Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
File:                     2yNWAARVt7WJTO0UaYWgqIifnkw.mft (raw, json)
Hash identifier:          FfsdJitNjrhjLyePo2lPPr+M9dyx99zjYaiDgMxtJOs=
Subject key identifier:   12:09:00:21:9C:09:DE:7F:74:6F:9F:03:50:DE:0A:AE:7D:B7:30:85
Authority key identifier: DB:23:56:00:04:55:B7:B5:89:4C:ED:14:69:85:A0:A8:88:9F:9E:4C
Certificate issuer:       /CN=db2356000455b7b5894ced146985a0a8889f9e4c
Certificate serial:       019D9B8775F63762411EBA66BFBFB3A077C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
Manifest number:          16DD
Signing time:             Fri 17 Apr 2026 13:00:39 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:39 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:39 +0000
Files and hashes:         1: 2yNWAARVt7WJTO0UaYWgqIifnkw.crl (hash: M8wpo1UmERD3wr+qBGZbXi7m5UIsinR6AQ1ez6t3mmY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 13:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:75:f6:37:62:41:1e:ba:66:bf:bf:b3:a0:77:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db2356000455b7b5894ced146985a0a8889f9e4c
        Validity
            Not Before: Apr 17 13:00:39 2026 GMT
            Not After : Apr 18 13:00:39 2026 GMT
        Subject: CN=120900219c09de7f746f9f0350de0aae7db73085
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:7a:8f:69:7c:ef:91:a7:74:58:30:bf:ca:ad:
                    d4:ef:dc:5a:4d:eb:ca:8c:c9:63:82:54:f5:94:4d:
                    a0:04:c9:cd:3b:97:84:c0:e9:d7:44:c9:bb:6c:ab:
                    0f:a0:31:db:e1:cb:63:06:8e:83:de:d5:21:05:57:
                    ac:df:c3:6c:5c:95:11:7a:58:06:00:bb:1e:b1:d1:
                    fd:87:55:ce:22:96:b9:13:f7:21:17:3a:1c:2b:19:
                    49:29:c5:ba:0b:02:b3:33:d3:e1:57:45:c5:40:b7:
                    dc:dd:b8:f4:44:84:26:e0:ea:69:67:4f:6d:c0:53:
                    7e:a7:65:c0:4f:1e:3e:2d:2b:54:c7:9a:7b:93:0e:
                    8a:6c:b2:36:7b:67:94:cc:f1:75:3d:8e:1a:ed:62:
                    84:5b:97:f6:13:75:ea:fa:ba:2e:3b:0d:74:5d:ac:
                    ea:51:8b:77:01:7d:1d:26:88:b7:05:4a:c0:32:a5:
                    c1:b7:4a:06:4e:14:a0:7a:d1:04:94:7f:4f:29:21:
                    19:80:05:7c:9e:ca:e7:02:8f:4e:90:09:e8:8c:ec:
                    a9:83:1d:cb:d6:95:1a:d9:e4:e5:34:59:d2:f7:22:
                    8d:0e:01:c3:83:e7:3f:04:e9:e4:d4:f1:e7:01:d6:
                    de:d2:a1:cc:4c:6c:2f:b2:fe:f7:8e:20:23:38:77:
                    5c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:09:00:21:9C:09:DE:7F:74:6F:9F:03:50:DE:0A:AE:7D:B7:30:85
            X509v3 Authority Key Identifier:
                keyid:DB:23:56:00:04:55:B7:B5:89:4C:ED:14:69:85:A0:A8:88:9F:9E:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:c2:52:6c:23:4e:35:5e:a6:e9:e9:5a:0c:99:be:75:50:c7:
         3b:9e:ea:44:0f:7b:5d:4b:49:22:30:81:e4:d6:2e:ed:8f:9b:
         30:57:52:53:59:b6:4b:7f:a3:a3:c7:94:e5:e6:e9:bf:c0:b9:
         1f:42:58:66:bb:db:36:71:2c:b6:28:cc:8c:39:72:64:d9:83:
         4a:f7:f2:d8:00:92:d8:c2:f4:21:5a:93:c7:5d:17:00:c5:7f:
         64:b3:d0:57:f5:b9:bf:8d:a1:0b:24:b7:a4:a0:c7:cf:51:54:
         f4:55:d1:a9:32:fe:d7:41:b8:e8:09:52:c1:6b:9a:ba:0f:16:
         44:24:f3:bf:15:e8:8f:5b:b0:93:0d:eb:be:31:f4:55:17:27:
         28:23:33:19:7e:a7:72:32:b2:4e:e8:c5:e7:76:bd:60:c3:cf:
         91:59:47:e2:e5:15:aa:46:51:cb:e9:77:30:06:0d:90:8f:e9:
         07:4b:27:17:da:18:43:62:e1:7c:82:4a:8e:d9:aa:50:cc:e4:
         9b:bb:8b:51:29:8c:97:0a:be:03:b5:f0:a8:c6:8d:59:92:69:
         71:fc:3f:7a:6f:6e:7d:28:ca:fe:cb:59:91:85:ee:eb:eb:b2:
         02:74:64:4a:70:f8:bb:5f:39:c9:aa:00:fe:2f:88:ce:9d:b0:
         26:77:36:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh3X2N2JBHrpmv7+zoHfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM1NjAwMDQ1NWI3YjU4OTRjZWQxNDY5ODVhMGE4ODg5
ZjllNGMwHhcNMjYwNDE3MTMwMDM5WhcNMjYwNDE4MTMwMDM5WjAzMTEwLwYDVQQD
EygxMjA5MDAyMTljMDlkZTdmNzQ2ZjlmMDM1MGRlMGFhZTdkYjczMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXqPaXzvkad0WDC/yq3U79xaTevK
jMljglT1lE2gBMnNO5eEwOnXRMm7bKsPoDHb4ctjBo6D3tUhBVes38NsXJURelgG
ALsesdH9h1XOIpa5E/chFzocKxlJKcW6CwKzM9PhV0XFQLfc3bj0RIQm4OppZ09t
wFN+p2XATx4+LStUx5p7kw6KbLI2e2eUzPF1PY4a7WKEW5f2E3Xq+rouOw10Xazq
UYt3AX0dJoi3BUrAMqXBt0oGThSgetEElH9PKSEZgAV8nsrnAo9OkAnojOypgx3L
1pUa2eTlNFnS9yKNDgHDg+c/BOnk1PHnAdbe0qHMTGwvsv73jiAjOHdctwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIJACGcCd5/dG+fA1DeCq59tzCFMB8GA1UdIwQY
MBaAFNsjVgAEVbe1iUztFGmFoKiIn55MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85Yjg3ZjgtY2E5NC00ODNmLTg4ZWEt
NDg2MzkxMTQxMmZhLzEvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85Yjg3ZjgtY2E5NC00ODNmLTg4ZWEtNDg2MzkxMTQxMmZh
LzEvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAecJSbCNO
NV6m6elaDJm+dVDHO57qRA97XUtJIjCB5NYu7Y+bMFdSU1m2S3+jo8eU5ebpv8C5
H0JYZrvbNnEstijMjDlyZNmDSvfy2ACS2ML0IVqTx10XAMV/ZLPQV/W5v42hCyS3
pKDHz1FU9FXRqTL+10G46AlSwWuaug8WRCTzvxXoj1uwkw3rvjH0VRcnKCMzGX6n
cjKyTujF53a9YMPPkVlH4uUVqkZRy+l3MAYNkI/pB0snF9oYQ2LhfIJKjtmqUMzk
m7uLUSmMlwq+A7XwqMaNWZJpcfw/em9ufSjK/stZkYXu6+uyAnRkSnD4u185yaoA
/i+Izp2wJnc22w==
-----END CERTIFICATE-----