Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          y+3dAr57kGjQmrWRcF+tA4Fg0nBf/pE4Mu5jLNaPlRM=
Subject key identifier:   81:61:74:F9:38:0B:39:26:73:C2:5A:BE:AF:49:F0:02:80:D3:A0:98
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       019E1CB4E6E2FD20A4E0C73127026715E31E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          0BDC
Signing time:             Tue 12 May 2026 15:01:18 +0000
Manifest this update:     Tue 12 May 2026 15:01:18 +0000
Manifest next update:     Wed 13 May 2026 15:01:18 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: R5SwXPdfpBmnMDCxxh5mmTQpJXEa9NCLwA0iGswVA1o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:b4:e6:e2:fd:20:a4:e0:c7:31:27:02:67:15:e3:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: May 12 15:01:18 2026 GMT
            Not After : May 13 15:01:18 2026 GMT
        Subject: CN=816174f9380b392673c25abeaf49f00280d3a098
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f2:27:0c:2a:a7:7d:5c:71:bc:39:c6:69:97:
                    10:01:87:78:2a:4d:ef:0b:85:46:6d:a0:7b:30:ee:
                    0e:6c:28:d2:1a:df:44:c8:2c:70:f1:ec:26:ab:6a:
                    a9:8b:8c:46:f1:75:e8:43:f2:db:3f:d4:61:0f:47:
                    58:84:9c:6e:b1:15:6b:ac:d9:c4:2d:d1:4a:d4:3c:
                    3d:63:f3:de:cd:2f:06:87:da:a5:90:aa:33:da:1e:
                    c9:07:8e:55:b0:0d:af:3a:33:1d:9a:3f:c0:e5:0a:
                    91:72:5b:fd:a1:6b:31:d6:c6:3c:fa:1c:9e:90:ec:
                    6a:4e:e5:be:16:23:4d:cb:8e:59:21:60:e9:50:d5:
                    0c:f7:0f:14:a6:a4:40:a3:10:1e:7a:c5:97:14:64:
                    2c:f1:e8:e3:5b:80:50:d9:f3:2e:2b:18:0b:92:6b:
                    3c:bb:46:7d:7f:97:e0:05:05:f8:57:8c:b3:eb:b2:
                    4f:0d:4b:be:b1:ae:66:a9:87:64:11:99:03:3c:9e:
                    88:00:6c:16:9c:ee:1c:42:eb:91:2e:f3:65:67:d6:
                    20:63:1c:c1:9b:45:f3:4b:e9:15:1c:7a:c0:b3:54:
                    61:25:5f:03:d5:d5:96:eb:a5:8c:a1:c6:11:07:8a:
                    9a:c1:49:e8:c1:87:e0:0a:91:9e:cf:f0:b3:55:76:
                    a5:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:61:74:F9:38:0B:39:26:73:C2:5A:BE:AF:49:F0:02:80:D3:A0:98
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:e6:76:89:9f:68:2b:22:16:e0:ea:24:63:46:06:4d:ce:d7:
         84:db:42:e2:49:45:ed:d0:ce:21:3f:2d:fc:ee:80:f1:70:94:
         c5:51:1c:6c:be:64:a2:b8:98:bb:4e:4f:0a:61:80:5e:e9:71:
         e1:5b:08:e8:f5:cf:ce:36:ac:c1:53:eb:94:08:f1:bc:38:01:
         3f:db:d1:71:74:91:81:ab:9b:42:e4:71:d6:cd:1b:42:93:e0:
         5c:e6:d2:c1:b2:63:c7:52:5d:fa:87:5e:61:4b:4c:dd:56:fd:
         9a:25:0f:53:ea:73:84:cb:10:0d:3b:6d:fb:22:72:c2:aa:f4:
         5b:a5:f6:f6:f9:19:b2:22:5a:83:58:14:4a:b4:b0:24:c5:89:
         83:15:b6:cb:b2:a2:13:de:94:31:ca:d4:31:f1:50:22:1f:b3:
         79:52:2e:08:f5:23:f5:69:58:6f:18:89:20:56:b2:29:d8:cd:
         53:b0:c1:07:cb:f4:17:99:a3:6f:91:d8:60:bd:ba:72:a7:69:
         6a:2f:41:1f:4a:2e:cd:90:d9:34:f2:44:e9:9d:39:fe:70:4f:
         75:da:9b:7d:6b:aa:da:fe:3d:4a:15:12:22:c0:95:b6:22:97:
         2f:a1:fb:50:89:05:9e:ce:0f:fa:25:f0:3f:28:1c:fc:1c:01:
         03:d1:83:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ctObi/SCk4McxJwJnFeMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjYwNTEyMTUwMTE4WhcNMjYwNTEzMTUwMTE4WjAzMTEwLwYDVQQD
Eyg4MTYxNzRmOTM4MGIzOTI2NzNjMjVhYmVhZjQ5ZjAwMjgwZDNhMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvInDCqnfVxxvDnGaZcQAYd4Kk3v
C4VGbaB7MO4ObCjSGt9EyCxw8ewmq2qpi4xG8XXoQ/LbP9RhD0dYhJxusRVrrNnE
LdFK1Dw9Y/PezS8Gh9qlkKoz2h7JB45VsA2vOjMdmj/A5QqRclv9oWsx1sY8+hye
kOxqTuW+FiNNy45ZIWDpUNUM9w8UpqRAoxAeesWXFGQs8ejjW4BQ2fMuKxgLkms8
u0Z9f5fgBQX4V4yz67JPDUu+sa5mqYdkEZkDPJ6IAGwWnO4cQuuRLvNlZ9YgYxzB
m0XzS+kVHHrAs1RhJV8D1dWW66WMocYRB4qawUnowYfgCpGez/CzVXalwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFhdPk4Czkmc8Javq9J8AKA06CYMB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUuZ2iZ9o
KyIW4OokY0YGTc7XhNtC4klF7dDOIT8t/O6A8XCUxVEcbL5koriYu05PCmGAXulx
4VsI6PXPzjaswVPrlAjxvDgBP9vRcXSRgaubQuRx1s0bQpPgXObSwbJjx1Jd+ode
YUtM3Vb9miUPU+pzhMsQDTtt+yJywqr0W6X29vkZsiJag1gUSrSwJMWJgxW2y7Ki
E96UMcrUMfFQIh+zeVIuCPUj9WlYbxiJIFayKdjNU7DBB8v0F5mjb5HYYL26cqdp
ai9BH0ouzZDZNPJE6Z05/nBPddqbfWuq2v49ShUSIsCVtiKXL6H7UIkFns4P+iXw
Pygc/BwBA9GDMQ==
-----END CERTIFICATE-----