Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
File:                     2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft (raw, json)
Hash identifier:          wKMKlPAU04/gYQ9roWShHIEChjIeI+RIagP9Ilw+quI=
Subject key identifier:   3A:FC:6C:0C:BB:02:B8:7F:6D:46:D3:58:10:55:3F:88:93:9A:A6:5F
Authority key identifier: D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5
Certificate issuer:       /CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
Certificate serial:       019E1E35620A94250149EAC801778B2B04E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
Manifest number:          0DA4
Signing time:             Tue 12 May 2026 22:01:15 +0000
Manifest this update:     Tue 12 May 2026 22:01:15 +0000
Manifest next update:     Wed 13 May 2026 22:01:15 +0000
Files and hashes:         1: 2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl (hash: wtIB0Q/veW0A1CMwGHSf5PKIT3+acf4xcqAwxz7cM8E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:62:0a:94:25:01:49:ea:c8:01:77:8b:2b:04:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
        Validity
            Not Before: May 12 22:01:15 2026 GMT
            Not After : May 13 22:01:15 2026 GMT
        Subject: CN=3afc6c0cbb02b87f6d46d35810553f88939aa65f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:e8:9f:35:99:2d:2f:33:52:9b:25:2b:f2:68:
                    f5:8f:8b:11:90:91:27:fe:43:43:53:e6:ab:16:1f:
                    7c:df:4c:31:64:56:a8:5c:42:9b:b8:dd:2b:de:67:
                    07:cf:e9:3d:fe:d9:d1:b3:d0:42:5d:dc:0d:71:56:
                    f9:ad:f0:04:6d:00:81:37:af:35:f1:5b:81:4e:86:
                    14:a2:1d:33:0b:0d:a6:a7:d9:cc:eb:02:d0:57:62:
                    fa:31:40:a6:66:c5:b5:35:13:a4:27:9e:a3:bd:cb:
                    40:49:a7:2d:d6:4a:6c:db:86:b6:b7:4a:76:6f:db:
                    d6:36:b1:b3:77:5b:5f:25:63:f0:08:5b:b1:4d:ed:
                    dd:23:f7:0e:63:f5:fe:db:6e:37:75:29:f1:a0:51:
                    30:c9:57:9b:d7:06:d6:de:b3:c8:54:c3:a9:86:a1:
                    e0:53:ff:30:89:3c:c6:52:be:6d:a8:2f:3c:98:50:
                    5c:4c:56:5e:59:df:7b:4e:ee:e8:b4:53:e1:05:05:
                    56:eb:ad:d2:2f:2b:5b:a7:f7:a5:99:ac:3c:7b:52:
                    fb:e8:ae:7d:ac:17:ed:f3:26:b0:9e:21:9c:29:b7:
                    57:f2:8a:0e:bd:74:19:06:2d:64:2c:c2:07:9e:58:
                    b8:73:ed:d4:31:80:72:a0:5d:aa:88:e5:c0:28:cb:
                    4c:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:FC:6C:0C:BB:02:B8:7F:6D:46:D3:58:10:55:3F:88:93:9A:A6:5F
            X509v3 Authority Key Identifier:
                keyid:D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:a2:fc:8e:8e:00:a3:3a:75:18:79:1a:a9:d3:ec:79:26:c7:
         0e:c9:00:76:9d:b2:d9:ed:c2:9d:6b:d0:cb:44:c8:e1:4e:09:
         1f:9a:6c:b2:9e:80:92:a9:7c:9f:eb:4a:d1:90:35:6c:60:d8:
         a7:2e:15:d1:7f:63:c4:13:f4:46:fe:87:ea:8a:9c:f2:e2:01:
         f6:1c:79:51:a6:01:dc:ae:d3:fe:4a:d2:80:dc:f6:86:7c:4e:
         22:9d:85:56:91:99:ab:f9:79:1d:84:e0:c6:10:3d:65:97:d0:
         80:bf:5e:fd:00:cf:1b:7e:e1:3c:8a:82:4b:fc:24:44:71:61:
         06:92:12:c4:fc:70:60:07:93:23:a7:8f:cc:56:da:27:37:4f:
         5c:e2:a2:59:43:ec:97:d0:cb:45:ee:0c:2f:bb:1c:3f:16:de:
         8c:a4:53:db:bb:ab:b3:88:ac:52:90:7a:d2:25:48:29:d6:85:
         fd:37:03:27:da:b0:7a:d3:c8:b3:7c:09:d2:98:70:7f:0a:6a:
         e4:4a:69:5c:a7:0b:ee:09:cc:c2:49:ad:8e:77:67:68:e5:18:
         e5:eb:23:78:e5:93:df:78:68:8a:cc:16:ab:6d:db:50:d1:c9:
         ad:27:67:53:1f:b7:ae:2b:6b:85:1e:6b:c9:41:7b:75:d4:23:
         f7:74:fa:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNWIKlCUBSerIAXeLKwTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmUwY2MzMTQzZjk5YzVlNTU4MzZhM2ZmNmMwYjY2ZmMy
MGM0ZDUwHhcNMjYwNTEyMjIwMTE1WhcNMjYwNTEzMjIwMTE1WjAzMTEwLwYDVQQD
EygzYWZjNmMwY2JiMDJiODdmNmQ0NmQzNTgxMDU1M2Y4ODkzOWFhNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+ifNZktLzNSmyUr8mj1j4sRkJEn
/kNDU+arFh9830wxZFaoXEKbuN0r3mcHz+k9/tnRs9BCXdwNcVb5rfAEbQCBN681
8VuBToYUoh0zCw2mp9nM6wLQV2L6MUCmZsW1NROkJ56jvctASact1kps24a2t0p2
b9vWNrGzd1tfJWPwCFuxTe3dI/cOY/X+2243dSnxoFEwyVeb1wbW3rPIVMOphqHg
U/8wiTzGUr5tqC88mFBcTFZeWd97Tu7otFPhBQVW663SLytbp/elmaw8e1L76K59
rBft8yawniGcKbdX8ooOvXQZBi1kLMIHnli4c+3UMYByoF2qiOXAKMtM2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDr8bAy7Arh/bUbTWBBVP4iTmqZfMB8GA1UdIwQY
MBaAFNn+DMMUP5nF5Vg2o/9sC2b8IMTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAt
MjYzMTk0OTZkN2RlLzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAtMjYzMTk0OTZkN2Rl
LzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjaL8jo4A
ozp1GHkaqdPseSbHDskAdp2y2e3CnWvQy0TI4U4JH5pssp6Akql8n+tK0ZA1bGDY
py4V0X9jxBP0Rv6H6oqc8uIB9hx5UaYB3K7T/krSgNz2hnxOIp2FVpGZq/l5HYTg
xhA9ZZfQgL9e/QDPG37hPIqCS/wkRHFhBpISxPxwYAeTI6ePzFbaJzdPXOKiWUPs
l9DLRe4ML7scPxbejKRT27urs4isUpB60iVIKdaF/TcDJ9qwetPIs3wJ0phwfwpq
5EppXKcL7gnMwkmtjndnaOUY5esjeOWT33hoiswWq23bUNHJrSdnUx+3ritrhR5r
yUF7ddQj93T6MQ==
-----END CERTIFICATE-----