Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          drswpH/Qm6axLcZfkKSASWE/lY6qeuluOxeS6QQlzIM=
Subject key identifier:   A8:6A:11:97:5A:39:1C:ED:82:F5:12:13:0D:3E:24:B0:A7:78:AA:BD
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       019E1E6C210CFF5F021FBC1911B04FAF9B98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          100E
Signing time:             Tue 12 May 2026 23:01:03 +0000
Manifest this update:     Tue 12 May 2026 23:01:03 +0000
Manifest next update:     Wed 13 May 2026 23:01:03 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: 4Tfs5qTQ9lgBgOEz5NGOYknFKAW6H0rcnw+uy2waqR8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:6c:21:0c:ff:5f:02:1f:bc:19:11:b0:4f:af:9b:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: May 12 23:01:03 2026 GMT
            Not After : May 13 23:01:03 2026 GMT
        Subject: CN=a86a11975a391ced82f512130d3e24b0a778aabd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:1a:c2:29:3d:35:65:46:f5:54:78:32:9e:04:
                    2d:b9:3b:d4:45:92:95:8f:c4:b7:8c:04:06:f4:61:
                    40:27:0c:12:79:41:b9:43:fd:01:42:6a:f0:60:d5:
                    37:a5:e1:52:7e:00:47:e0:c7:d0:27:08:9a:2d:43:
                    eb:a2:ea:a1:28:99:41:16:b1:18:e3:96:16:b1:e8:
                    45:02:06:4f:03:ce:19:f5:cb:09:7b:ea:b7:b8:b3:
                    a8:21:fe:56:ad:9d:41:d6:be:6a:09:cb:a7:24:a9:
                    27:5f:72:48:e3:72:5b:57:fb:52:f1:b5:d2:ae:67:
                    4d:1a:13:2a:0f:02:31:e6:c3:08:33:2e:6c:89:ff:
                    20:f5:2c:0e:3b:c3:68:a9:bb:17:4e:ff:3c:bf:ee:
                    12:7c:48:3c:2a:9b:f4:8a:b9:38:b7:cf:4f:1d:b4:
                    3c:05:4c:eb:24:de:4d:d2:30:fc:ff:6f:68:d3:f2:
                    4c:bd:6d:34:85:b6:8f:93:2a:53:07:ff:32:ce:17:
                    bb:01:d7:32:e8:6c:13:42:bf:4c:8d:78:48:9d:22:
                    d8:5a:12:3b:a1:42:d9:c1:3f:b7:29:5a:83:de:0b:
                    91:93:1b:03:dc:a3:99:e0:d3:37:a3:49:99:13:f2:
                    f0:0c:db:c7:d8:c6:d5:e4:d1:13:25:8f:a6:a6:aa:
                    db:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:6A:11:97:5A:39:1C:ED:82:F5:12:13:0D:3E:24:B0:A7:78:AA:BD
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:8d:a3:a9:5c:39:b6:f2:a7:81:da:7c:2e:ad:e1:22:21:86:
         6c:94:10:08:8e:d2:cb:da:47:a4:2f:8e:a5:66:35:94:cd:0e:
         29:f0:76:79:7d:72:4b:7e:34:c1:24:3e:49:59:cf:39:28:3b:
         55:06:67:56:56:67:50:11:46:ed:6a:6e:76:76:7d:1c:67:fa:
         93:ff:ed:3e:d7:52:3e:d0:39:43:b1:84:6d:b2:96:37:11:f3:
         fa:96:8a:0e:44:02:e4:4b:e4:fa:00:f3:0f:48:9d:75:06:6c:
         cc:23:b4:80:07:d6:9a:25:e5:cd:66:6d:cf:f7:49:5f:83:f0:
         69:cf:fe:ee:65:11:96:de:f0:ec:7a:52:20:3c:3f:b3:8d:99:
         9b:8f:72:bb:71:a8:e9:8b:74:a0:70:1c:22:1e:13:de:4a:9b:
         9c:5f:96:eb:38:0b:bf:95:8e:c8:db:26:99:a4:51:b2:11:1c:
         50:5c:f8:13:23:6e:4d:a6:3d:d2:e6:e7:f0:c1:96:bc:3c:11:
         4d:b4:2e:0c:90:db:77:17:30:85:ac:3a:d3:4c:ab:46:7c:d1:
         a5:a4:0d:62:9c:67:2d:25:c0:6e:67:6f:ff:fa:81:a0:42:46:
         12:7a:fb:4d:bd:a7:6c:83:8f:6d:06:d3:77:a6:0c:15:6b:d1:
         a3:dd:46:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ebCEM/18CH7wZEbBPr5uYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjYwNTEyMjMwMTAzWhcNMjYwNTEzMjMwMTAzWjAzMTEwLwYDVQQD
EyhhODZhMTE5NzVhMzkxY2VkODJmNTEyMTMwZDNlMjRiMGE3NzhhYWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxrCKT01ZUb1VHgyngQtuTvURZKV
j8S3jAQG9GFAJwwSeUG5Q/0BQmrwYNU3peFSfgBH4MfQJwiaLUProuqhKJlBFrEY
45YWsehFAgZPA84Z9csJe+q3uLOoIf5WrZ1B1r5qCcunJKknX3JI43JbV/tS8bXS
rmdNGhMqDwIx5sMIMy5sif8g9SwOO8NoqbsXTv88v+4SfEg8Kpv0irk4t89PHbQ8
BUzrJN5N0jD8/29o0/JMvW00hbaPkypTB/8yzhe7Adcy6GwTQr9MjXhInSLYWhI7
oULZwT+3KVqD3guRkxsD3KOZ4NM3o0mZE/LwDNvH2MbV5NETJY+mpqrbMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKhqEZdaORztgvUSEw0+JLCneKq9MB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhI2jqVw5
tvKngdp8Lq3hIiGGbJQQCI7Sy9pHpC+OpWY1lM0OKfB2eX1yS340wSQ+SVnPOSg7
VQZnVlZnUBFG7WpudnZ9HGf6k//tPtdSPtA5Q7GEbbKWNxHz+paKDkQC5Evk+gDz
D0iddQZszCO0gAfWmiXlzWZtz/dJX4Pwac/+7mURlt7w7HpSIDw/s42Zm49yu3Go
6Yt0oHAcIh4T3kqbnF+W6zgLv5WOyNsmmaRRshEcUFz4EyNuTaY90ubn8MGWvDwR
TbQuDJDbdxcwhaw600yrRnzRpaQNYpxnLSXAbmdv//qBoEJGEnr7Tb2nbIOPbQbT
d6YMFWvRo91G/w==
-----END CERTIFICATE-----