Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
File:                     2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft (raw, json)
Hash identifier:          aSZeZaKcCPNJhdtzCcaJmmAsYMatfwJHnb0jY+Dp+4c=
Subject key identifier:   70:02:16:F5:06:50:14:2F:B5:4A:3C:3C:5E:AD:21:B5:7F:84:0C:04
Authority key identifier: DB:21:1B:E3:75:55:59:CA:10:25:20:C1:36:70:D0:85:80:D7:03:34
Certificate issuer:       /CN=db211be3755559ca102520c13670d08580d70334
Certificate serial:       019E1CEBB6A277E2193E5B84D8C527BCDBC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
Manifest number:          01F2
Signing time:             Tue 12 May 2026 16:01:10 +0000
Manifest this update:     Tue 12 May 2026 16:01:10 +0000
Manifest next update:     Wed 13 May 2026 16:01:10 +0000
Files and hashes:         1: 2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl (hash: lf3ENZDDwvtS70CW9Pb1Bd7YnpqphTuSASybp7Mf2rA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 16:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:eb:b6:a2:77:e2:19:3e:5b:84:d8:c5:27:bc:db:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db211be3755559ca102520c13670d08580d70334
        Validity
            Not Before: May 12 16:01:10 2026 GMT
            Not After : May 13 16:01:10 2026 GMT
        Subject: CN=700216f50650142fb54a3c3c5ead21b57f840c04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:44:4d:14:6e:4b:86:4e:9c:2c:0c:80:ac:e0:
                    5c:06:d2:57:4c:3d:4c:29:f3:4b:21:f7:a6:17:2c:
                    f1:ee:dd:3a:04:f7:7a:4e:5a:52:d7:a8:b5:37:3a:
                    3d:55:d3:0f:22:0b:2d:f8:34:09:d1:ca:cc:30:18:
                    6e:e1:19:3b:57:83:50:96:d0:14:75:66:5d:6d:06:
                    22:ac:97:c3:95:f6:1e:78:e7:3f:41:57:da:02:0b:
                    86:cd:57:d4:49:1c:3a:97:95:05:cd:72:0f:dd:be:
                    1f:39:6e:12:9c:fc:52:72:6f:0d:21:3b:b7:9b:7f:
                    b0:1a:bb:2b:d9:47:9b:00:a3:18:9a:10:b7:e5:73:
                    92:44:30:3d:0e:57:77:a2:13:d0:db:0b:17:82:c1:
                    a2:f7:6d:aa:88:fb:46:25:ae:89:8f:a4:bd:fe:53:
                    f5:b2:8e:32:1f:0d:38:d2:94:b7:e9:fa:88:81:b0:
                    0a:b4:fb:51:65:05:6e:f3:11:28:1c:59:42:0d:16:
                    9a:65:6c:fe:dd:80:85:40:ae:87:d7:82:01:82:b0:
                    6b:33:0c:46:53:df:bb:36:91:16:c1:09:c0:88:37:
                    14:3a:7f:1e:3e:b8:7a:ff:c8:5e:9e:8a:e3:6d:a9:
                    5a:08:48:f0:58:84:4b:dd:ea:89:fb:90:5c:ac:1a:
                    e0:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:02:16:F5:06:50:14:2F:B5:4A:3C:3C:5E:AD:21:B5:7F:84:0C:04
            X509v3 Authority Key Identifier:
                keyid:DB:21:1B:E3:75:55:59:CA:10:25:20:C1:36:70:D0:85:80:D7:03:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:b6:ac:6d:51:d1:fa:24:60:01:6a:bb:aa:11:0f:97:f7:f4:
         b8:4d:04:12:09:88:21:11:7b:35:28:23:22:b8:6e:89:c2:72:
         5b:e6:7c:95:0c:5a:98:f0:44:ab:8f:95:4a:3b:a7:a6:51:e7:
         be:f0:0a:35:bd:ba:74:b6:c9:e2:75:4e:a4:a5:0c:5b:a4:8d:
         e4:cd:c3:9c:27:eb:ff:16:07:22:a5:b6:9b:38:1c:18:34:2c:
         44:5b:55:bb:c6:cd:14:32:e2:f8:a0:b9:cc:09:c3:b0:c2:bd:
         f9:55:1b:a6:a3:fb:fc:b2:21:4c:65:9a:95:e7:a8:86:80:60:
         a4:d2:06:7c:31:ca:2e:09:1d:00:e5:93:ac:21:b0:57:ac:11:
         0b:bc:ee:aa:43:fe:14:8e:37:ef:36:62:ad:26:9f:7f:a6:f3:
         93:a0:ba:78:cd:b6:54:11:d5:64:33:92:bd:fc:18:7c:2e:f4:
         fb:81:a1:4c:3a:34:59:fe:cb:55:3a:a6:66:bf:26:26:7c:3a:
         95:bc:55:43:73:d2:37:2b:88:7c:57:ce:ab:ab:84:bf:b7:55:
         4e:d8:bc:e9:f6:2f:5b:05:7a:77:2a:b1:46:3d:f8:d9:a9:b8:
         17:19:89:f2:a5:50:8b:9b:ba:1b:4e:f5:5a:80:80:55:fb:dd:
         93:2d:c9:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c67aid+IZPluE2MUnvNvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjExYmUzNzU1NTU5Y2ExMDI1MjBjMTM2NzBkMDg1ODBk
NzAzMzQwHhcNMjYwNTEyMTYwMTEwWhcNMjYwNTEzMTYwMTEwWjAzMTEwLwYDVQQD
Eyg3MDAyMTZmNTA2NTAxNDJmYjU0YTNjM2M1ZWFkMjFiNTdmODQwYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnURNFG5Lhk6cLAyArOBcBtJXTD1M
KfNLIfemFyzx7t06BPd6TlpS16i1Nzo9VdMPIgst+DQJ0crMMBhu4Rk7V4NQltAU
dWZdbQYirJfDlfYeeOc/QVfaAguGzVfUSRw6l5UFzXIP3b4fOW4SnPxScm8NITu3
m3+wGrsr2UebAKMYmhC35XOSRDA9Dld3ohPQ2wsXgsGi922qiPtGJa6Jj6S9/lP1
so4yHw040pS36fqIgbAKtPtRZQVu8xEoHFlCDRaaZWz+3YCFQK6H14IBgrBrMwxG
U9+7NpEWwQnAiDcUOn8ePrh6/8henorjbalaCEjwWIRL3eqJ+5BcrBrguwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHACFvUGUBQvtUo8PF6tIbV/hAwEMB8GA1UdIwQY
MBaAFNshG+N1VVnKECUgwTZw0IWA1wM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMTdjOWItNTc2Ny00ZWRkLTkwN2Mt
ODdhMTk0MWYxYmUzLzEvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMTdjOWItNTc2Ny00ZWRkLTkwN2MtODdhMTk0MWYxYmUz
LzEvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANbasbVHR
+iRgAWq7qhEPl/f0uE0EEgmIIRF7NSgjIrhuicJyW+Z8lQxamPBEq4+VSjunplHn
vvAKNb26dLbJ4nVOpKUMW6SN5M3DnCfr/xYHIqW2mzgcGDQsRFtVu8bNFDLi+KC5
zAnDsMK9+VUbpqP7/LIhTGWaleeohoBgpNIGfDHKLgkdAOWTrCGwV6wRC7zuqkP+
FI437zZirSaff6bzk6C6eM22VBHVZDOSvfwYfC70+4GhTDo0Wf7LVTqmZr8mJnw6
lbxVQ3PSNyuIfFfOq6uEv7dVTti86fYvWwV6dyqxRj342am4FxmJ8qVQi5u6G071
WoCAVfvdky3JqQ==
-----END CERTIFICATE-----