Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          XfficiyVNuF7YO2mYp7FLaciS3Hjzv4ETcmEoYXJ5dA=
Subject key identifier:   FD:3D:75:53:EF:FA:7F:14:B7:72:B5:26:BF:00:82:12:B7:C7:E2:69
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       019CAC4712CBAC283C9191D7C5873251F1F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0C53
Signing time:             Mon 02 Mar 2026 02:01:04 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:04 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:04 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: smZdcCzXzd8WSOdm7fJSLQp4ikcFkQ4gsi1UzXZvwkc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:12:cb:ac:28:3c:91:91:d7:c5:87:32:51:f1:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Mar  2 02:01:04 2026 GMT
            Not After : Mar  3 02:01:04 2026 GMT
        Subject: CN=fd3d7553effa7f14b772b526bf008212b7c7e269
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:3b:73:92:32:42:8a:3f:95:16:57:34:e4:5c:
                    1b:ad:c8:f3:70:52:35:79:c8:27:5e:d3:ad:fc:7f:
                    db:79:9c:e7:2b:41:e2:c3:0b:cc:ca:55:05:09:0b:
                    67:b5:b6:d7:0a:3f:0f:24:bf:05:e5:78:41:65:97:
                    00:07:40:4a:23:f4:df:53:8e:1b:f4:27:eb:d9:af:
                    9b:1b:9a:e9:11:8e:a9:d5:71:02:63:da:2f:6c:57:
                    a2:67:1f:76:8c:23:bd:d4:a4:e9:eb:fd:e0:0e:d2:
                    f0:2d:ab:de:6f:cb:c5:61:33:d1:f5:57:89:d1:d6:
                    f2:c5:26:35:ea:63:2b:27:2b:f3:d8:a7:6a:f4:f0:
                    85:96:13:08:fc:35:94:99:b9:87:72:ea:82:71:38:
                    2f:27:d9:24:79:68:f3:ad:e6:9a:e3:61:81:2e:26:
                    d6:45:d0:53:44:7c:f3:4d:5b:54:52:aa:fc:27:22:
                    7f:9d:d0:2e:6e:ac:2b:bf:0a:b0:93:03:cd:4b:28:
                    ca:bf:54:f9:af:97:14:f2:04:3d:b4:0d:9d:6e:c7:
                    f2:ff:a7:7b:cf:55:32:74:fe:56:12:72:33:0e:40:
                    6c:40:c1:5f:85:1a:93:1f:3c:d0:c7:32:0b:87:f6:
                    88:78:ab:49:52:50:29:51:5a:f9:a2:c8:21:d8:4f:
                    2c:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:3D:75:53:EF:FA:7F:14:B7:72:B5:26:BF:00:82:12:B7:C7:E2:69
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:c1:92:8d:03:95:c8:b5:b5:a6:45:c1:e3:ce:aa:c4:52:a9:
         17:73:e9:04:6b:46:b8:9d:b5:0e:ee:07:dc:0d:94:f7:82:3c:
         3d:77:49:2e:70:ee:b2:47:75:60:3f:fb:6f:66:aa:e1:72:e0:
         ef:e6:ea:c3:78:2a:6a:3c:c1:2e:79:65:ff:2e:7d:f7:3a:87:
         2a:a0:ce:00:24:5c:c9:3e:c4:bc:d5:de:c2:1d:62:b6:9d:a2:
         ff:64:f3:53:66:48:a0:f2:8e:8a:bb:bf:c0:5d:7a:1d:95:76:
         86:cd:20:bf:53:3c:80:3d:45:a3:d5:d7:a0:2c:65:2c:9f:a3:
         e4:5e:4c:cc:6d:bf:2b:42:77:28:4a:3d:cf:ad:d2:8b:f7:88:
         ae:e1:dd:63:35:26:f5:ed:36:1f:65:f3:48:0c:a0:4d:d4:29:
         d2:3a:cd:8f:b9:a4:c6:e5:01:0c:6c:95:79:66:c6:4b:29:a9:
         55:df:fe:d6:64:8a:4c:62:a5:b7:5d:3b:9b:1f:b4:4d:ae:c0:
         f5:b4:45:f1:b8:c8:e4:d3:cc:59:dc:ff:00:1a:cf:d4:39:65:
         19:08:42:6f:cf:08:ba:ca:3b:cc:32:91:1b:d5:43:ef:99:b4:
         e1:f1:b1:cf:f6:f5:fa:9f:22:58:c1:8d:f9:44:65:e3:b8:c6:
         91:d5:31:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRxLLrCg8kZHXxYcyUfH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjYwMzAyMDIwMTA0WhcNMjYwMzAzMDIwMTA0WjAzMTEwLwYDVQQD
EyhmZDNkNzU1M2VmZmE3ZjE0Yjc3MmI1MjZiZjAwODIxMmI3YzdlMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DtzkjJCij+VFlc05FwbrcjzcFI1
ecgnXtOt/H/beZznK0HiwwvMylUFCQtntbbXCj8PJL8F5XhBZZcAB0BKI/TfU44b
9Cfr2a+bG5rpEY6p1XECY9ovbFeiZx92jCO91KTp6/3gDtLwLaveb8vFYTPR9VeJ
0dbyxSY16mMrJyvz2Kdq9PCFlhMI/DWUmbmHcuqCcTgvJ9kkeWjzreaa42GBLibW
RdBTRHzzTVtUUqr8JyJ/ndAubqwrvwqwkwPNSyjKv1T5r5cU8gQ9tA2dbsfy/6d7
z1UydP5WEnIzDkBsQMFfhRqTHzzQxzILh/aIeKtJUlApUVr5osgh2E8sxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP09dVPv+n8Ut3K1Jr8AghK3x+JpMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp8GSjQOV
yLW1pkXB486qxFKpF3PpBGtGuJ21Du4H3A2U94I8PXdJLnDuskd1YD/7b2aq4XLg
7+bqw3gqajzBLnll/y599zqHKqDOACRcyT7EvNXewh1itp2i/2TzU2ZIoPKOiru/
wF16HZV2hs0gv1M8gD1Fo9XXoCxlLJ+j5F5MzG2/K0J3KEo9z63Si/eIruHdYzUm
9e02H2XzSAygTdQp0jrNj7mkxuUBDGyVeWbGSympVd/+1mSKTGKlt107mx+0Ta7A
9bRF8bjI5NPMWdz/ABrP1DllGQhCb88Iuso7zDKRG9VD75m04fGxz/b1+p8iWMGN
+URl47jGkdUxfA==
-----END CERTIFICATE-----