Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
File:                     2IUFXXA5jPDHLM6sXlga1A8gPvw.mft (raw, json)
Hash identifier:          yD7GG24A/fOVbkz5FokrfcHatFUC091hI+HCLsQTZeE=
Subject key identifier:   86:07:51:E8:79:29:B7:7A:DC:43:22:F3:1F:F9:DB:FA:49:A6:FA:0D
Authority key identifier: D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC
Certificate issuer:       /CN=d885055d70398cf0c72cceac5e581ad40f203efc
Certificate serial:       019D27DF9BD2E06F70B7917979B1B99D0A1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
Manifest number:          1050
Signing time:             Thu 26 Mar 2026 02:00:58 +0000
Manifest this update:     Thu 26 Mar 2026 02:00:58 +0000
Manifest next update:     Fri 27 Mar 2026 02:00:58 +0000
Files and hashes:         1: 2IUFXXA5jPDHLM6sXlga1A8gPvw.crl (hash: EfMumb4ATx2breyG8p5dST49JpLM6o6hVtudd7OtnGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:9b:d2:e0:6f:70:b7:91:79:79:b1:b9:9d:0a:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d885055d70398cf0c72cceac5e581ad40f203efc
        Validity
            Not Before: Mar 26 02:00:58 2026 GMT
            Not After : Mar 27 02:00:58 2026 GMT
        Subject: CN=860751e87929b77adc4322f31ff9dbfa49a6fa0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:41:34:63:9f:5c:6b:ef:49:7e:70:21:10:10:
                    dd:f0:f2:e4:fc:e1:86:15:21:0c:73:54:0c:9e:27:
                    3f:2f:03:e0:94:4d:f0:b3:17:49:f6:d2:ff:91:38:
                    13:73:18:95:a3:66:e8:cc:20:48:35:a0:65:f0:e7:
                    8d:d3:79:92:c1:8f:74:b2:72:94:b4:a9:9f:a0:ec:
                    cd:ac:5b:79:df:68:30:81:31:65:98:ff:89:11:df:
                    83:d9:e4:3f:1a:43:4b:d8:a0:d5:d5:2c:88:8e:ab:
                    43:52:e7:09:fc:62:5b:5f:a8:bf:ff:6b:a0:29:91:
                    e8:04:4a:81:76:41:fc:52:28:c4:7c:a9:e5:14:7a:
                    eb:ba:d5:ff:1d:07:cc:0e:c1:1b:91:c0:ee:fc:c1:
                    93:68:56:6d:6c:8f:ec:4b:75:48:2e:97:f9:4b:8f:
                    0e:44:91:fc:bb:70:1d:1a:1f:fc:ee:ee:5f:13:22:
                    cd:b6:ad:36:20:01:ec:f2:c8:b3:b1:dd:51:4b:34:
                    29:67:cf:07:3a:14:00:8a:9e:12:ee:11:95:f3:ff:
                    e0:b6:47:0f:46:fb:9b:af:9b:3a:69:0e:4b:4f:f5:
                    c4:67:b3:7a:0a:5e:2f:31:23:4d:5a:e6:a0:d9:0f:
                    6c:37:a1:99:02:ad:9f:77:58:15:0d:a9:bc:d4:53:
                    3d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:07:51:E8:79:29:B7:7A:DC:43:22:F3:1F:F9:DB:FA:49:A6:FA:0D
            X509v3 Authority Key Identifier:
                keyid:D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:fc:73:2e:fe:9b:9e:0c:e3:ab:67:20:14:79:81:ff:ac:8f:
         0f:08:29:d2:06:67:ea:78:a0:f3:cb:6c:68:d3:9b:c6:f9:b5:
         e6:53:3b:c5:73:67:9e:63:74:9a:60:48:78:7e:15:2c:f1:b2:
         83:17:41:7e:8d:f0:a9:ad:3f:73:f0:af:85:be:7c:f6:04:c9:
         9d:8b:f4:6c:b8:6a:34:90:bd:88:90:f6:bf:8c:01:f9:8e:9e:
         fb:20:49:bc:3b:f3:80:3c:9a:03:89:b1:dc:43:37:cf:92:6a:
         9e:e6:6b:60:9a:48:8d:5e:b8:c3:f1:56:9b:e2:a3:2b:12:4b:
         16:a1:26:31:80:69:c9:29:46:70:fd:34:a6:82:73:85:19:56:
         17:09:f3:5c:57:d8:ea:4d:1b:28:ea:b6:49:0a:db:a6:f5:c2:
         5c:b1:5c:9d:59:d7:71:f1:3f:c4:f7:b2:9c:4b:6b:e1:f7:0e:
         02:d9:55:1e:50:39:46:2b:a6:6a:f3:20:a0:41:83:a6:89:b5:
         02:3d:ff:2f:1c:ba:c1:44:63:56:ac:22:86:37:cd:cd:e7:e0:
         75:39:9f:59:7f:82:e9:58:24:c6:1a:6d:1d:41:f2:ad:71:54:
         de:26:80:f4:a7:d5:eb:fa:7a:89:1b:74:69:f9:1b:4b:de:c1:
         c6:0c:7e:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n35vS4G9wt5F5ebG5nQoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODUwNTVkNzAzOThjZjBjNzJjY2VhYzVlNTgxYWQ0MGYy
MDNlZmMwHhcNMjYwMzI2MDIwMDU4WhcNMjYwMzI3MDIwMDU4WjAzMTEwLwYDVQQD
Eyg4NjA3NTFlODc5MjliNzdhZGM0MzIyZjMxZmY5ZGJmYTQ5YTZmYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEE0Y59ca+9JfnAhEBDd8PLk/OGG
FSEMc1QMnic/LwPglE3wsxdJ9tL/kTgTcxiVo2bozCBINaBl8OeN03mSwY90snKU
tKmfoOzNrFt532gwgTFlmP+JEd+D2eQ/GkNL2KDV1SyIjqtDUucJ/GJbX6i//2ug
KZHoBEqBdkH8UijEfKnlFHrrutX/HQfMDsEbkcDu/MGTaFZtbI/sS3VILpf5S48O
RJH8u3AdGh/87u5fEyLNtq02IAHs8sizsd1RSzQpZ88HOhQAip4S7hGV8//gtkcP
Rvubr5s6aQ5LT/XEZ7N6Cl4vMSNNWuag2Q9sN6GZAq2fd1gVDam81FM9zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYHUeh5Kbd63EMi8x/52/pJpvoNMB8GA1UdIwQY
MBaAFNiFBV1wOYzwxyzOrF5YGtQPID78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUt
MWNhM2M2N2YxNTA2LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUtMWNhM2M2N2YxNTA2
LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVPxzLv6b
ngzjq2cgFHmB/6yPDwgp0gZn6nig88tsaNObxvm15lM7xXNnnmN0mmBIeH4VLPGy
gxdBfo3wqa0/c/Cvhb589gTJnYv0bLhqNJC9iJD2v4wB+Y6e+yBJvDvzgDyaA4mx
3EM3z5JqnuZrYJpIjV64w/FWm+KjKxJLFqEmMYBpySlGcP00poJzhRlWFwnzXFfY
6k0bKOq2SQrbpvXCXLFcnVnXcfE/xPeynEtr4fcOAtlVHlA5RiumavMgoEGDpom1
Aj3/Lxy6wURjVqwihjfNzefgdTmfWX+C6VgkxhptHUHyrXFU3iaA9KfV6/p6iRt0
afkbS97Bxgx+BA==
-----END CERTIFICATE-----