Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
File:                     2nGl-6KA1tAY7MOp1-WMPGEeav0.mft (raw, json)
Hash identifier:          E6iACTYaq6jIfnPD5TXHWSXzkFyA4w1co0s/yPwNlow=
Subject key identifier:   E9:2B:F3:71:A6:4C:B3:0A:92:FC:FD:F1:6F:9B:63:BA:27:C3:8C:03
Authority key identifier: DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD
Certificate issuer:       /CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
Certificate serial:       019E1C47999D081CA6E063085635C42D3F29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
Manifest number:          1901
Signing time:             Tue 12 May 2026 13:01:54 +0000
Manifest this update:     Tue 12 May 2026 13:01:54 +0000
Manifest next update:     Wed 13 May 2026 13:01:54 +0000
Files and hashes:         1: 2nGl-6KA1tAY7MOp1-WMPGEeav0.crl (hash: u282d7za+XMInTXze5pXpe4T4Ft4VbmJotS7WRse/vU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:47:99:9d:08:1c:a6:e0:63:08:56:35:c4:2d:3f:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
        Validity
            Not Before: May 12 13:01:54 2026 GMT
            Not After : May 13 13:01:54 2026 GMT
        Subject: CN=e92bf371a64cb30a92fcfdf16f9b63ba27c38c03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ce:90:1a:59:2f:b4:2c:5f:e5:f8:d3:77:10:
                    28:02:79:cf:e1:3e:a6:f1:0d:1d:56:18:f7:a2:8e:
                    08:1f:77:70:5a:c0:5b:b1:37:f1:17:08:ba:44:1b:
                    36:83:dd:d9:61:0d:50:e3:90:32:98:c5:1c:42:e7:
                    96:38:11:17:d1:10:12:ed:c2:80:8b:f3:0c:7c:12:
                    dd:b9:06:42:1e:2e:2e:8c:1c:ac:ce:fd:82:c1:5c:
                    70:4a:dc:b8:57:14:89:ec:d6:e8:ae:52:1f:a0:62:
                    ca:ab:17:40:89:49:a9:05:23:68:38:19:d7:d1:83:
                    82:78:ea:c8:65:6b:54:d5:e3:a9:9e:8b:a5:fd:09:
                    50:bb:88:aa:24:66:62:29:86:3a:a6:eb:86:2a:34:
                    d9:54:02:c0:de:d1:7d:93:f3:ca:20:3c:a0:b6:d4:
                    da:5a:b5:1f:c3:58:ac:db:a7:1a:5a:99:f1:ee:18:
                    0f:fe:13:e0:86:29:ef:d8:aa:87:5e:05:13:f3:ad:
                    b6:92:4d:9a:55:92:71:d8:7f:89:72:d9:26:11:dc:
                    d8:92:df:19:b7:cc:d9:cc:d4:fc:63:66:1e:6e:bf:
                    37:ee:9f:8d:7a:2d:ba:d2:74:07:95:65:9e:43:28:
                    ae:67:e2:6d:15:73:6f:3b:3a:22:3d:76:e0:17:35:
                    9f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:2B:F3:71:A6:4C:B3:0A:92:FC:FD:F1:6F:9B:63:BA:27:C3:8C:03
            X509v3 Authority Key Identifier:
                keyid:DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:e3:e0:0b:a1:96:70:e3:6b:ca:f7:4f:f8:66:8a:8f:b2:44:
         b5:8e:ae:76:a5:4f:8e:ed:f4:54:12:44:1d:a5:f8:bc:c9:41:
         03:b6:65:57:fa:82:b4:2a:11:cd:57:91:76:2d:33:71:9f:f7:
         f9:81:ea:0d:81:08:e7:f4:09:29:88:46:51:99:c8:76:20:3a:
         9b:58:01:55:77:62:3b:10:c3:2c:46:06:aa:19:ea:21:36:17:
         eb:9b:a0:4c:9a:5a:f0:93:ac:2e:12:27:29:e6:ea:26:bb:77:
         7f:bb:17:9a:a5:45:21:1a:08:19:12:57:fe:9a:c2:3a:29:97:
         cc:a2:b8:01:3c:99:9d:38:3b:b2:1f:bf:fa:1a:03:9a:b4:ed:
         39:ce:40:36:f7:4c:df:3d:8f:8b:54:33:71:dc:86:92:5f:45:
         0c:f3:a3:63:9d:d7:ef:19:95:b5:3b:14:54:a1:8b:7a:6e:66:
         ca:5c:55:ce:6b:c0:30:95:08:fa:03:2c:b9:7c:99:27:15:fb:
         2f:96:a9:8b:b0:bb:a9:5a:ba:f0:ec:67:e5:a0:d5:0b:2b:bf:
         e1:6e:a7:6e:89:52:e4:6c:c6:12:ea:67:5a:0c:04:f0:b1:de:
         cd:e9:17:12:92:0f:75:6b:c6:c4:5d:9e:0c:d8:6b:3c:82:bd:
         7c:34:d7:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cR5mdCBym4GMIVjXELT8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzFhNWZiYTI4MGQ2ZDAxOGVjYzNhOWQ3ZTU4YzNjNjEx
ZTZhZmQwHhcNMjYwNTEyMTMwMTU0WhcNMjYwNTEzMTMwMTU0WjAzMTEwLwYDVQQD
EyhlOTJiZjM3MWE2NGNiMzBhOTJmY2ZkZjE2ZjliNjNiYTI3YzM4YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAus6QGlkvtCxf5fjTdxAoAnnP4T6m
8Q0dVhj3oo4IH3dwWsBbsTfxFwi6RBs2g93ZYQ1Q45AymMUcQueWOBEX0RAS7cKA
i/MMfBLduQZCHi4ujByszv2CwVxwSty4VxSJ7NborlIfoGLKqxdAiUmpBSNoOBnX
0YOCeOrIZWtU1eOpnoul/QlQu4iqJGZiKYY6puuGKjTZVALA3tF9k/PKIDygttTa
WrUfw1is26caWpnx7hgP/hPghinv2KqHXgUT8622kk2aVZJx2H+JctkmEdzYkt8Z
t8zZzNT8Y2Yebr837p+Nei260nQHlWWeQyiuZ+JtFXNvOzoiPXbgFzWfcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOkr83GmTLMKkvz98W+bY7onw4wDMB8GA1UdIwQY
MBaAFNpxpfuigNbQGOzDqdfljDxhHmr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2Yt
NGMyNDBhOTczZDFlLzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2YtNGMyNDBhOTczZDFl
LzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMePgC6GW
cONryvdP+GaKj7JEtY6udqVPju30VBJEHaX4vMlBA7ZlV/qCtCoRzVeRdi0zcZ/3
+YHqDYEI5/QJKYhGUZnIdiA6m1gBVXdiOxDDLEYGqhnqITYX65ugTJpa8JOsLhIn
KebqJrt3f7sXmqVFIRoIGRJX/prCOimXzKK4ATyZnTg7sh+/+hoDmrTtOc5ANvdM
3z2Pi1QzcdyGkl9FDPOjY53X7xmVtTsUVKGLem5mylxVzmvAMJUI+gMsuXyZJxX7
L5api7C7qVq68Oxn5aDVCyu/4W6nbolS5GzGEupnWgwE8LHezekXEpIPdWvGxF2e
DNhrPIK9fDTXFg==
-----END CERTIFICATE-----