04:01:05 +0000
Manifest next update:     Thu 14 May 2026 04:01:05 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: cG1E4KgvkZuTZ2sr5lQsqrqunnhZJYUKQIjVjILDN3o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 14 May 2026 04:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1f:7e:d3:ab:08:9a:c0:ae:fe:ad:e0:2b:43:db:9f:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: May 13 04:01:05 2026 GMT
            Not After : May 14 04:01:05 2026 GMT
        Subject: CN=9cfd474308ecee1953f62c27a311ad6845099dbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:8e:ff:e5:60:81:e5:6c:cd:f6:f0:0f:fb:b8:
                    c5:28:e7:f4:c9:82:3e:b6:5e:fa:90:a2:94:16:09:
                    05:c6:07:d9:e2:d9:61:5d:1e:1b:f6:89:3d:8c:c9:
                    c5:01:73:e7:97:94:4a:ff:bb:c6:d9:11:dd:d8:1a:
                    43:4e:8c:7b:2a:58:f9:7b:14:c8:d4:19:5a:1b:c4:
                    3c:8c:e4:2c:6c:1c:8c:bc:ed:1d:3c:ce:99:27:39:
                    29:5e:cf:64:c9:9c:89:ab:16:d6:e9:60:97:a5:1b:
                    54:9a:4c:04:84:44:b7:0a:86:44:64:cf:95:79:f3:
                    e2:7f:c4:19:ba:c6:4a:c8:83:7c:4c:02:a3:30:96:
                    46:56:62:f0:08:dc:26:2f:e9:c7:8e:22:94:d6:17:
                    8a:a8:c8:9d:3f:98:e7:5b:b6:69:c8:ae:fc:2e:f3:
                    50:21:5d:64:8f:59:36:f9:26:6c:f0:21:cf:38:83:
                    1b:54:4f:4a:71:eb:d8:29:58:fd:ef:19:a5:6a:96:
                    b9:f2:da:f7:ce:19:6e:25:38:fc:42:81:bb:b3:a8:
                    48:2a:d5:25:07:a9:1a:2a:c3:70:2a:59:4b:25:e7:
                    d0:64:a5:22:07:98:ff:78:1c:e0:bf:8a:68:09:d6:
                    f4:5a:7e:cf:b3:2c:b1:74:39:0c:fa:4c:16:6e:0e:
                    2d:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:FD:47:43:08:EC:EE:19:53:F6:2C:27:A3:11:AD:68:45:09:9D:BB
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:81:0a:ba:44:0b:64:85:a9:e6:46:c6:c8:a4:fd:2e:67:1f:
         e3:3b:2b:2e:4c:6f:c6:b4:61:4a:ef:c1:4b:6e:dc:31:18:0b:
         22:77:b2:15:9a:b0:cb:e9:65:0b:79:1f:da:37:0d:e7:15:00:
         96:88:dd:04:50:01:36:ad:18:08:0b:de:de:a4:f3:b9:42:22:
         34:05:c8:23:b9:10:a3:88:c9:88:49:60:c7:c5:8d:6e:c3:cd:
         c5:44:7c:ab:5d:98:f1:b7:74:f5:66:0d:48:02:c0:83:92:de:
         da:13:a2:60:92:b3:46:cb:e5:8b:08:34:98:b9:65:a4:ff:13:
         cf:ee:5c:f7:8f:de:ef:41:93:d4:ef:35:e2:5a:2f:c4:53:59:
         cc:2a:ce:b4:b6:f2:53:a3:00:89:26:10:aa:8d:ee:32:92:9f:
         50:0c:9a:68:f8:28:78:7e:d3:30:f9:1f:00:e9:d4:47:e1:fe:
         f6:fa:a7:fa:fc:21:cc:b6:8c:fa:1a:05:68:ef:20:7f:18:1b:
         24:28:1b:97:d0:ba:b9:b7:b3:80:a8:2e:22:e1:6b:f8:c3:a8:
         8d:c2:e3:16:6b:15:31:1f:90:77:af:01:fb:26:1e:90:ae:b0:
         98:66:6f:5c:79:4a:13:ff:7d:1d:b5:54:29:12:ae:17:b6:f5:
         72:7b:81:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fftOrCJrArv6t4CtD25/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjYwNTEzMDQwMTA1WhcNMjYwNTE0MDQwMTA1WjAzMTEwLwYDVQQD
Eyg5Y2ZkNDc0MzA4ZWNlZTE5NTNmNjJjMjdhMzExYWQ2ODQ1MDk5ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9I7/5WCB5WzN9vAP+7jFKOf0yYI+
tl76kKKUFgkFxgfZ4tlhXR4b9ok9jMnFAXPnl5RK/7vG2RHd2BpDTox7Klj5exTI
1BlaG8Q8jOQsbByMvO0dPM6ZJzkpXs9kyZyJqxbW6WCXpRtUmkwEhES3CoZEZM+V
efPif8QZusZKyIN8TAKjMJZGVmLwCNwmL+nHjiKU1heKqMidP5jnW7ZpyK78LvNQ
IV1kj1k2+SZs8CHPOIMbVE9KcevYKVj97xmlapa58tr3zhluJTj8QoG7s6hIKtUl
B6kaKsNwKllLJefQZKUiB5j/eBzgv4poCdb0Wn7PsyyxdDkM+kwWbg4tBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJz9R0MI7O4ZU/YsJ6MRrWhFCZ27MB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASIEKukQL
ZIWp5kbGyKT9Lmcf4zsrLkxvxrRhSu/BS27cMRgLIneyFZqwy+llC3kf2jcN5xUA
lojdBFABNq0YCAve3qTzuUIiNAXII7kQo4jJiElgx8WNbsPNxUR8q12Y8bd09WYN
SALAg5Le2hOiYJKzRsvliwg0mLllpP8Tz+5c94/e70GT1O814lovxFNZzCrOtLby
U6MAiSYQqo3uMpKfUAyaaPgoeH7TMPkfAOnUR+H+9vqn+vwhzLaM+hoFaO8gfxgb
JCgbl9C6ubezgKguIuFr+MOojcLjFmsVMR+Qd68B+yYekK6wmGZvXHlKE/99HbVU
KRKuF7b1cnuBVw==
-----END CERTIFICATE-----