Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          XeV6KTlfP22ASV1Y2ulCnqa439FcU0w2jcd2LPXAraw=
Subject key identifier:   3E:26:97:0D:4E:F2:07:71:83:E8:56:5C:CE:AF:B8:CE:21:07:6D:7C
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       019D292992586DCCDE9FE470AA7F6722127C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 08:01:23 +0000
Manifest this update:     Thu 26 Mar 2026 08:01:23 +0000
Manifest next update:     Fri 27 Mar 2026 08:01:23 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: tQiDJX686QsIkB2wopFFPJRYYlTyWMuoH27Jt/ynJGE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 08:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:29:92:58:6d:cc:de:9f:e4:70:aa:7f:67:22:12:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: Mar 26 08:01:23 2026 GMT
            Not After : Mar 27 08:01:23 2026 GMT
        Subject: CN=3e26970d4ef2077183e8565cceafb8ce21076d7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:01:65:50:64:31:e6:05:d6:47:74:f9:8e:2a:
                    91:b1:01:4b:55:45:c0:94:bc:e5:e5:f4:38:4a:c9:
                    e0:8b:13:6f:6f:12:93:7c:e3:04:2f:ee:6b:70:60:
                    a5:2d:26:21:51:04:10:12:c6:f9:8a:13:d7:80:97:
                    6a:53:c3:84:b3:df:8e:5e:3f:25:cf:71:15:d3:73:
                    f6:53:43:6f:23:20:3c:1d:35:d9:d0:6f:aa:92:a1:
                    db:cd:f8:f0:7a:72:fa:f5:8c:b9:8e:32:18:ca:fc:
                    53:75:32:63:78:88:0d:da:cf:03:19:96:a6:e7:08:
                    87:a0:7b:8c:43:d0:4a:20:46:8e:db:4e:fa:1e:bc:
                    08:83:33:b7:2f:09:87:6d:7a:f6:cb:23:6d:69:5a:
                    1b:83:dc:de:d9:0a:7f:5b:f7:b8:25:b7:01:bc:9c:
                    95:7e:ce:98:d8:b0:e8:fc:c5:a8:fc:c8:a5:12:15:
                    cd:09:f2:e3:91:e6:b1:8e:86:8f:ad:5f:55:dc:90:
                    ec:eb:eb:80:2e:9d:77:65:1d:74:67:4b:22:47:a3:
                    72:f3:5f:51:53:a7:bb:ad:d0:4a:18:14:b7:a0:0f:
                    e3:b8:13:dc:9f:3b:30:95:a4:0d:ab:eb:c0:cb:7e:
                    a8:c2:35:cd:1e:bc:aa:3a:06:d8:87:e5:7c:85:c6:
                    98:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:26:97:0D:4E:F2:07:71:83:E8:56:5C:CE:AF:B8:CE:21:07:6D:7C
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:c0:6d:d8:bc:4d:77:b0:03:18:f4:de:e4:59:79:02:2b:18:
         99:5e:6c:d8:6a:20:3a:f7:34:2c:12:4e:01:aa:eb:87:fe:e2:
         25:51:06:c5:54:e0:98:15:66:27:3f:7b:25:b4:95:61:f1:54:
         be:d4:d2:be:30:ff:d0:c1:82:56:8b:a7:8c:c8:16:80:c2:32:
         05:ac:d3:5b:da:c1:be:90:ee:3b:08:16:57:e5:b5:77:8d:a3:
         55:d2:cd:8c:ce:c5:51:3f:39:1b:55:d4:13:5a:4c:2b:ff:3d:
         e4:d8:a0:fd:33:f8:e3:bf:da:70:5b:f7:2e:44:27:36:63:ed:
         fc:7c:06:ef:d3:90:4f:87:0d:bb:3f:43:12:9c:5c:5c:54:dd:
         dc:38:ae:ee:ea:79:39:f3:51:6c:68:46:3e:48:8d:9f:39:66:
         1e:47:dc:aa:15:b6:69:63:52:5c:09:3d:ad:1e:45:a7:82:2d:
         93:ed:63:83:f9:73:a2:c7:d1:21:ae:e2:e3:2d:bc:f9:ea:b2:
         de:84:8f:23:30:c7:b7:b6:3d:03:f2:d5:06:37:b9:7b:7b:5a:
         79:73:58:ea:4e:63:3b:b7:6b:46:8e:86:63:a2:f5:85:91:48:
         dd:51:c8:a5:dc:f3:12:d6:22:d5:b6:1b:cf:ea:f7:a1:04:45:
         91:3c:23:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKZJYbczen+Rwqn9nIhJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjYwMzI2MDgwMTIzWhcNMjYwMzI3MDgwMTIzWjAzMTEwLwYDVQQD
EygzZTI2OTcwZDRlZjIwNzcxODNlODU2NWNjZWFmYjhjZTIxMDc2ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwFlUGQx5gXWR3T5jiqRsQFLVUXA
lLzl5fQ4SsngixNvbxKTfOMEL+5rcGClLSYhUQQQEsb5ihPXgJdqU8OEs9+OXj8l
z3EV03P2U0NvIyA8HTXZ0G+qkqHbzfjwenL69Yy5jjIYyvxTdTJjeIgN2s8DGZam
5wiHoHuMQ9BKIEaO2076HrwIgzO3LwmHbXr2yyNtaVobg9ze2Qp/W/e4JbcBvJyV
fs6Y2LDo/MWo/MilEhXNCfLjkeaxjoaPrV9V3JDs6+uALp13ZR10Z0siR6Ny819R
U6e7rdBKGBS3oA/juBPcnzswlaQNq+vAy36owjXNHryqOgbYh+V8hcaYtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD4mlw1O8gdxg+hWXM6vuM4hB218MB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS8Bt2LxN
d7ADGPTe5Fl5AisYmV5s2GogOvc0LBJOAarrh/7iJVEGxVTgmBVmJz97JbSVYfFU
vtTSvjD/0MGCVounjMgWgMIyBazTW9rBvpDuOwgWV+W1d42jVdLNjM7FUT85G1XU
E1pMK/895Nig/TP447/acFv3LkQnNmPt/HwG79OQT4cNuz9DEpxcXFTd3Diu7up5
OfNRbGhGPkiNnzlmHkfcqhW2aWNSXAk9rR5Fp4Itk+1jg/lzosfRIa7i4y28+eqy
3oSPIzDHt7Y9A/LVBje5e3taeXNY6k5jO7drRo6GY6L1hZFI3VHIpdzzEtYi1bYb
z+r3oQRFkTwjHQ==
-----END CERTIFICATE-----