Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          I9ggFrODvd1OEADVXpaSMvZJbjcT4KaYAppR2petiTE=
Subject key identifier:   5A:57:EA:AC:AD:9D:FC:4E:39:D4:2A:8C:35:7C:59:B1:3F:C8:65:D3
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       019EBE7EB6EB21F4961CB325EA74CED8C825
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          103A
Signing time:             Sat 13 Jun 2026 01:00:35 +0000
Manifest this update:     Sat 13 Jun 2026 01:00:35 +0000
Manifest next update:     Sun 14 Jun 2026 01:00:35 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: yTjrIiNm1nX2YyWrbtw+2rLoFcPwtmlaDNaO+rJfYq4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7e:b6:eb:21:f4:96:1c:b3:25:ea:74:ce:d8:c8:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: Jun 13 01:00:35 2026 GMT
            Not After : Jun 14 01:00:35 2026 GMT
        Subject: CN=5a57eaacad9dfc4e39d42a8c357c59b13fc865d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d4:e2:e0:28:84:30:e2:54:fc:45:54:a1:ab:
                    8e:b9:e8:7c:0c:5a:17:da:00:c2:85:e9:bc:9c:00:
                    d6:08:ac:38:9a:c3:2c:9e:72:34:29:1d:29:89:43:
                    97:df:71:58:d2:5b:ae:de:9c:30:99:a9:ec:aa:06:
                    09:13:56:d7:bb:17:41:8c:43:87:56:c6:99:8c:81:
                    0e:29:30:c7:66:25:20:a1:0a:0a:53:04:11:ac:e0:
                    34:08:f3:3e:91:f9:69:25:6f:bd:c2:57:0e:04:3d:
                    5a:28:12:b1:27:af:5c:ca:cd:ce:be:38:c3:ac:b4:
                    08:d9:4c:fb:54:bf:ad:26:94:a5:25:8a:0a:91:56:
                    7c:04:be:1c:b7:97:d9:16:5f:0b:b9:f9:ae:34:d2:
                    50:43:59:42:cf:a4:70:41:c9:e0:e3:57:d7:f5:63:
                    04:8e:d2:70:d0:77:dc:cf:5a:26:c6:12:a2:b4:e4:
                    6c:72:d5:4d:b2:4f:8e:e8:1e:89:80:82:b1:49:3e:
                    7a:8f:59:03:3d:2a:e6:78:19:4f:c1:7f:ac:e7:11:
                    9a:3c:45:b1:bd:0b:55:19:95:cf:0b:e6:5b:b5:d5:
                    3e:af:75:9c:e1:c9:e5:dd:e9:5f:25:07:dd:d3:68:
                    0b:07:3f:75:16:da:16:96:d7:39:32:d8:86:ba:2c:
                    73:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:57:EA:AC:AD:9D:FC:4E:39:D4:2A:8C:35:7C:59:B1:3F:C8:65:D3
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:b7:1f:51:01:d0:6b:06:09:27:45:20:21:42:ee:12:f4:ed:
         cb:b4:30:e8:86:d9:7c:c5:70:e1:ba:79:13:b4:15:80:66:38:
         ca:3c:7e:f3:25:e7:b8:88:95:44:a3:5f:7d:bc:d8:a3:b7:93:
         9b:93:93:ee:3a:86:3a:88:ef:cf:34:37:48:e1:a5:ad:c9:d4:
         06:56:3e:20:7a:93:be:bc:5d:a8:fa:35:69:0f:df:26:1d:07:
         bd:d4:90:32:85:35:b7:6c:3b:85:02:63:51:16:63:85:42:7b:
         b9:08:56:8d:e6:be:f5:3c:62:5d:a7:99:58:ba:71:47:63:3c:
         e7:88:94:f9:bb:c3:be:f7:4a:1b:07:4b:c6:14:d5:84:e5:b4:
         19:8b:06:62:76:17:4a:da:c7:12:89:91:95:29:29:25:29:cd:
         ac:46:83:0a:9e:c6:b3:1b:c8:7a:39:12:d1:6f:21:da:cb:13:
         ab:ec:f4:ab:05:bf:df:4b:ae:85:1d:14:bd:03:1f:43:99:23:
         a6:82:20:30:39:f6:19:23:10:6c:ce:a5:68:e6:49:73:90:7f:
         e3:d1:b2:60:fa:d1:96:87:de:6a:cb:a5:e6:db:d2:6b:8d:60:
         6a:58:b8:d0:aa:08:86:2a:05:f3:7a:1d:fb:e3:c7:e2:11:2e:
         47:65:78:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+frbrIfSWHLMl6nTO2MglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjYwNjEzMDEwMDM1WhcNMjYwNjE0MDEwMDM1WjAzMTEwLwYDVQQD
Eyg1YTU3ZWFhY2FkOWRmYzRlMzlkNDJhOGMzNTdjNTliMTNmYzg2NWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9Ti4CiEMOJU/EVUoauOueh8DFoX
2gDChem8nADWCKw4msMsnnI0KR0piUOX33FY0luu3pwwmansqgYJE1bXuxdBjEOH
VsaZjIEOKTDHZiUgoQoKUwQRrOA0CPM+kflpJW+9wlcOBD1aKBKxJ69cys3OvjjD
rLQI2Uz7VL+tJpSlJYoKkVZ8BL4ct5fZFl8LufmuNNJQQ1lCz6RwQcng41fX9WME
jtJw0Hfcz1omxhKitORsctVNsk+O6B6JgIKxST56j1kDPSrmeBlPwX+s5xGaPEWx
vQtVGZXPC+ZbtdU+r3Wc4cnl3elfJQfd02gLBz91FtoWltc5MtiGuixzMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpX6qytnfxOOdQqjDV8WbE/yGXTMB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfbcfUQHQ
awYJJ0UgIULuEvTty7Qw6IbZfMVw4bp5E7QVgGY4yjx+8yXnuIiVRKNffbzYo7eT
m5OT7jqGOojvzzQ3SOGlrcnUBlY+IHqTvrxdqPo1aQ/fJh0HvdSQMoU1t2w7hQJj
URZjhUJ7uQhWjea+9TxiXaeZWLpxR2M854iU+bvDvvdKGwdLxhTVhOW0GYsGYnYX
StrHEomRlSkpJSnNrEaDCp7GsxvIejkS0W8h2ssTq+z0qwW/30uuhR0UvQMfQ5kj
poIgMDn2GSMQbM6laOZJc5B/49GyYPrRlofeasul5tvSa41gali40KoIhioF83od
++PH4hEuR2V48A==
-----END CERTIFICATE-----