Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          wpn4W4xG0eKh4c3vpoFnniPolPZOZNwMZvXvfeW6Cc8=
Subject key identifier:   C2:3F:BE:49:C2:72:5C:00:8A:7B:9A:C8:D2:EA:1C:65:A6:2B:4C:C5
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       019D99D0A4C03536CF1301D8806BEE3CE82B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0CCE
Signing time:             Fri 17 Apr 2026 05:01:20 +0000
Manifest this update:     Fri 17 Apr 2026 05:01:20 +0000
Manifest next update:     Sat 18 Apr 2026 05:01:20 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: QQfgguz4KJVigA6ItyUw2jJmSMFE/yaaa3Iio51Jalc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:a4:c0:35:36:cf:13:01:d8:80:6b:ee:3c:e8:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Apr 17 05:01:20 2026 GMT
            Not After : Apr 18 05:01:20 2026 GMT
        Subject: CN=c23fbe49c2725c008a7b9ac8d2ea1c65a62b4cc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:95:d0:79:96:aa:d9:bc:11:11:54:98:a3:39:
                    e1:43:3d:28:87:04:16:8d:ec:d8:38:85:f9:99:21:
                    04:5b:83:f8:0c:0f:1a:d4:cf:70:7c:7b:f5:cf:06:
                    83:ef:e6:63:7c:e1:06:05:66:25:28:23:c2:f3:21:
                    9a:e5:c1:5c:50:5c:bd:d3:4b:58:be:b4:36:b0:d3:
                    9c:42:8e:23:bd:8b:ef:ff:76:f0:e4:86:3b:2d:39:
                    de:1c:21:82:a4:43:54:99:04:61:ac:ae:d2:5c:52:
                    bf:09:96:1b:a4:1b:63:cb:11:42:4d:e1:f0:9b:cb:
                    b1:f7:e5:90:19:60:c3:2b:1c:8a:a9:6d:1b:e7:c0:
                    d3:11:10:d6:fc:5a:2a:d6:91:32:02:0b:2c:7c:b6:
                    5b:3f:c4:75:c7:5b:29:ff:66:2e:bb:82:a3:59:12:
                    cb:cb:19:50:76:b4:08:8a:8b:9f:4f:ca:c9:80:eb:
                    d2:96:ee:26:64:51:41:b0:17:ca:c6:8a:b6:fe:ec:
                    4b:0b:fd:a3:97:5a:b5:8a:fb:24:0b:db:a3:8c:43:
                    9e:b2:1a:46:a2:6a:03:35:28:dd:09:26:66:4e:72:
                    39:5a:62:cb:58:7a:c1:e6:b8:d4:78:da:a6:fa:35:
                    73:b1:10:20:b8:be:df:db:3d:a1:2c:4d:98:d5:49:
                    08:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:3F:BE:49:C2:72:5C:00:8A:7B:9A:C8:D2:EA:1C:65:A6:2B:4C:C5
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:c4:53:b8:59:c7:16:ab:9e:6b:b8:a7:69:4e:34:af:89:ae:
         57:d9:75:84:92:b1:2f:1d:c7:dd:3f:ab:08:1b:de:a7:a8:07:
         51:89:86:b1:60:08:63:ae:e9:81:15:bd:72:03:81:be:e7:30:
         f6:2b:e9:e7:cb:44:13:f1:8e:3a:0a:fe:4e:4c:bc:74:15:8a:
         fa:7b:17:14:36:37:04:6f:a5:f9:6e:a2:ae:ea:a8:0e:0f:8b:
         d2:ce:a0:17:b7:51:2d:01:3d:a2:be:fc:92:fd:cb:e1:3f:97:
         82:5a:91:77:10:3b:45:ad:8d:31:33:2c:f9:4e:fd:31:90:b1:
         56:10:17:97:89:7e:aa:ed:89:6b:a8:81:2a:cb:d3:ca:b5:3c:
         d0:f0:c3:eb:6f:2a:e6:f6:43:b8:1b:e0:71:94:c0:72:6c:14:
         60:79:4c:4c:aa:ce:7a:c4:0c:bc:20:cf:72:09:8e:1f:e2:f9:
         82:e3:48:1e:6c:09:08:58:6b:0b:f7:cd:6c:a4:98:b0:ae:c9:
         ac:65:35:9e:55:17:20:f2:ad:26:27:ac:f2:5b:46:ee:12:ca:
         2c:79:08:28:4a:73:14:df:c6:99:81:61:02:86:7b:10:86:52:
         70:02:80:98:4d:77:af:9a:93:c6:0a:94:9a:04:e2:1f:16:74:
         09:4b:20:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0KTANTbPEwHYgGvuPOgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjYwNDE3MDUwMTIwWhcNMjYwNDE4MDUwMTIwWjAzMTEwLwYDVQQD
EyhjMjNmYmU0OWMyNzI1YzAwOGE3YjlhYzhkMmVhMWM2NWE2MmI0Y2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspXQeZaq2bwREVSYoznhQz0ohwQW
jezYOIX5mSEEW4P4DA8a1M9wfHv1zwaD7+ZjfOEGBWYlKCPC8yGa5cFcUFy900tY
vrQ2sNOcQo4jvYvv/3bw5IY7LTneHCGCpENUmQRhrK7SXFK/CZYbpBtjyxFCTeHw
m8ux9+WQGWDDKxyKqW0b58DTERDW/Foq1pEyAgssfLZbP8R1x1sp/2Yuu4KjWRLL
yxlQdrQIioufT8rJgOvSlu4mZFFBsBfKxoq2/uxLC/2jl1q1ivskC9ujjEOeshpG
omoDNSjdCSZmTnI5WmLLWHrB5rjUeNqm+jVzsRAguL7f2z2hLE2Y1UkIawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMI/vknCclwAinuayNLqHGWmK0zFMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB8RTuFnH
Fquea7inaU40r4muV9l1hJKxLx3H3T+rCBvep6gHUYmGsWAIY67pgRW9cgOBvucw
9ivp58tEE/GOOgr+Tky8dBWK+nsXFDY3BG+l+W6iruqoDg+L0s6gF7dRLQE9or78
kv3L4T+XglqRdxA7Ra2NMTMs+U79MZCxVhAXl4l+qu2Ja6iBKsvTyrU80PDD628q
5vZDuBvgcZTAcmwUYHlMTKrOesQMvCDPcgmOH+L5guNIHmwJCFhrC/fNbKSYsK7J
rGU1nlUXIPKtJies8ltG7hLKLHkIKEpzFN/GmYFhAoZ7EIZScAKAmE13r5qTxgqU
mgTiHxZ0CUsgDg==
-----END CERTIFICATE-----