Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          6krayT9ZQkJ8VwLliH6WwvLxasCNOrK3xBM3IyXf7r0=
Subject key identifier:   24:97:9F:86:D2:72:2F:D2:3C:8E:F5:00:69:D9:DD:5B:09:70:4F:C8
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       019D28F231A4DEDB5A204D5A49F21647A2CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          090B
Signing time:             Thu 26 Mar 2026 07:00:54 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:54 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:54 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: fxkJGkm8ugfDFMtVffTfTskBpUS1yWOwnSi/EKZQLt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:31:a4:de:db:5a:20:4d:5a:49:f2:16:47:a2:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Mar 26 07:00:54 2026 GMT
            Not After : Mar 27 07:00:54 2026 GMT
        Subject: CN=24979f86d2722fd23c8ef50069d9dd5b09704fc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:6c:19:2a:b4:ba:32:dc:eb:ee:cf:81:97:df:
                    53:5c:08:4e:49:85:fa:f7:5f:c4:b1:fa:b0:60:59:
                    a2:c4:36:c5:f2:df:cb:cf:29:36:58:25:9e:1e:1d:
                    18:e2:0c:83:bd:ce:95:bf:f2:d3:a4:a6:0a:9b:7f:
                    8e:a7:2a:db:2d:1e:5b:e7:24:c4:ca:8a:63:e6:7c:
                    07:56:5e:85:3f:5f:7e:76:6c:74:42:6d:d7:a1:86:
                    ac:86:69:93:20:fc:ec:73:50:6b:fb:91:7c:65:30:
                    b2:c9:d6:f0:c1:d9:d3:87:eb:79:34:dd:22:f3:94:
                    f2:de:4c:5b:ec:b9:57:c1:49:44:24:45:8f:3d:4f:
                    5c:0a:b5:f0:95:89:49:c8:b4:54:d3:c7:79:f1:a8:
                    ec:09:b0:4d:fb:2f:93:b1:41:65:b5:e0:b9:b5:f7:
                    df:15:f5:2e:6a:13:12:6b:ac:b5:7e:c7:5a:ec:eb:
                    ca:9c:91:cd:75:3c:76:b1:e4:82:f9:16:55:1b:07:
                    2a:6a:2c:c3:1f:c0:34:40:50:86:ad:a9:4b:89:82:
                    b5:c3:ac:bb:63:c4:8c:5b:6b:03:db:47:2c:8b:51:
                    71:45:9e:87:8b:0b:e8:50:20:e2:77:86:69:72:40:
                    6e:1c:cb:25:d9:36:d1:f8:11:09:ea:d3:c1:e5:34:
                    54:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:97:9F:86:D2:72:2F:D2:3C:8E:F5:00:69:D9:DD:5B:09:70:4F:C8
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:47:69:2d:24:a3:7c:bc:c0:02:2f:99:fe:16:84:9a:c4:f8:
         f5:90:dc:7f:9c:ee:ed:29:b6:ae:e4:91:65:c0:ab:42:da:1e:
         f8:fc:5e:a8:b8:b7:87:f8:93:55:3d:7c:c8:81:41:37:aa:6e:
         ad:36:e1:5e:f4:5b:e7:62:9a:bf:de:02:32:9e:5b:88:c9:9c:
         2c:82:20:e6:31:7a:35:a2:16:e1:f4:29:5e:95:19:28:42:83:
         d6:4d:36:e6:e4:98:f9:70:db:54:c7:cb:77:4f:44:71:d8:b0:
         35:1a:7d:a8:cf:25:7f:27:f6:d9:35:25:57:32:8d:8c:cf:66:
         63:3f:d3:73:e9:14:9b:7c:89:13:56:97:a9:ab:2e:57:ac:6e:
         7b:a9:b3:9c:29:81:e0:d6:47:0d:ce:ea:68:d8:92:a3:9b:e7:
         5c:73:31:08:b6:2d:82:eb:06:30:f4:a1:35:79:d8:0a:c6:10:
         c6:25:60:f4:95:0d:46:b1:c7:12:66:47:e2:a2:50:c9:45:c9:
         2e:5c:9c:38:e2:69:78:4d:e9:3f:85:4d:17:6e:e7:24:ad:c3:
         59:69:1f:4b:d8:c1:d1:2c:1c:6b:10:83:fa:49:09:56:4e:35:
         80:56:f4:82:38:c8:92:cc:58:22:ec:de:63:9d:a8:ac:f8:38:
         e4:ed:c7:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8jGk3ttaIE1aSfIWR6LMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjYwMzI2MDcwMDU0WhcNMjYwMzI3MDcwMDU0WjAzMTEwLwYDVQQD
EygyNDk3OWY4NmQyNzIyZmQyM2M4ZWY1MDA2OWQ5ZGQ1YjA5NzA0ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGwZKrS6Mtzr7s+Bl99TXAhOSYX6
91/EsfqwYFmixDbF8t/Lzyk2WCWeHh0Y4gyDvc6Vv/LTpKYKm3+OpyrbLR5b5yTE
yopj5nwHVl6FP19+dmx0Qm3XoYashmmTIPzsc1Br+5F8ZTCyydbwwdnTh+t5NN0i
85Ty3kxb7LlXwUlEJEWPPU9cCrXwlYlJyLRU08d58ajsCbBN+y+TsUFlteC5tfff
FfUuahMSa6y1fsda7OvKnJHNdTx2seSC+RZVGwcqaizDH8A0QFCGralLiYK1w6y7
Y8SMW2sD20csi1FxRZ6HiwvoUCDid4ZpckBuHMsl2TbR+BEJ6tPB5TRUtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSXn4bSci/SPI71AGnZ3VsJcE/IMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGUdpLSSj
fLzAAi+Z/haEmsT49ZDcf5zu7Sm2ruSRZcCrQtoe+PxeqLi3h/iTVT18yIFBN6pu
rTbhXvRb52Kav94CMp5biMmcLIIg5jF6NaIW4fQpXpUZKEKD1k025uSY+XDbVMfL
d09EcdiwNRp9qM8lfyf22TUlVzKNjM9mYz/Tc+kUm3yJE1aXqasuV6xue6mznCmB
4NZHDc7qaNiSo5vnXHMxCLYtgusGMPShNXnYCsYQxiVg9JUNRrHHEmZH4qJQyUXJ
LlycOOJpeE3pP4VNF27nJK3DWWkfS9jB0SwcaxCD+kkJVk41gFb0gjjIksxYIuze
Y52orPg45O3HUw==
-----END CERTIFICATE-----