Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
File:                     2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft (raw, json)
Hash identifier:          t6VTnStMvvBTee7VqcZduXR5rLv0cXLr+g6jyuyICZ8=
Subject key identifier:   36:00:D7:E4:11:E7:01:9D:6C:BB:3D:37:CF:E6:EE:88:C4:3D:DF:25
Authority key identifier: D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5
Certificate issuer:       /CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
Certificate serial:       019D270475A0FCBE25B6E636697A5CBAE03F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
Manifest number:          0D24
Signing time:             Wed 25 Mar 2026 22:01:36 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:36 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:36 +0000
Files and hashes:         1: 2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl (hash: MS4BdHswtcHOuJeZ4pxZBPJSbD3fsutP3hrKHNgDCWU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:75:a0:fc:be:25:b6:e6:36:69:7a:5c:ba:e0:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
        Validity
            Not Before: Mar 25 22:01:36 2026 GMT
            Not After : Mar 26 22:01:36 2026 GMT
        Subject: CN=3600d7e411e7019d6cbb3d37cfe6ee88c43ddf25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:dd:97:d7:55:36:94:e9:72:a3:cf:21:ad:40:
                    15:58:94:11:dd:cc:2e:60:06:c1:fc:a2:3b:2a:f1:
                    0d:04:4b:93:2c:62:44:dc:1f:c4:b7:b3:2b:90:44:
                    f9:09:8a:ea:28:83:85:f0:3a:cf:da:a0:84:95:3d:
                    00:b3:77:2c:66:35:58:d0:37:36:a6:c7:98:7c:6d:
                    b0:e1:d8:c4:75:01:2f:b9:f8:19:75:83:d2:dc:6f:
                    70:ef:60:23:f4:39:77:65:e1:8f:69:46:f6:31:c7:
                    25:4a:90:38:c9:61:fb:81:43:de:3a:60:eb:8c:8c:
                    88:70:5c:6e:df:31:5b:b8:61:c7:ed:a9:2f:d4:c6:
                    61:81:d6:81:87:c9:06:5e:55:0d:67:22:cd:7a:73:
                    cf:1d:df:74:3c:cc:42:17:28:0d:74:02:0a:96:d1:
                    d7:10:e7:30:bb:ae:58:15:92:9d:be:25:d7:8c:b2:
                    f1:ab:d0:fe:72:25:9a:52:ef:bc:0c:da:43:66:bc:
                    8c:86:e7:49:7b:ef:b8:f1:be:fe:53:04:25:28:79:
                    ec:7b:96:25:5d:61:89:d2:a8:f5:99:7b:57:76:ca:
                    9f:01:21:8c:28:08:c1:de:aa:53:7c:b8:33:25:30:
                    60:24:b7:bd:e7:60:e8:3c:fa:d6:90:94:f9:b6:5d:
                    b4:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:00:D7:E4:11:E7:01:9D:6C:BB:3D:37:CF:E6:EE:88:C4:3D:DF:25
            X509v3 Authority Key Identifier:
                keyid:D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:4c:1b:5d:c8:40:67:6e:60:cb:b6:1d:6d:87:5d:58:7f:46:
         0b:af:e0:51:1b:1a:08:e0:87:84:4d:ea:85:0c:02:0d:3c:42:
         1e:f5:58:55:41:f1:f4:9e:51:c6:33:1c:8e:40:17:c8:84:c8:
         78:91:57:8d:b2:db:60:d1:68:42:fc:33:88:57:15:76:14:58:
         8d:8d:90:db:75:18:dc:f0:31:04:c1:20:7c:09:0b:ce:09:26:
         3a:2e:81:48:10:30:1d:a5:67:c8:d7:f6:f8:1b:21:46:0a:06:
         96:2d:50:c2:e5:00:25:b0:fd:54:b7:43:31:f1:38:03:2c:35:
         55:f8:6d:63:ec:fa:bb:5a:e8:ad:c4:4a:96:5c:56:98:95:b4:
         1a:54:f7:41:f3:77:b5:84:12:60:6b:18:0d:27:ec:df:21:05:
         28:c5:10:16:f1:cd:9c:de:82:4b:84:59:7e:dd:92:5a:8c:5c:
         e4:17:1c:b6:7c:42:0c:79:82:fd:8e:87:db:24:44:ca:27:9b:
         b7:d4:e6:1f:c3:6b:29:55:6c:c8:e4:f5:17:20:e6:f0:29:30:
         73:91:94:56:af:09:51:e5:e5:2f:f4:8e:97:38:81:bf:c5:7e:
         8f:2e:31:56:f3:0a:32:b9:e8:dc:5c:56:cf:e2:ee:34:bf:58:
         fe:52:1c:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBHWg/L4ltuY2aXpcuuA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmUwY2MzMTQzZjk5YzVlNTU4MzZhM2ZmNmMwYjY2ZmMy
MGM0ZDUwHhcNMjYwMzI1MjIwMTM2WhcNMjYwMzI2MjIwMTM2WjAzMTEwLwYDVQQD
EygzNjAwZDdlNDExZTcwMTlkNmNiYjNkMzdjZmU2ZWU4OGM0M2RkZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst2X11U2lOlyo88hrUAVWJQR3cwu
YAbB/KI7KvENBEuTLGJE3B/Et7MrkET5CYrqKIOF8DrP2qCElT0As3csZjVY0Dc2
pseYfG2w4djEdQEvufgZdYPS3G9w72Aj9Dl3ZeGPaUb2McclSpA4yWH7gUPeOmDr
jIyIcFxu3zFbuGHH7akv1MZhgdaBh8kGXlUNZyLNenPPHd90PMxCFygNdAIKltHX
EOcwu65YFZKdviXXjLLxq9D+ciWaUu+8DNpDZryMhudJe++48b7+UwQlKHnse5Yl
XWGJ0qj1mXtXdsqfASGMKAjB3qpTfLgzJTBgJLe952DoPPrWkJT5tl20+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYA1+QR5wGdbLs9N8/m7ojEPd8lMB8GA1UdIwQY
MBaAFNn+DMMUP5nF5Vg2o/9sC2b8IMTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAt
MjYzMTk0OTZkN2RlLzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAtMjYzMTk0OTZkN2Rl
LzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnkwbXchA
Z25gy7YdbYddWH9GC6/gURsaCOCHhE3qhQwCDTxCHvVYVUHx9J5RxjMcjkAXyITI
eJFXjbLbYNFoQvwziFcVdhRYjY2Q23UY3PAxBMEgfAkLzgkmOi6BSBAwHaVnyNf2
+BshRgoGli1QwuUAJbD9VLdDMfE4Ayw1VfhtY+z6u1rorcRKllxWmJW0GlT3QfN3
tYQSYGsYDSfs3yEFKMUQFvHNnN6CS4RZft2SWoxc5BcctnxCDHmC/Y6H2yREyieb
t9TmH8NrKVVsyOT1FyDm8Ckwc5GUVq8JUeXlL/SOlziBv8V+jy4xVvMKMrno3FxW
z+LuNL9Y/lIckg==
-----END CERTIFICATE-----