Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
File:                     2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft (raw, json)
Hash identifier:          27vbbWn1pKrZoZFkuehhks44FrD0vHVhwIFa0PyPguk=
Subject key identifier:   E6:D3:19:65:A7:B6:AF:89:47:87:7B:80:43:E8:82:32:CF:9E:77:5F
Authority key identifier: DB:21:1B:E3:75:55:59:CA:10:25:20:C1:36:70:D0:85:80:D7:03:34
Certificate issuer:       /CN=db211be3755559ca102520c13670d08580d70334
Certificate serial:       019D27A86B4360EEFC9F12554FCA0EF97D6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
Manifest number:          0173
Signing time:             Thu 26 Mar 2026 01:00:41 +0000
Manifest this update:     Thu 26 Mar 2026 01:00:41 +0000
Manifest next update:     Fri 27 Mar 2026 01:00:41 +0000
Files and hashes:         1: 2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl (hash: fmkvFaZ6WjqQacozhyHZAjRKHeLxOgYnAPidPJWCU+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:6b:43:60:ee:fc:9f:12:55:4f:ca:0e:f9:7d:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db211be3755559ca102520c13670d08580d70334
        Validity
            Not Before: Mar 26 01:00:41 2026 GMT
            Not After : Mar 27 01:00:41 2026 GMT
        Subject: CN=e6d31965a7b6af8947877b8043e88232cf9e775f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fc:77:5e:a1:b1:1e:bf:fc:d7:ce:34:a2:68:
                    2b:36:65:36:2b:c8:d7:f2:f2:84:55:35:f3:7e:56:
                    35:9a:a6:f4:76:a7:cf:46:37:54:75:ed:0c:e2:34:
                    4a:4f:d5:2f:af:0f:96:d6:f1:38:f2:2f:73:dc:24:
                    fd:93:2d:e4:2d:c5:aa:cf:56:b0:0f:b0:aa:61:e9:
                    9e:6f:6f:50:90:2f:17:fc:6b:f9:b4:4b:cc:e3:9b:
                    b0:92:71:c2:fa:23:ee:ae:cb:a7:91:6b:b2:4f:4c:
                    53:8c:2c:c5:d2:b0:23:3a:86:8b:59:46:9f:21:75:
                    3b:8c:79:03:21:33:ba:77:8c:36:a4:c4:7a:d7:5b:
                    21:b3:7b:cf:de:55:6c:b4:67:57:92:a2:c5:da:56:
                    c6:f0:a5:a8:79:34:31:af:57:46:b6:4b:06:94:1b:
                    92:1a:c5:48:d1:b3:90:70:5c:4b:ec:64:fc:67:97:
                    9b:0e:d5:2b:d8:65:bf:c6:7b:ea:c1:b8:cd:d6:8f:
                    00:63:79:ab:fb:2d:f5:54:eb:de:15:a7:96:2d:b5:
                    f0:6e:aa:16:67:2a:66:02:c8:41:99:27:98:a3:91:
                    30:6b:2f:97:26:4c:82:3f:43:26:f6:51:de:f3:0e:
                    e2:ed:3b:63:f6:30:61:bd:fa:86:9c:b8:1a:c1:7e:
                    fd:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:D3:19:65:A7:B6:AF:89:47:87:7B:80:43:E8:82:32:CF:9E:77:5F
            X509v3 Authority Key Identifier:
                keyid:DB:21:1B:E3:75:55:59:CA:10:25:20:C1:36:70:D0:85:80:D7:03:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:67:6c:c4:09:54:45:85:d0:48:3a:41:1d:69:c0:db:c5:ce:
         a6:0a:bc:09:aa:ef:4b:e0:10:83:e0:aa:89:bb:2b:b4:c9:2b:
         49:f8:25:d7:01:d4:b1:bf:91:af:f9:68:c4:42:d9:15:4f:2e:
         44:cb:82:b9:5e:b2:ea:80:81:77:4c:ae:bf:7b:0c:07:44:34:
         4d:43:6d:bb:76:38:49:65:63:24:0a:34:11:ab:90:8a:12:2a:
         02:6f:20:b3:86:70:09:d6:3a:8c:6f:15:3c:b8:28:83:de:23:
         5f:95:da:de:42:71:40:dd:fd:e3:be:47:d8:83:bd:c5:13:d1:
         ac:4b:9c:1d:e5:33:4a:37:f8:f8:e5:bf:1a:7e:de:9c:a5:d0:
         85:cf:0a:9c:ae:dd:d9:37:20:b8:2c:8d:b7:b0:35:4b:01:a1:
         ae:ac:e3:85:f7:10:c0:28:7f:8c:21:06:0c:47:30:eb:21:2c:
         27:ee:7e:0d:6d:4b:45:e0:9d:0d:fc:71:a0:58:f2:a3:83:7f:
         12:11:a1:4b:6f:c0:87:91:4c:eb:85:3f:0c:9b:41:93:75:83:
         04:03:81:2f:c2:ca:40:54:b9:7c:70:03:94:ac:bd:0c:3a:15:
         1b:35:cb:97:85:7c:28:3c:10:a4:52:14:dc:1a:0d:ad:16:ba:
         68:7a:4e:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqGtDYO78nxJVT8oO+X1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjExYmUzNzU1NTU5Y2ExMDI1MjBjMTM2NzBkMDg1ODBk
NzAzMzQwHhcNMjYwMzI2MDEwMDQxWhcNMjYwMzI3MDEwMDQxWjAzMTEwLwYDVQQD
EyhlNmQzMTk2NWE3YjZhZjg5NDc4NzdiODA0M2U4ODIzMmNmOWU3NzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPx3XqGxHr/81840omgrNmU2K8jX
8vKEVTXzflY1mqb0dqfPRjdUde0M4jRKT9Uvrw+W1vE48i9z3CT9ky3kLcWqz1aw
D7CqYemeb29QkC8X/Gv5tEvM45uwknHC+iPursunkWuyT0xTjCzF0rAjOoaLWUaf
IXU7jHkDITO6d4w2pMR611shs3vP3lVstGdXkqLF2lbG8KWoeTQxr1dGtksGlBuS
GsVI0bOQcFxL7GT8Z5ebDtUr2GW/xnvqwbjN1o8AY3mr+y31VOveFaeWLbXwbqoW
ZypmAshBmSeYo5Eway+XJkyCP0Mm9lHe8w7i7Ttj9jBhvfqGnLgawX79UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObTGWWntq+JR4d7gEPogjLPnndfMB8GA1UdIwQY
MBaAFNshG+N1VVnKECUgwTZw0IWA1wM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMTdjOWItNTc2Ny00ZWRkLTkwN2Mt
ODdhMTk0MWYxYmUzLzEvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMTdjOWItNTc2Ny00ZWRkLTkwN2MtODdhMTk0MWYxYmUz
LzEvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm2dsxAlU
RYXQSDpBHWnA28XOpgq8CarvS+AQg+CqibsrtMkrSfgl1wHUsb+Rr/loxELZFU8u
RMuCuV6y6oCBd0yuv3sMB0Q0TUNtu3Y4SWVjJAo0EauQihIqAm8gs4ZwCdY6jG8V
PLgog94jX5Xa3kJxQN39475H2IO9xRPRrEucHeUzSjf4+OW/Gn7enKXQhc8KnK7d
2TcguCyNt7A1SwGhrqzjhfcQwCh/jCEGDEcw6yEsJ+5+DW1LReCdDfxxoFjyo4N/
EhGhS2/Ah5FM64U/DJtBk3WDBAOBL8LKQFS5fHADlKy9DDoVGzXLl4V8KDwQpFIU
3BoNrRa6aHpO9g==
-----END CERTIFICATE-----