Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
File:                     2lPr-vXBh42KIqk44XMqigdxTzU.mft (raw, json)
Hash identifier:          XVUAdiSDkFGZmwp/bS9wxXT5pn5YMR6ucyJVJQEpino=
Subject key identifier:   2A:21:8F:C0:49:E4:3F:76:95:02:F3:12:96:46:56:8E:1F:20:22:58
Authority key identifier: DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35
Certificate issuer:       /CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
Certificate serial:       019D284D454984DD23A416C37D1CB90B3774
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 04:00:45 +0000
Manifest this update:     Thu 26 Mar 2026 04:00:45 +0000
Manifest next update:     Fri 27 Mar 2026 04:00:45 +0000
Files and hashes:         1: 2lPr-vXBh42KIqk44XMqigdxTzU.crl (hash: SwAXKvXZvhnqsusvDnOVJSlFLBJ3SV8KY6jTVUD6IQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:45:49:84:dd:23:a4:16:c3:7d:1c:b9:0b:37:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
        Validity
            Not Before: Mar 26 04:00:45 2026 GMT
            Not After : Mar 27 04:00:45 2026 GMT
        Subject: CN=2a218fc049e43f769502f3129646568e1f202258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c1:0f:23:8c:d8:b9:f7:9c:f5:02:1e:f5:64:
                    d8:62:75:74:0d:2b:9f:f5:7d:3c:63:1c:21:6f:56:
                    dd:7a:de:4f:9c:ae:14:ab:c2:67:89:9b:32:28:d1:
                    8b:7a:c7:a3:03:36:0f:aa:f0:3e:70:28:2b:b3:85:
                    35:9c:e2:d3:f2:92:7f:91:ac:33:cf:da:5b:75:5c:
                    8d:05:09:56:7a:aa:ec:86:f2:5d:3a:83:af:4b:7b:
                    16:93:77:0c:ab:50:ff:76:f3:93:41:f0:b9:0d:00:
                    5e:2b:93:20:f3:3b:7e:d1:b1:b7:c2:e8:88:a4:c3:
                    c9:49:23:ed:2b:f6:03:ff:c9:09:17:39:4e:8f:1e:
                    71:51:8a:32:af:03:0c:76:19:d1:d5:c2:97:a4:78:
                    4b:40:f8:cd:04:17:0a:62:d8:57:b6:44:be:ce:58:
                    83:41:a1:91:2c:83:5e:56:11:75:95:11:01:99:35:
                    05:23:94:83:61:a8:2f:15:b4:9d:4c:fb:f8:89:20:
                    e7:47:8b:c8:a9:1e:fa:16:39:69:59:bf:aa:11:d7:
                    9c:ff:64:ed:01:36:fe:06:eb:29:f2:34:f0:fc:d9:
                    81:49:9e:3f:84:90:80:26:84:7e:21:db:88:cf:5f:
                    5d:38:5f:8b:9e:7d:62:7d:fc:4d:46:d2:56:03:a4:
                    0e:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:21:8F:C0:49:E4:3F:76:95:02:F3:12:96:46:56:8E:1F:20:22:58
            X509v3 Authority Key Identifier:
                keyid:DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:e0:8c:5b:38:38:4c:6f:89:07:33:74:4c:96:f6:62:bd:cf:
         03:45:bc:2f:fe:f4:c3:a6:41:fc:f8:7d:bb:f5:9e:3e:86:b8:
         51:df:c1:7c:c7:d6:68:d2:88:da:88:72:92:d5:2d:8b:56:08:
         be:be:13:b2:bc:83:bb:e7:cd:28:30:15:55:45:e9:f9:5a:4e:
         93:7d:d2:76:28:11:85:08:51:93:d6:4e:d6:28:cd:79:7f:07:
         3b:c0:aa:d4:5d:8f:cd:f7:f9:60:dd:69:b0:ca:af:0b:44:9c:
         f3:db:6c:36:af:44:04:64:d7:69:2e:56:2d:8e:3d:56:c5:cc:
         b9:cf:e2:35:30:e8:93:9a:02:0a:e2:fa:42:69:dc:b9:9f:96:
         0f:57:f1:d2:4f:85:e1:be:03:65:8d:9f:59:38:7b:f8:2d:49:
         a1:e8:41:bc:eb:0d:d3:41:d5:26:88:89:dc:5b:cb:b8:7f:d0:
         a2:8c:ba:5c:69:9a:c4:51:bb:0f:91:f5:fb:4c:d5:06:3b:e5:
         6f:4c:8d:30:d1:a3:9a:a0:26:6d:92:74:dd:4c:6c:35:0b:1a:
         e6:f6:31:95:0d:66:c4:38:5a:9e:a5:35:2b:ae:09:cc:00:8e:
         61:8d:0e:fd:39:34:eb:25:a8:c3:02:ea:e8:a9:8c:cf:ce:28:
         25:de:e0:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTUVJhN0jpBbDfRy5Czd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTNlYmZhZjVjMTg3OGQ4YTIyYTkzOGUxNzMyYThhMDc3
MTRmMzUwHhcNMjYwMzI2MDQwMDQ1WhcNMjYwMzI3MDQwMDQ1WjAzMTEwLwYDVQQD
EygyYTIxOGZjMDQ5ZTQzZjc2OTUwMmYzMTI5NjQ2NTY4ZTFmMjAyMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMEPI4zYufec9QIe9WTYYnV0DSuf
9X08Yxwhb1bdet5PnK4Uq8JniZsyKNGLesejAzYPqvA+cCgrs4U1nOLT8pJ/kawz
z9pbdVyNBQlWeqrshvJdOoOvS3sWk3cMq1D/dvOTQfC5DQBeK5Mg8zt+0bG3wuiI
pMPJSSPtK/YD/8kJFzlOjx5xUYoyrwMMdhnR1cKXpHhLQPjNBBcKYthXtkS+zliD
QaGRLINeVhF1lREBmTUFI5SDYagvFbSdTPv4iSDnR4vIqR76FjlpWb+qEdec/2Tt
ATb+Busp8jTw/NmBSZ4/hJCAJoR+IduIz19dOF+Lnn1iffxNRtJWA6QOiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCohj8BJ5D92lQLzEpZGVo4fICJYMB8GA1UdIwQY
MBaAFNpT6/r1wYeNiiKpOOFzKooHcU81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgt
OTNjOWU2YjA5M2JjLzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgtOTNjOWU2YjA5M2Jj
LzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjeCMWzg4
TG+JBzN0TJb2Yr3PA0W8L/70w6ZB/Ph9u/WePoa4Ud/BfMfWaNKI2ohyktUti1YI
vr4TsryDu+fNKDAVVUXp+VpOk33SdigRhQhRk9ZO1ijNeX8HO8Cq1F2Pzff5YN1p
sMqvC0Sc89tsNq9EBGTXaS5WLY49VsXMuc/iNTDok5oCCuL6QmncuZ+WD1fx0k+F
4b4DZY2fWTh7+C1JoehBvOsN00HVJoiJ3FvLuH/Qooy6XGmaxFG7D5H1+0zVBjvl
b0yNMNGjmqAmbZJ03UxsNQsa5vYxlQ1mxDhanqU1K64JzACOYY0O/Tk06yWowwLq
6KmMz84oJd7gFw==
-----END CERTIFICATE-----