Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          E+pP0eeZoWcsV4eG62g0p7Yuy2Ro4S3gAfcSwr51z7Y=
Subject key identifier:   B6:F9:5E:C7:39:FF:CC:A9:D7:18:3D:BA:E8:33:62:59:CD:70:36:F9
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       019E1F1188672C7693AFC5627271E8140BA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          062D
Signing time:             Wed 13 May 2026 02:01:43 +0000
Manifest this update:     Wed 13 May 2026 02:01:43 +0000
Manifest next update:     Thu 14 May 2026 02:01:43 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: EuKZ1ha0dOMHipmoOG7MayF+nzbq3IziWJU6/O6oJQg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 14 May 2026 02:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1f:11:88:67:2c:76:93:af:c5:62:72:71:e8:14:0b:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: May 13 02:01:43 2026 GMT
            Not After : May 14 02:01:43 2026 GMT
        Subject: CN=b6f95ec739ffcca9d7183dbae8336259cd7036f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:4d:4a:6c:48:ee:4c:61:38:d4:27:93:de:f7:
                    83:36:f6:e1:7c:99:67:ad:e2:dc:93:07:7c:57:ad:
                    7f:98:cb:84:b7:48:e7:e6:13:9a:57:a1:df:6e:c7:
                    d8:f9:b5:91:d7:09:e2:fe:83:a4:63:79:75:74:c9:
                    b3:47:77:e6:6c:d5:ef:a6:49:38:31:f0:14:09:b1:
                    07:67:be:2f:52:a0:86:d1:89:73:70:70:b7:75:4a:
                    dc:75:db:6f:2c:15:4f:5d:00:e6:c9:c3:4a:da:ec:
                    17:58:b8:6d:a9:4c:23:ba:18:36:74:3d:e9:2d:f8:
                    58:05:23:f4:e2:9d:b2:e8:66:63:42:bc:8b:bb:2e:
                    dd:30:68:de:f3:6c:0a:09:38:bb:d0:55:aa:e9:03:
                    1d:81:e7:6e:0a:68:0e:b6:ca:57:04:da:59:59:87:
                    b5:ec:15:1a:5b:07:5e:a8:3b:cb:38:6c:35:f9:32:
                    9b:d4:94:8f:2d:07:2e:62:ae:a7:32:17:25:51:10:
                    97:5b:1b:ea:8d:16:1b:41:06:5a:44:97:b6:b0:7e:
                    af:05:5a:95:77:01:b0:eb:8b:b4:a7:94:e2:b1:a1:
                    f6:ef:81:ce:91:58:4b:55:f3:93:1e:46:45:3d:eb:
                    fb:e6:49:90:a3:a1:31:a2:49:d6:56:5a:f7:9d:72:
                    ff:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:F9:5E:C7:39:FF:CC:A9:D7:18:3D:BA:E8:33:62:59:CD:70:36:F9
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d8:e6:18:2c:04:47:27:7d:63:3e:94:47:0b:56:88:33:cb:f4:
         70:43:58:0f:14:90:55:2c:81:1d:ac:06:9e:1d:ad:9b:50:71:
         4c:db:4b:21:76:7c:73:79:f5:9c:1d:6b:ef:91:1d:d4:d7:5e:
         b0:1c:8a:82:c4:bb:a4:c7:16:97:ff:9b:28:3d:9e:82:b2:f6:
         30:50:31:66:a6:9a:2c:ec:7f:3a:05:37:4d:71:1f:4d:a2:f8:
         3c:d2:8a:b8:cc:d3:16:86:e4:63:85:9d:72:48:7c:1e:8d:15:
         09:25:8a:bf:79:01:ae:5a:91:73:5a:22:b7:9b:c5:ee:20:08:
         e9:30:9d:e3:96:3e:2f:91:02:e8:68:5e:c9:e7:1b:fe:de:9d:
         93:ff:53:b4:36:77:0d:b2:44:8e:9d:89:03:a2:32:e0:d2:fd:
         b1:a5:96:c5:59:00:24:eb:ba:ad:f1:ce:5b:f3:4c:10:9e:88:
         3d:30:9b:4b:c5:ee:c7:16:89:8f:11:48:5b:f6:ee:ef:90:a1:
         06:c3:dc:57:f0:1d:35:c7:72:52:22:6c:60:7c:23:e7:fb:57:
         f0:52:28:e8:32:f6:57:76:e9:c6:a7:5e:8a:dd:93:2e:cb:c4:
         ba:0d:86:6b:28:bc:8f:65:f3:e9:ee:ea:ad:3e:7a:a4:7f:7b:
         e1:71:c5:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fEYhnLHaTr8VicnHoFAuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjYwNTEzMDIwMTQzWhcNMjYwNTE0MDIwMTQzWjAzMTEwLwYDVQQD
EyhiNmY5NWVjNzM5ZmZjY2E5ZDcxODNkYmFlODMzNjI1OWNkNzAzNmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxU1KbEjuTGE41CeT3veDNvbhfJln
reLckwd8V61/mMuEt0jn5hOaV6HfbsfY+bWR1wni/oOkY3l1dMmzR3fmbNXvpkk4
MfAUCbEHZ74vUqCG0YlzcHC3dUrcddtvLBVPXQDmycNK2uwXWLhtqUwjuhg2dD3p
LfhYBSP04p2y6GZjQryLuy7dMGje82wKCTi70FWq6QMdgeduCmgOtspXBNpZWYe1
7BUaWwdeqDvLOGw1+TKb1JSPLQcuYq6nMhclURCXWxvqjRYbQQZaRJe2sH6vBVqV
dwGw64u0p5TisaH274HOkVhLVfOTHkZFPev75kmQo6ExoknWVlr3nXL/JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLb5Xsc5/8yp1xg9uugzYlnNcDb5MB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2OYYLARH
J31jPpRHC1aIM8v0cENYDxSQVSyBHawGnh2tm1BxTNtLIXZ8c3n1nB1r75Ed1Nde
sByKgsS7pMcWl/+bKD2egrL2MFAxZqaaLOx/OgU3TXEfTaL4PNKKuMzTFobkY4Wd
ckh8Ho0VCSWKv3kBrlqRc1oit5vF7iAI6TCd45Y+L5EC6Gheyecb/t6dk/9TtDZ3
DbJEjp2JA6Iy4NL9saWWxVkAJOu6rfHOW/NMEJ6IPTCbS8XuxxaJjxFIW/bu75Ch
BsPcV/AdNcdyUiJsYHwj5/tX8FIo6DL2V3bpxqdeit2TLsvEug2Gayi8j2Xz6e7q
rT56pH974XHFAw==
-----END CERTIFICATE-----