Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
File:                     2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft (raw, json)
Hash identifier:          mhb6u7N5wt/PvIv1wunWhwslyafenIv3nw5cM2Yg2R8=
Subject key identifier:   9D:83:EC:E5:DF:8E:C5:1C:BD:28:DB:59:45:14:E6:2A:29:6B:D0:AC
Authority key identifier: DA:7D:CB:08:1C:73:80:2F:C1:89:5C:6E:B4:A2:72:66:6B:D4:27:9A
Certificate issuer:       /CN=da7dcb081c73802fc1895c6eb4a272666bd4279a
Certificate serial:       019E1E34EE5BBA366229F795965FDCB974C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
Manifest number:          1902
Signing time:             Tue 12 May 2026 22:00:45 +0000
Manifest this update:     Tue 12 May 2026 22:00:45 +0000
Manifest next update:     Wed 13 May 2026 22:00:45 +0000
Files and hashes:         1: 2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl (hash: JpOiAfw/ADDsXQMZZfmijeadwyim2+dVOS4i7ZcJBjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:34:ee:5b:ba:36:62:29:f7:95:96:5f:dc:b9:74:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da7dcb081c73802fc1895c6eb4a272666bd4279a
        Validity
            Not Before: May 12 22:00:45 2026 GMT
            Not After : May 13 22:00:45 2026 GMT
        Subject: CN=9d83ece5df8ec51cbd28db594514e62a296bd0ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:86:c7:8a:9e:65:99:42:b6:b5:ff:b4:20:21:
                    0d:15:4b:30:e0:ef:2b:16:63:76:80:08:40:57:56:
                    76:26:d7:c0:41:c4:68:c4:3a:7b:36:41:ef:3b:f1:
                    59:64:8d:27:2c:88:48:ed:28:5e:5c:18:dc:6c:f8:
                    7b:4b:74:78:29:05:8c:63:42:9e:f1:35:f2:0c:5f:
                    99:8b:c4:9c:75:bc:3f:90:d4:f1:cc:d0:3d:b4:5f:
                    c7:ac:13:fb:ec:88:1a:d2:09:aa:b2:c8:02:c1:25:
                    83:74:c8:e1:8a:dd:ad:b9:5c:35:bc:a1:f4:64:88:
                    ad:87:89:c9:37:99:65:44:ee:70:cf:0b:48:0d:b9:
                    2f:36:39:4d:08:11:96:4a:ed:c3:94:2b:f8:e0:2e:
                    5f:bd:89:36:8e:71:56:b4:c1:aa:44:fc:3a:42:cc:
                    a2:41:ff:b1:2c:4f:5d:4b:b9:cd:9c:4e:d5:4e:d9:
                    19:72:c6:d5:4f:f7:b7:99:04:df:9d:ba:2f:a5:54:
                    8d:3f:e4:10:6d:5c:3d:24:4b:8d:32:6d:13:3d:df:
                    9c:64:08:47:85:06:73:96:d8:96:26:f1:b6:41:de:
                    99:93:ef:95:51:b7:8b:44:cb:9f:6e:0b:46:9a:e5:
                    6b:9c:02:da:a1:e7:c3:9d:f3:5d:69:4c:26:40:cf:
                    ad:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:83:EC:E5:DF:8E:C5:1C:BD:28:DB:59:45:14:E6:2A:29:6B:D0:AC
            X509v3 Authority Key Identifier:
                keyid:DA:7D:CB:08:1C:73:80:2F:C1:89:5C:6E:B4:A2:72:66:6B:D4:27:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:f8:43:8e:62:07:b6:82:1a:26:8b:63:97:cc:b8:aa:fe:59:
         99:d8:ba:95:e2:06:6c:5c:f0:89:96:1c:12:8a:dd:22:ba:c1:
         7c:73:8d:a0:c2:78:63:2c:f2:21:08:67:20:fe:3d:62:f9:90:
         61:03:01:5e:e2:b1:2b:d3:24:f6:53:f9:f9:ca:f2:7f:fa:ca:
         de:82:95:f0:22:08:19:0b:1e:ae:e7:19:78:92:25:02:3c:61:
         a8:66:09:3c:b6:72:a2:d0:10:e5:38:67:20:25:b4:ba:d8:5e:
         e7:1d:08:f4:df:f1:66:cb:7f:ef:98:33:2d:7f:ee:40:e3:ed:
         d9:42:d6:ba:88:34:f2:39:75:c6:65:01:c3:10:97:39:f3:eb:
         98:8c:9c:b1:b6:49:9b:3d:c2:b3:f8:23:5c:53:98:d4:73:d5:
         d6:ce:ec:2b:9c:21:bf:a6:d7:63:f3:f1:ba:61:8c:4f:65:54:
         bb:87:10:91:cd:8d:76:14:b1:ee:ae:49:cc:ea:56:cb:92:05:
         3a:f3:02:81:92:74:98:d7:e0:a3:7c:11:82:b5:7e:77:b9:74:
         9a:65:53:24:85:33:74:1e:36:b7:71:b6:14:af:08:ec:de:ca:
         84:aa:0b:2f:3d:58:67:90:f9:fb:f4:02:5f:4d:3e:e4:d6:a0:
         10:8b:15:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNO5bujZiKfeVll/cuXTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhN2RjYjA4MWM3MzgwMmZjMTg5NWM2ZWI0YTI3MjY2NmJk
NDI3OWEwHhcNMjYwNTEyMjIwMDQ1WhcNMjYwNTEzMjIwMDQ1WjAzMTEwLwYDVQQD
Eyg5ZDgzZWNlNWRmOGVjNTFjYmQyOGRiNTk0NTE0ZTYyYTI5NmJkMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9IbHip5lmUK2tf+0ICENFUsw4O8r
FmN2gAhAV1Z2JtfAQcRoxDp7NkHvO/FZZI0nLIhI7SheXBjcbPh7S3R4KQWMY0Ke
8TXyDF+Zi8Scdbw/kNTxzNA9tF/HrBP77Iga0gmqssgCwSWDdMjhit2tuVw1vKH0
ZIith4nJN5llRO5wzwtIDbkvNjlNCBGWSu3DlCv44C5fvYk2jnFWtMGqRPw6Qsyi
Qf+xLE9dS7nNnE7VTtkZcsbVT/e3mQTfnbovpVSNP+QQbVw9JEuNMm0TPd+cZAhH
hQZzltiWJvG2Qd6Zk++VUbeLRMufbgtGmuVrnALaoefDnfNdaUwmQM+t4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2D7OXfjsUcvSjbWUUU5iopa9CsMB8GA1UdIwQY
MBaAFNp9ywgcc4AvwYlcbrSicmZr1CeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YWJmMTItNDVhNi00ZTJhLWJjODUt
NjhiNjhlNDk5YjRiLzEvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YWJmMTItNDVhNi00ZTJhLWJjODUtNjhiNjhlNDk5YjRi
LzEvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvhDjmIH
toIaJotjl8y4qv5Zmdi6leIGbFzwiZYcEordIrrBfHONoMJ4YyzyIQhnIP49YvmQ
YQMBXuKxK9Mk9lP5+cryf/rK3oKV8CIIGQserucZeJIlAjxhqGYJPLZyotAQ5Thn
ICW0uthe5x0I9N/xZst/75gzLX/uQOPt2ULWuog08jl1xmUBwxCXOfPrmIycsbZJ
mz3Cs/gjXFOY1HPV1s7sK5whv6bXY/PxumGMT2VUu4cQkc2NdhSx7q5JzOpWy5IF
OvMCgZJ0mNfgo3wRgrV+d7l0mmVTJIUzdB42t3G2FK8I7N7KhKoLLz1YZ5D5+/QC
X00+5NagEIsVjg==
-----END CERTIFICATE-----