Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
File:                     2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft (raw, json)
Hash identifier:          rz3J81sbkw/7xTuRfaMeExIcb3pT2XV1aY8xrhaHc94=
Subject key identifier:   D9:10:13:E5:AB:AF:D4:C5:0E:7A:42:93:48:90:74:F6:58:83:0C:63
Authority key identifier: DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
Certificate issuer:       /CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Certificate serial:       019D99CFF33DAEBD53A048D42D8951D13C82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
Manifest number:          0703
Signing time:             Fri 17 Apr 2026 05:00:35 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:35 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:35 +0000
Files and hashes:         1: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl (hash: s6MppBKuUPRL0b6GwL39qUFAvtFswQ1R7bhXr+l2cp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:cf:f3:3d:ae:bd:53:a0:48:d4:2d:89:51:d1:3c:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
        Validity
            Not Before: Apr 17 05:00:35 2026 GMT
            Not After : Apr 18 05:00:35 2026 GMT
        Subject: CN=d91013e5abafd4c50e7a4293489074f658830c63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:c3:da:ae:c4:a4:46:33:90:54:15:59:10:a8:
                    77:1b:4f:28:a3:e7:53:a5:c9:57:bc:1c:10:63:90:
                    41:f7:49:87:82:dc:12:33:5f:b6:c7:73:3b:ba:0b:
                    71:d8:f3:a3:c5:0e:7a:b6:87:13:76:50:c2:8b:2f:
                    38:81:38:e5:42:3b:86:30:21:c5:8b:26:3d:ba:42:
                    4e:0b:f5:0a:e9:ce:8c:62:f2:ea:7e:84:1e:17:fb:
                    bf:0d:13:87:fd:cb:63:eb:0a:0e:1b:ae:16:9a:07:
                    7c:a2:5e:b8:63:33:5a:54:49:39:38:ce:7e:ba:f2:
                    6a:10:45:a5:7a:67:14:ca:df:d7:52:47:5b:1f:f7:
                    69:a8:b2:46:55:ae:89:bd:e7:c4:16:fa:c2:7e:d3:
                    fc:45:9e:f5:c1:55:c6:e1:cc:b4:ce:b8:e8:4b:58:
                    ec:3e:03:0d:60:b9:24:72:0d:29:39:b5:f0:6b:8b:
                    ad:43:63:59:c0:8f:1d:64:40:9b:28:ea:78:45:10:
                    6e:10:76:54:05:9d:3b:72:c2:e7:7a:a7:2d:99:09:
                    e5:8e:45:f6:19:4c:9a:e5:c8:52:73:78:8a:e3:41:
                    0b:c3:20:72:bc:79:7d:6a:de:d0:ee:b4:b4:33:8e:
                    18:93:ef:6a:2d:56:74:58:64:08:d8:cb:1a:5e:91:
                    b6:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:10:13:E5:AB:AF:D4:C5:0E:7A:42:93:48:90:74:F6:58:83:0C:63
            X509v3 Authority Key Identifier:
                keyid:DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:81:b0:16:c4:89:98:16:a4:77:73:5e:01:05:37:36:ae:41:
         2c:22:66:72:0f:9a:08:6d:c4:7f:1e:ac:7e:f9:54:de:38:ce:
         83:da:38:b6:79:11:ea:2a:2d:2c:a9:6c:9e:10:50:d2:e7:23:
         23:85:50:bb:3c:66:82:c7:c8:22:9f:96:18:97:c0:00:7b:82:
         01:03:00:fe:41:d3:58:6a:24:5d:de:12:4b:77:4e:fb:fa:d6:
         f7:d1:02:6a:ff:fa:3a:3f:16:b2:8e:44:7e:40:c2:8c:79:04:
         ea:12:cb:ab:71:7c:4b:61:0b:8c:93:fa:5d:2a:53:c8:f0:16:
         43:d9:15:23:0b:f4:02:cb:1f:14:68:be:12:71:43:5d:66:11:
         5d:70:4a:9c:3f:42:f2:62:97:d6:91:96:2d:ff:5f:a5:93:cf:
         26:97:15:cc:47:b9:c0:39:83:11:19:bf:19:b3:23:b6:6d:cb:
         b4:d6:34:0e:20:0a:fe:63:59:55:97:c2:de:ad:4d:40:e9:c6:
         ab:67:9e:7a:0e:83:75:3d:2a:4b:87:85:72:4c:15:fe:25:ec:
         38:fd:91:0b:ef:41:c6:9a:0a:54:01:30:e6:fd:4b:a2:b3:c8:
         69:20:18:35:46:54:45:7e:e2:85:c3:da:42:e6:af:20:a6:9c:
         7e:cb:82:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz/M9rr1ToEjULYlR0TyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTY3YzU4YjRhNmZlMjEyZmMyMGZiNzU2OTQ5YWRkYzFh
OWE2MmMwHhcNMjYwNDE3MDUwMDM1WhcNMjYwNDE4MDUwMDM1WjAzMTEwLwYDVQQD
EyhkOTEwMTNlNWFiYWZkNGM1MGU3YTQyOTM0ODkwNzRmNjU4ODMwYzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMParsSkRjOQVBVZEKh3G08oo+dT
pclXvBwQY5BB90mHgtwSM1+2x3M7ugtx2POjxQ56tocTdlDCiy84gTjlQjuGMCHF
iyY9ukJOC/UK6c6MYvLqfoQeF/u/DROH/ctj6woOG64Wmgd8ol64YzNaVEk5OM5+
uvJqEEWlemcUyt/XUkdbH/dpqLJGVa6JvefEFvrCftP8RZ71wVXG4cy0zrjoS1js
PgMNYLkkcg0pObXwa4utQ2NZwI8dZECbKOp4RRBuEHZUBZ07csLneqctmQnljkX2
GUya5chSc3iK40ELwyByvHl9at7Q7rS0M44Yk+9qLVZ0WGQI2MsaXpG2NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkQE+Wrr9TFDnpCk0iQdPZYgwxjMB8GA1UdIwQY
MBaAFNqmfFi0pv4hL8IPt1aUmt3BqaYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYt
NTBmMzRmNDM1ZjAzLzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYtNTBmMzRmNDM1ZjAz
LzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfIGwFsSJ
mBakd3NeAQU3Nq5BLCJmcg+aCG3Efx6sfvlU3jjOg9o4tnkR6iotLKlsnhBQ0ucj
I4VQuzxmgsfIIp+WGJfAAHuCAQMA/kHTWGokXd4SS3dO+/rW99ECav/6Oj8Wso5E
fkDCjHkE6hLLq3F8S2ELjJP6XSpTyPAWQ9kVIwv0AssfFGi+EnFDXWYRXXBKnD9C
8mKX1pGWLf9fpZPPJpcVzEe5wDmDERm/GbMjtm3LtNY0DiAK/mNZVZfC3q1NQOnG
q2eeeg6DdT0qS4eFckwV/iXsOP2RC+9BxpoKVAEw5v1LorPIaSAYNUZURX7ihcPa
QuavIKacfsuCHw==
-----END CERTIFICATE-----