Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
File:                     2l7eZe_t7t-MigSyRaOl32OmnoQ.mft (raw, json)
Hash identifier:          H5RXa9R0JZpNjx3JkqsH2YVjyn0k9fGhy8FzTooYCkM=
Subject key identifier:   AA:12:B0:E5:59:54:DD:14:B8:0D:E3:5B:8B:48:B5:B5:CF:11:E3:EB
Authority key identifier: DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84
Certificate issuer:       /CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
Certificate serial:       019D270466D52DEBF17D4027BB7826F3A29C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
Manifest number:          1884
Signing time:             Wed 25 Mar 2026 22:01:32 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:32 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:32 +0000
Files and hashes:         1: 2l7eZe_t7t-MigSyRaOl32OmnoQ.crl (hash: z+qNZvwitQh/N+nDZheqfHxQK0BgPJBfwcXnSBlqk/I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:66:d5:2d:eb:f1:7d:40:27:bb:78:26:f3:a2:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
        Validity
            Not Before: Mar 25 22:01:32 2026 GMT
            Not After : Mar 26 22:01:32 2026 GMT
        Subject: CN=aa12b0e55954dd14b80de35b8b48b5b5cf11e3eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:fc:43:3f:72:80:74:33:ae:08:0e:bc:e9:a8:
                    63:0f:70:0f:c2:3e:20:56:75:d4:f2:2d:ab:7f:32:
                    01:dc:18:ed:68:fd:dc:34:71:b1:ce:b8:21:4e:6b:
                    af:56:ea:a8:d1:cf:9e:f7:d4:c4:73:98:37:ff:81:
                    3f:b6:2a:6d:6d:a2:41:b9:db:1e:e1:9e:09:9f:c0:
                    eb:31:2c:92:93:df:d6:cf:00:9a:73:40:fa:fc:0d:
                    b3:c3:f1:af:31:19:00:9c:d8:48:7e:21:a4:51:a2:
                    c4:e1:f0:70:1c:86:97:bb:9c:6f:4c:12:f4:77:f6:
                    5d:dc:2f:14:d3:3d:ff:09:0f:4b:c4:91:58:43:c5:
                    9a:e1:99:3e:cc:b3:d1:73:9c:ab:67:94:aa:8e:ae:
                    11:c5:8c:8f:2d:97:7a:de:ae:b1:d2:f9:43:d0:27:
                    c3:85:23:79:28:f6:52:be:1c:9f:30:58:3a:27:52:
                    08:68:c7:da:0c:e5:26:a7:25:4f:a5:4c:eb:bb:52:
                    bc:84:98:21:1c:1b:cb:0d:e5:79:b2:da:56:4c:56:
                    c2:6f:52:62:d2:9b:8e:8f:d3:90:90:26:7d:d1:29:
                    62:c7:9e:b1:c1:00:74:dd:50:f3:ec:20:c2:7f:a0:
                    c5:0d:c7:71:5b:1d:44:6e:fa:43:3d:81:fd:80:e5:
                    7e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:12:B0:E5:59:54:DD:14:B8:0D:E3:5B:8B:48:B5:B5:CF:11:E3:EB
            X509v3 Authority Key Identifier:
                keyid:DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:a7:30:b9:b2:cd:ba:e0:18:f8:e0:75:98:1e:78:34:04:85:
         6b:24:d9:4e:d7:af:65:12:31:db:74:cd:b2:f4:89:28:a5:7e:
         f8:5c:76:7b:a7:49:ed:a4:d2:4b:34:79:4f:8c:e1:d9:d0:63:
         2c:b1:34:51:9f:64:c5:6d:58:e5:39:a3:fd:7d:0c:dd:86:2d:
         38:0f:62:1e:e8:95:1f:4b:85:7e:e6:ea:75:c7:e7:15:c4:4a:
         bf:d1:7b:48:f0:eb:38:f0:2e:48:d9:4d:9b:0a:7e:9d:30:4d:
         6c:71:d3:8a:cd:81:38:a1:52:f1:f9:31:7f:c9:1f:22:3f:7c:
         40:b5:6f:cd:3a:60:73:10:de:0e:90:22:f7:1c:2a:88:44:34:
         96:e3:98:6b:6f:65:f6:df:cb:1a:05:2f:c5:ad:76:09:34:f6:
         b3:ce:f1:d0:73:12:22:77:98:64:7f:37:d0:85:89:e8:c1:6b:
         ab:fa:94:55:23:26:31:60:32:8e:47:97:1b:4c:bb:bd:bf:83:
         8b:5b:df:81:2c:d2:1a:7d:52:c0:fc:50:6d:60:a7:33:91:9f:
         19:f7:49:fb:c5:c9:3e:8f:08:92:cf:b2:93:0e:e6:a9:41:b3:
         e1:d5:4d:4b:95:84:e5:c2:f0:36:79:5b:0f:5a:1b:09:2a:fa:
         d9:97:69:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBGbVLevxfUAnu3gm86KcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNWVkZTY1ZWZlZGVlZGY4YzhhMDRiMjQ1YTNhNWRmNjNh
NjllODQwHhcNMjYwMzI1MjIwMTMyWhcNMjYwMzI2MjIwMTMyWjAzMTEwLwYDVQQD
EyhhYTEyYjBlNTU5NTRkZDE0YjgwZGUzNWI4YjQ4YjViNWNmMTFlM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fxDP3KAdDOuCA686ahjD3APwj4g
VnXU8i2rfzIB3BjtaP3cNHGxzrghTmuvVuqo0c+e99TEc5g3/4E/tiptbaJBudse
4Z4Jn8DrMSySk9/WzwCac0D6/A2zw/GvMRkAnNhIfiGkUaLE4fBwHIaXu5xvTBL0
d/Zd3C8U0z3/CQ9LxJFYQ8Wa4Zk+zLPRc5yrZ5Sqjq4RxYyPLZd63q6x0vlD0CfD
hSN5KPZSvhyfMFg6J1IIaMfaDOUmpyVPpUzru1K8hJghHBvLDeV5stpWTFbCb1Ji
0puOj9OQkCZ90Slix56xwQB03VDz7CDCf6DFDcdxWx1EbvpDPYH9gOV+uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoSsOVZVN0UuA3jW4tItbXPEePrMB8GA1UdIwQY
MBaAFNpe3mXv7e7fjIoEskWjpd9jpp6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWIt
YWZmNTBlNGEwZTMzLzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWItYWZmNTBlNGEwZTMz
LzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl6cwubLN
uuAY+OB1mB54NASFayTZTtevZRIx23TNsvSJKKV++Fx2e6dJ7aTSSzR5T4zh2dBj
LLE0UZ9kxW1Y5Tmj/X0M3YYtOA9iHuiVH0uFfubqdcfnFcRKv9F7SPDrOPAuSNlN
mwp+nTBNbHHTis2BOKFS8fkxf8kfIj98QLVvzTpgcxDeDpAi9xwqiEQ0luOYa29l
9t/LGgUvxa12CTT2s87x0HMSIneYZH830IWJ6MFrq/qUVSMmMWAyjkeXG0y7vb+D
i1vfgSzSGn1SwPxQbWCnM5GfGfdJ+8XJPo8Iks+ykw7mqUGz4dVNS5WE5cLwNnlb
D1obCSr62ZdpBg==
-----END CERTIFICATE-----