Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          fU5AbME3dHmORRljYUgSEHfyh4iEeBvr7rSaln4SgLs=
Subject key identifier:   38:91:C9:8C:58:00:15:CD:A1:D5:97:5D:95:6F:E0:73:56:6E:ED:BC
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       019EBE7F3378810EE6435A4051225E5D3CE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          1955
Signing time:             Sat 13 Jun 2026 01:01:07 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:07 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:07 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: p56s6Eje3SRi1An9SmZ2rzxGP5Pxt1E6nuB5LpJuIwc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:33:78:81:0e:e6:43:5a:40:51:22:5e:5d:3c:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Jun 13 01:01:07 2026 GMT
            Not After : Jun 14 01:01:07 2026 GMT
        Subject: CN=3891c98c580015cda1d5975d956fe073566eedbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:38:73:b9:e4:c8:73:48:d5:ea:c3:df:ab:18:
                    73:c5:e6:f7:61:d8:22:7c:b2:82:dd:57:17:07:0d:
                    f5:32:31:38:11:dc:b1:bb:f5:1a:08:4a:6d:89:28:
                    c5:26:41:35:08:d3:93:34:01:d8:6e:5f:50:e1:f2:
                    12:90:fc:5e:c8:b9:af:fe:40:91:e6:2e:81:12:d5:
                    cc:d8:1c:cb:c0:e1:7a:7f:38:f1:db:79:60:1d:87:
                    5f:b3:7e:6d:74:59:ee:b1:2b:4c:4f:33:5a:a2:1f:
                    60:38:83:16:57:d7:26:3a:36:de:c3:af:7c:54:77:
                    3e:93:df:84:53:4a:93:69:f1:99:9a:96:31:5b:2b:
                    75:56:ad:2c:0b:b2:9c:d1:43:2a:d3:44:b7:d5:5c:
                    64:87:00:cc:76:a4:02:7a:59:a6:36:dd:26:51:db:
                    0a:13:27:52:af:13:00:41:86:94:bf:e6:47:05:b6:
                    a5:90:f9:6b:dc:7b:ad:a4:1f:1b:a7:a7:4d:a7:a1:
                    7f:15:67:71:fe:4a:f6:61:ca:76:28:15:87:77:d7:
                    92:6e:1c:2c:32:c4:7e:ac:f4:43:69:57:a7:4e:c4:
                    01:e2:1f:2d:12:01:68:53:36:cd:cd:4f:fe:b6:ab:
                    a4:0d:6e:d3:e1:bc:ec:03:54:7a:18:59:ba:7f:bb:
                    c6:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:91:C9:8C:58:00:15:CD:A1:D5:97:5D:95:6F:E0:73:56:6E:ED:BC
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:f5:f1:26:77:36:6d:ea:d2:64:7a:e1:22:72:68:66:b0:03:
         67:20:e5:f0:d3:bd:26:ae:94:a3:92:ea:28:c5:4a:dc:fd:d6:
         07:92:5f:09:12:77:d8:3c:1a:b7:ab:ae:c6:92:b1:59:f0:b9:
         b5:b7:fe:32:fd:3f:3a:76:c1:e5:85:c2:97:37:e6:9c:b0:d2:
         af:a9:55:cc:4a:04:02:16:a6:ff:43:1f:12:4f:d0:5a:4d:fd:
         41:76:da:22:07:ce:cf:b9:86:be:3d:81:25:59:af:a8:b5:4b:
         22:d9:94:3a:57:2b:b1:fb:f5:59:eb:07:c9:75:91:84:d1:1d:
         fb:6a:45:43:05:66:7f:b5:0f:58:2b:30:c3:33:bb:56:3d:27:
         0d:0c:43:76:de:b5:16:32:7a:8e:cf:af:16:ee:9e:fc:09:27:
         69:c2:15:57:6c:64:c0:77:7a:c4:b0:c1:ff:a7:66:87:b1:73:
         39:75:c4:52:6d:1f:37:a4:e2:84:0a:80:44:b2:a7:46:8f:6d:
         97:9c:b0:42:ba:29:4b:63:14:c8:a8:b3:5e:35:73:af:2f:9d:
         22:55:e4:db:44:c0:f0:11:d8:16:aa:2c:f0:d5:5f:79:f1:85:
         7e:57:97:06:f7:b0:a7:88:a3:ce:b4:42:62:2d:33:43:e8:1b:
         fd:78:e1:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+fzN4gQ7mQ1pAUSJeXTzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjYwNjEzMDEwMTA3WhcNMjYwNjE0MDEwMTA3WjAzMTEwLwYDVQQD
EygzODkxYzk4YzU4MDAxNWNkYTFkNTk3NWQ5NTZmZTA3MzU2NmVlZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzhzueTIc0jV6sPfqxhzxeb3Ydgi
fLKC3VcXBw31MjE4Edyxu/UaCEptiSjFJkE1CNOTNAHYbl9Q4fISkPxeyLmv/kCR
5i6BEtXM2BzLwOF6fzjx23lgHYdfs35tdFnusStMTzNaoh9gOIMWV9cmOjbew698
VHc+k9+EU0qTafGZmpYxWyt1Vq0sC7Kc0UMq00S31VxkhwDMdqQCelmmNt0mUdsK
EydSrxMAQYaUv+ZHBbalkPlr3HutpB8bp6dNp6F/FWdx/kr2Ycp2KBWHd9eSbhws
MsR+rPRDaVenTsQB4h8tEgFoUzbNzU/+tqukDW7T4bzsA1R6GFm6f7vGOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiRyYxYABXNodWXXZVv4HNWbu28MB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZvXxJnc2
berSZHrhInJoZrADZyDl8NO9Jq6Uo5LqKMVK3P3WB5JfCRJ32Dwat6uuxpKxWfC5
tbf+Mv0/OnbB5YXClzfmnLDSr6lVzEoEAham/0MfEk/QWk39QXbaIgfOz7mGvj2B
JVmvqLVLItmUOlcrsfv1WesHyXWRhNEd+2pFQwVmf7UPWCswwzO7Vj0nDQxDdt61
FjJ6js+vFu6e/AknacIVV2xkwHd6xLDB/6dmh7FzOXXEUm0fN6TihAqARLKnRo9t
l5ywQropS2MUyKizXjVzry+dIlXk20TA8BHYFqos8NVfefGFfleXBvewp4ijzrRC
Yi0zQ+gb/XjhPQ==
-----END CERTIFICATE-----