Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          3o/qeptyE0V0CmFsooWjyDPnx51h69t1PDUq9Tr7BSo=
Subject key identifier:   FC:C1:0E:E6:13:DF:42:A0:22:A5:B9:4D:25:71:42:F0:87:F3:7F:7F
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       019EBF5AA0C707E69A5F1B28E1C9DDA02E40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0D66
Signing time:             Sat 13 Jun 2026 05:00:47 +0000
Manifest this update:     Sat 13 Jun 2026 05:00:47 +0000
Manifest next update:     Sun 14 Jun 2026 05:00:47 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: ez2HSAy+NPA0X6FHf18Tif7I5WvyR6elxqB5niway18=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:5a:a0:c7:07:e6:9a:5f:1b:28:e1:c9:dd:a0:2e:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Jun 13 05:00:47 2026 GMT
            Not After : Jun 14 05:00:47 2026 GMT
        Subject: CN=fcc10ee613df42a022a5b94d257142f087f37f7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:3a:e8:c2:bc:37:a5:48:25:12:4e:53:c1:2e:
                    7c:f3:a8:6e:d6:34:75:8b:88:4e:5b:b9:0f:41:f2:
                    40:89:6d:43:6a:a8:71:12:ba:9a:25:06:29:6f:f7:
                    7d:50:32:39:b7:1b:1b:ab:8e:6c:c6:48:d3:fc:9d:
                    73:bb:86:a1:66:eb:25:f3:55:51:e6:b4:62:da:b9:
                    34:83:2b:d9:1b:3c:b3:1e:34:ba:4e:0a:ae:2d:d0:
                    da:fa:a9:b5:8f:99:bc:84:75:bc:a1:2f:aa:16:ea:
                    ff:e3:da:28:e1:69:f0:e3:b0:ba:48:05:03:05:ed:
                    9f:6f:08:21:19:e6:b5:c8:cd:33:8c:97:22:45:e4:
                    71:24:7f:64:3a:6c:33:c5:40:25:54:35:fa:21:16:
                    f5:6f:cd:e8:78:70:73:ce:74:23:ac:a8:9c:a0:71:
                    a1:ac:9c:a8:0a:c1:36:ce:10:1a:b7:57:50:5c:23:
                    f7:dc:d5:74:3d:b4:06:c3:76:f7:50:d6:8b:13:ae:
                    04:02:8b:d5:d9:7c:07:3d:10:be:e0:b9:94:53:3f:
                    0e:4e:20:30:88:8c:99:6b:f5:d2:b2:b1:69:21:ce:
                    38:02:41:36:bb:5f:97:78:bb:33:76:a4:7a:66:be:
                    09:5c:02:e9:db:e0:bb:f7:59:78:6e:07:e0:73:76:
                    3f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:C1:0E:E6:13:DF:42:A0:22:A5:B9:4D:25:71:42:F0:87:F3:7F:7F
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:39:dd:87:73:f5:09:a7:18:45:60:43:ba:6e:ef:2f:43:dc:
         33:96:6f:68:19:e9:d2:ef:5d:8f:43:84:29:6f:3a:71:70:e3:
         8c:9d:43:d8:46:67:3f:d6:06:c3:15:fe:ef:fd:d8:72:d5:91:
         1b:66:f3:21:42:9e:59:0b:6c:67:9a:dc:8c:1d:60:28:ca:89:
         02:2a:4b:a6:84:fb:ba:af:94:cb:cb:25:41:16:bd:9f:cc:b9:
         a5:33:54:8d:ea:76:10:7a:ff:18:dd:e9:0c:d9:82:37:db:a6:
         8c:86:62:01:00:ad:9c:4b:14:55:e7:ee:67:0a:23:3d:1b:40:
         25:82:7f:5f:e9:c1:1a:62:c8:ef:e6:e4:56:d7:14:85:64:04:
         14:e3:74:59:7c:6e:5f:66:68:0c:4a:10:a3:8f:d5:81:43:7a:
         26:d8:30:9a:ba:97:25:39:7b:68:7c:88:0b:d5:bc:da:39:15:
         a7:e1:48:05:7e:27:35:61:8c:93:e0:40:1b:b1:8d:45:ff:b3:
         60:9d:68:00:9c:6b:a4:10:b2:d0:fe:20:f0:c4:cc:fe:36:f7:
         58:09:53:2c:c1:91:e3:fa:60:89:53:a9:14:a6:09:42:11:80:
         c9:3e:d2:e8:7b:74:45:cf:97:0d:b8:da:47:61:3f:ed:3e:83:
         a6:b6:63:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/WqDHB+aaXxso4cndoC5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjYwNjEzMDUwMDQ3WhcNMjYwNjE0MDUwMDQ3WjAzMTEwLwYDVQQD
EyhmY2MxMGVlNjEzZGY0MmEwMjJhNWI5NGQyNTcxNDJmMDg3ZjM3ZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjrowrw3pUglEk5TwS5886hu1jR1
i4hOW7kPQfJAiW1DaqhxErqaJQYpb/d9UDI5txsbq45sxkjT/J1zu4ahZusl81VR
5rRi2rk0gyvZGzyzHjS6TgquLdDa+qm1j5m8hHW8oS+qFur/49oo4Wnw47C6SAUD
Be2fbwghGea1yM0zjJciReRxJH9kOmwzxUAlVDX6IRb1b83oeHBzznQjrKicoHGh
rJyoCsE2zhAat1dQXCP33NV0PbQGw3b3UNaLE64EAovV2XwHPRC+4LmUUz8OTiAw
iIyZa/XSsrFpIc44AkE2u1+XeLszdqR6Zr4JXALp2+C791l4bgfgc3Y/TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzBDuYT30KgIqW5TSVxQvCH839/MB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwjndh3P1
CacYRWBDum7vL0PcM5ZvaBnp0u9dj0OEKW86cXDjjJ1D2EZnP9YGwxX+7/3YctWR
G2bzIUKeWQtsZ5rcjB1gKMqJAipLpoT7uq+Uy8slQRa9n8y5pTNUjep2EHr/GN3p
DNmCN9umjIZiAQCtnEsUVefuZwojPRtAJYJ/X+nBGmLI7+bkVtcUhWQEFON0WXxu
X2ZoDEoQo4/VgUN6JtgwmrqXJTl7aHyIC9W82jkVp+FIBX4nNWGMk+BAG7GNRf+z
YJ1oAJxrpBCy0P4g8MTM/jb3WAlTLMGR4/pgiVOpFKYJQhGAyT7S6Ht0Rc+XDbja
R2E/7T6DprZj/Q==
-----END CERTIFICATE-----