Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
File:                     2nGl-6KA1tAY7MOp1-WMPGEeav0.mft (raw, json)
Hash identifier:          MRa3GIjZ9qc/e4y0W3h6Z3hvsLJtVTFIiXbUiMqRBCY=
Subject key identifier:   71:40:A0:38:A4:81:71:6E:6D:71:AB:AE:D5:46:BE:A0:7A:85:EE:D2
Authority key identifier: DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD
Certificate issuer:       /CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
Certificate serial:       019D2AE0C481BC9591AAE49E0065CC803EF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 16:01:06 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:06 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:06 +0000
Files and hashes:         1: 2nGl-6KA1tAY7MOp1-WMPGEeav0.crl (hash: 6z0qzbe648FcqoG8w+Q5EU/FJOTh8RJtxxJiwEJW/ao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:c4:81:bc:95:91:aa:e4:9e:00:65:cc:80:3e:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
        Validity
            Not Before: Mar 26 16:01:06 2026 GMT
            Not After : Mar 27 16:01:06 2026 GMT
        Subject: CN=7140a038a481716e6d71abaed546bea07a85eed2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:bb:97:a5:b9:d6:66:bb:30:58:be:1a:e8:8c:
                    83:22:57:b6:9a:6a:76:01:02:4d:f5:84:25:7b:a3:
                    8e:57:e6:ed:bd:8c:55:ed:12:21:8b:5a:c5:6c:2e:
                    be:e8:24:d1:83:17:b9:ba:97:b9:a4:aa:f1:92:56:
                    e7:bd:7c:51:a7:d2:f5:29:f7:e2:5e:b1:da:29:3f:
                    01:d8:0c:14:c7:2b:c3:df:be:77:7c:87:0b:66:9f:
                    60:16:9c:68:59:b8:d5:32:ce:3f:86:56:1a:69:66:
                    3f:f5:64:22:49:0e:d2:92:82:dc:bf:16:b6:4a:b9:
                    7d:fb:84:e4:45:a0:2c:48:28:3e:7e:af:35:c2:71:
                    ea:cb:75:1b:67:ac:b2:96:80:e5:f5:29:ea:69:06:
                    b4:4e:6a:ca:08:aa:e6:85:77:55:b6:4b:74:ac:c2:
                    85:46:79:57:ee:d2:d6:8e:fe:15:7b:40:5b:09:a6:
                    dd:64:4a:98:b8:7d:7c:04:fb:e7:8b:85:6d:93:1c:
                    da:04:b4:a9:c3:50:dc:62:fc:69:cc:5f:c6:20:c2:
                    fd:e0:e1:b5:2d:6c:58:25:6a:88:7f:35:f6:52:39:
                    2b:09:67:89:0d:40:5b:6e:d5:78:a7:e9:a5:c3:b7:
                    0e:9b:8f:ac:2e:7f:d2:02:25:a2:38:3b:d8:74:d8:
                    4f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:40:A0:38:A4:81:71:6E:6D:71:AB:AE:D5:46:BE:A0:7A:85:EE:D2
            X509v3 Authority Key Identifier:
                keyid:DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:76:55:d0:a4:ea:d7:47:8b:0b:47:36:8f:4f:60:de:bf:39:
         d8:16:a0:fc:64:1f:ca:9a:a2:0c:1f:c1:5f:4d:81:5b:14:00:
         1d:e9:cf:09:10:65:32:fa:97:7d:53:e6:e5:39:87:5c:90:ba:
         5c:e4:f4:b6:4f:5c:c7:5f:5b:9c:b6:6f:59:d3:76:ad:7c:9c:
         75:9a:fb:ed:a0:01:a3:d7:1e:68:e2:25:43:3d:e7:6c:80:66:
         61:ba:db:9f:fa:36:d2:26:89:bf:61:5e:d7:fd:7d:c9:04:da:
         77:47:89:ad:7e:fa:88:1d:85:c8:6e:e8:dc:02:06:33:9b:e0:
         06:dc:19:a0:6f:4c:17:f2:0e:51:62:1c:e8:4a:24:74:b6:71:
         86:19:c1:bf:fd:d3:7c:09:ce:7d:e3:d1:86:80:ce:93:84:ee:
         6b:61:ef:51:26:c1:1e:9a:9b:da:ac:8b:3e:11:72:77:00:53:
         69:5e:27:35:85:dc:13:3f:2d:54:34:11:5a:8a:ad:1a:3d:a1:
         f9:72:53:3b:ed:4a:1f:06:92:c3:91:e6:ef:15:ab:c4:1b:7d:
         8f:45:0d:cd:85:11:47:ac:cc:d7:41:00:6f:de:21:98:9d:02:
         44:9c:fc:87:c7:10:ea:0f:40:bc:d0:e2:39:d4:9c:55:0e:c2:
         8b:4d:f3:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4MSBvJWRquSeAGXMgD7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzFhNWZiYTI4MGQ2ZDAxOGVjYzNhOWQ3ZTU4YzNjNjEx
ZTZhZmQwHhcNMjYwMzI2MTYwMTA2WhcNMjYwMzI3MTYwMTA2WjAzMTEwLwYDVQQD
Eyg3MTQwYTAzOGE0ODE3MTZlNmQ3MWFiYWVkNTQ2YmVhMDdhODVlZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7uXpbnWZrswWL4a6IyDIle2mmp2
AQJN9YQle6OOV+btvYxV7RIhi1rFbC6+6CTRgxe5upe5pKrxklbnvXxRp9L1Kffi
XrHaKT8B2AwUxyvD3753fIcLZp9gFpxoWbjVMs4/hlYaaWY/9WQiSQ7SkoLcvxa2
Srl9+4TkRaAsSCg+fq81wnHqy3UbZ6yyloDl9SnqaQa0TmrKCKrmhXdVtkt0rMKF
RnlX7tLWjv4Ve0BbCabdZEqYuH18BPvni4VtkxzaBLSpw1DcYvxpzF/GIML94OG1
LWxYJWqIfzX2UjkrCWeJDUBbbtV4p+mlw7cOm4+sLn/SAiWiODvYdNhPdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFAoDikgXFubXGrrtVGvqB6he7SMB8GA1UdIwQY
MBaAFNpxpfuigNbQGOzDqdfljDxhHmr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2Yt
NGMyNDBhOTczZDFlLzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2YtNGMyNDBhOTczZDFl
LzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlXZV0KTq
10eLC0c2j09g3r852Bag/GQfypqiDB/BX02BWxQAHenPCRBlMvqXfVPm5TmHXJC6
XOT0tk9cx19bnLZvWdN2rXycdZr77aABo9ceaOIlQz3nbIBmYbrbn/o20iaJv2Fe
1/19yQTad0eJrX76iB2FyG7o3AIGM5vgBtwZoG9MF/IOUWIc6EokdLZxhhnBv/3T
fAnOfePRhoDOk4Tua2HvUSbBHpqb2qyLPhFydwBTaV4nNYXcEz8tVDQRWoqtGj2h
+XJTO+1KHwaSw5Hm7xWrxBt9j0UNzYURR6zM10EAb94hmJ0CRJz8h8cQ6g9AvNDi
OdScVQ7Ci03zwQ==
-----END CERTIFICATE-----