Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
File:                     2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft (raw, json)
Hash identifier:          zJfOX2t6oWp1n8cBN6IbIOj+7DdxK7euBE1+otKm5v0=
Subject key identifier:   30:B1:3D:B7:D5:25:D6:D6:F5:6C:E8:BC:70:64:8D:6C:07:4C:00:1B
Authority key identifier: DA:7D:CB:08:1C:73:80:2F:C1:89:5C:6E:B4:A2:72:66:6B:D4:27:9A
Certificate issuer:       /CN=da7dcb081c73802fc1895c6eb4a272666bd4279a
Certificate serial:       019D2703BAB70FC808762FAFB3009054E215
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 22:00:48 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:48 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:48 +0000
Files and hashes:         1: 2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl (hash: QOzBVarq6jwhWcHt3WD0EfAVH23unPu0yRzrRbfuy74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:ba:b7:0f:c8:08:76:2f:af:b3:00:90:54:e2:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da7dcb081c73802fc1895c6eb4a272666bd4279a
        Validity
            Not Before: Mar 25 22:00:48 2026 GMT
            Not After : Mar 26 22:00:48 2026 GMT
        Subject: CN=30b13db7d525d6d6f56ce8bc70648d6c074c001b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:83:a2:49:f1:bf:3f:b0:9f:4d:f4:4a:d5:32:
                    37:fd:57:da:d9:ff:f0:9e:62:bc:3d:78:95:0e:e7:
                    2d:b5:7b:1c:b7:5e:37:13:43:59:21:fe:18:bf:4d:
                    51:b5:4c:04:6c:9f:e4:7c:be:06:d2:a5:95:3f:aa:
                    bb:39:f1:13:64:f5:3e:df:5e:20:4d:46:93:19:87:
                    36:e7:0d:fe:2d:58:e9:cd:6c:3e:bc:d4:74:b0:96:
                    22:f3:e3:1a:08:1b:7d:c6:19:cf:7b:b2:ab:82:12:
                    2d:89:04:09:c6:c3:3e:b9:47:35:a3:6d:a0:51:5e:
                    73:ed:89:ae:30:f1:ca:c8:35:de:8c:17:72:b2:e4:
                    fa:60:04:38:d8:58:ca:98:bb:89:4c:30:ae:83:b7:
                    56:78:9e:14:39:c9:b7:19:4d:94:0a:a1:fc:8c:f3:
                    91:26:c5:7c:d6:12:39:7c:f7:87:34:ae:5f:66:90:
                    8f:03:a3:1b:d6:b6:c6:bf:2b:67:45:37:65:ef:c0:
                    c4:2e:4c:a8:d7:04:7f:50:c8:7d:3a:a4:28:5b:58:
                    57:37:17:ca:2e:c0:29:1e:23:81:5b:53:c6:86:aa:
                    1a:dd:6a:46:64:48:dd:54:11:25:fb:ad:2b:a5:19:
                    48:44:6f:e4:81:b3:ec:cf:14:88:9d:bc:c5:58:a0:
                    b1:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:B1:3D:B7:D5:25:D6:D6:F5:6C:E8:BC:70:64:8D:6C:07:4C:00:1B
            X509v3 Authority Key Identifier:
                keyid:DA:7D:CB:08:1C:73:80:2F:C1:89:5C:6E:B4:A2:72:66:6B:D4:27:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:8a:ba:2c:16:45:53:b9:d8:b4:bf:55:e5:d8:bf:3f:f5:02:
         9f:62:36:97:73:ff:ef:f1:d4:39:fd:cb:b7:b1:05:76:2b:70:
         d6:e8:9f:20:94:06:8e:e9:a1:a4:c4:29:fe:3d:e5:2d:d7:66:
         3f:3a:2b:ff:e2:df:60:90:23:80:51:a6:17:7c:5c:ad:47:df:
         54:aa:87:21:45:bf:44:21:81:60:55:5b:f7:37:cd:2a:21:a2:
         ff:37:a7:19:8f:7e:a3:65:74:06:31:87:f1:9a:42:b6:65:90:
         b6:46:3b:fa:c4:f4:4b:7f:ec:bf:05:32:69:08:bc:b4:8e:2a:
         a7:0d:6b:d3:60:1b:d7:50:43:cf:45:2a:c0:e0:14:12:a1:d0:
         9c:c9:41:d4:ec:59:c4:2b:c4:49:2a:fa:fd:cf:0e:f8:7c:91:
         bd:2d:a2:2a:19:9e:2b:1c:8d:a3:98:23:e9:cf:f9:0b:03:ea:
         af:59:ba:ac:90:7a:11:c9:46:64:f2:ae:2c:a1:1a:01:f2:ec:
         0f:42:f6:86:d1:19:19:3c:8e:a0:31:67:69:3f:ff:ea:e5:3d:
         8b:59:88:aa:31:bc:9c:cf:36:e6:01:79:8a:11:f9:8b:a1:1b:
         f6:1c:e3:e8:f5:93:73:fc:fa:95:71:f7:84:61:39:99:a5:f6:
         ed:15:c6:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA7q3D8gIdi+vswCQVOIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhN2RjYjA4MWM3MzgwMmZjMTg5NWM2ZWI0YTI3MjY2NmJk
NDI3OWEwHhcNMjYwMzI1MjIwMDQ4WhcNMjYwMzI2MjIwMDQ4WjAzMTEwLwYDVQQD
EygzMGIxM2RiN2Q1MjVkNmQ2ZjU2Y2U4YmM3MDY0OGQ2YzA3NGMwMDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYOiSfG/P7CfTfRK1TI3/Vfa2f/w
nmK8PXiVDucttXsct143E0NZIf4Yv01RtUwEbJ/kfL4G0qWVP6q7OfETZPU+314g
TUaTGYc25w3+LVjpzWw+vNR0sJYi8+MaCBt9xhnPe7KrghItiQQJxsM+uUc1o22g
UV5z7YmuMPHKyDXejBdysuT6YAQ42FjKmLuJTDCug7dWeJ4UOcm3GU2UCqH8jPOR
JsV81hI5fPeHNK5fZpCPA6Mb1rbGvytnRTdl78DELkyo1wR/UMh9OqQoW1hXNxfK
LsApHiOBW1PGhqoa3WpGZEjdVBEl+60rpRlIRG/kgbPszxSInbzFWKCx/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDCxPbfVJdbW9WzovHBkjWwHTAAbMB8GA1UdIwQY
MBaAFNp9ywgcc4AvwYlcbrSicmZr1CeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YWJmMTItNDVhNi00ZTJhLWJjODUt
NjhiNjhlNDk5YjRiLzEvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YWJmMTItNDVhNi00ZTJhLWJjODUtNjhiNjhlNDk5YjRi
LzEvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZYq6LBZF
U7nYtL9V5di/P/UCn2I2l3P/7/HUOf3Lt7EFditw1uifIJQGjumhpMQp/j3lLddm
Pzor/+LfYJAjgFGmF3xcrUffVKqHIUW/RCGBYFVb9zfNKiGi/zenGY9+o2V0BjGH
8ZpCtmWQtkY7+sT0S3/svwUyaQi8tI4qpw1r02Ab11BDz0UqwOAUEqHQnMlB1OxZ
xCvESSr6/c8O+HyRvS2iKhmeKxyNo5gj6c/5CwPqr1m6rJB6EclGZPKuLKEaAfLs
D0L2htEZGTyOoDFnaT//6uU9i1mIqjG8nM825gF5ihH5i6Eb9hzj6PWTc/z6lXH3
hGE5maX27RXGng==
-----END CERTIFICATE-----