Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
File:                     2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json)
Hash identifier:          gUdD+pqNBlDZBKflYkC0b4nZmpwpU6T/itbureheh3Q=
Subject key identifier:   24:A8:75:5C:17:BA:A4:29:0A:FC:C8:B8:AA:F0:C7:00:C5:A8:7E:2B
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Certificate issuer:       /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial:       019EC111F705C5E928450E7A05FD8D33DA97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
Manifest number:          1972
Signing time:             Sat 13 Jun 2026 13:00:40 +0000
Manifest this update:     Sat 13 Jun 2026 13:00:40 +0000
Manifest next update:     Sun 14 Jun 2026 13:00:40 +0000
Files and hashes:         1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: 4qAvvucyFpL/uHy9TG11v/FhCTkCf2D0uMNdIWZtVzE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c1:11:f7:05:c5:e9:28:45:0e:7a:05:fd:8d:33:da:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
        Validity
            Not Before: Jun 13 13:00:40 2026 GMT
            Not After : Jun 14 13:00:40 2026 GMT
        Subject: CN=24a8755c17baa4290afcc8b8aaf0c700c5a87e2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:04:0a:db:12:d2:e5:db:6e:fb:ae:ff:66:a9:
                    99:01:ef:e9:c9:fc:dc:9e:5c:1a:f5:e3:f8:be:96:
                    88:c3:d1:87:e7:8f:43:b6:66:40:64:5b:56:58:bb:
                    51:8f:23:f9:90:5f:f0:3a:d5:a5:41:02:25:fd:cd:
                    5b:e2:cd:20:ef:8e:33:d0:b9:42:6d:fe:02:20:dd:
                    65:5b:8d:93:c0:8f:9b:16:ed:34:89:a0:10:e2:ee:
                    22:38:b5:1f:06:4a:67:bd:99:4c:ea:86:13:cd:1c:
                    33:89:4f:7c:4c:18:76:7a:0c:28:13:ec:59:e4:82:
                    7a:6e:eb:a0:97:08:0e:b9:a4:ef:6a:b1:0d:3c:f6:
                    c4:56:e5:93:49:bf:10:71:b3:4f:7b:67:98:f0:7d:
                    a9:46:f1:2e:34:e6:ef:8e:c3:45:f9:2a:a8:0f:05:
                    17:91:90:c1:4f:0b:66:ce:6a:d3:bb:25:2b:02:50:
                    cb:ea:87:e7:17:d7:1d:55:1c:bd:59:fc:c8:50:46:
                    52:bf:13:6e:3b:94:24:19:ee:20:8f:05:7a:50:0d:
                    60:2d:12:65:85:3f:d9:8f:3b:de:6d:59:14:d7:d0:
                    64:a9:ce:3e:20:a2:e0:75:5e:a8:d2:28:15:80:4e:
                    bb:78:03:70:de:38:a7:68:94:55:86:c4:0f:ae:1b:
                    30:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:A8:75:5C:17:BA:A4:29:0A:FC:C8:B8:AA:F0:C7:00:C5:A8:7E:2B
            X509v3 Authority Key Identifier:
                keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:59:58:06:61:a6:a5:01:ea:8c:df:9b:fd:2a:52:c2:28:bb:
         7b:78:97:90:f6:b0:f0:b6:11:0f:3e:88:a5:ef:66:83:49:a2:
         0f:3a:6b:df:2c:4f:f8:a8:ad:52:e6:30:f1:4d:71:af:50:80:
         26:1c:52:43:a8:f0:94:29:4c:ac:1f:54:ae:39:f0:8b:9d:57:
         69:03:8b:4e:b0:2b:2b:c7:37:d4:22:63:21:0e:6b:bd:0f:9e:
         d8:87:ee:af:b0:eb:6f:2b:20:0e:35:6f:99:0d:0a:d6:a1:46:
         b6:f9:a7:23:fd:2b:a3:e1:33:23:2a:65:e6:c6:fd:f0:e0:de:
         8f:42:57:7f:96:af:ae:f6:a5:b8:09:d9:97:0b:0c:ba:be:1f:
         76:06:8c:4b:96:f9:11:e7:06:49:61:0b:50:0b:17:08:db:dc:
         34:e6:e0:f3:df:1d:d1:db:4d:e3:37:22:45:82:14:f1:b0:57:
         63:0a:fd:6e:84:7e:fa:07:b6:ae:60:fc:6c:e6:cd:4c:eb:90:
         42:bc:a0:ad:e6:72:b2:d8:a7:8d:62:fb:80:1c:54:c6:7d:96:
         50:73:aa:67:2a:93:44:ba:fc:a3:e8:ed:18:3e:4f:a2:85:ff:
         14:f0:55:f8:5c:46:d3:72:ea:f3:1d:20:e1:ac:81:a8:60:70:
         af:7d:9b:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7BEfcFxekoRQ56Bf2NM9qXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjYwNjEzMTMwMDQwWhcNMjYwNjE0MTMwMDQwWjAzMTEwLwYDVQQD
EygyNGE4NzU1YzE3YmFhNDI5MGFmY2M4YjhhYWYwYzcwMGM1YTg3ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8QQK2xLS5dtu+67/ZqmZAe/pyfzc
nlwa9eP4vpaIw9GH549DtmZAZFtWWLtRjyP5kF/wOtWlQQIl/c1b4s0g744z0LlC
bf4CIN1lW42TwI+bFu00iaAQ4u4iOLUfBkpnvZlM6oYTzRwziU98TBh2egwoE+xZ
5IJ6buuglwgOuaTvarENPPbEVuWTSb8QcbNPe2eY8H2pRvEuNObvjsNF+SqoDwUX
kZDBTwtmzmrTuyUrAlDL6ofnF9cdVRy9WfzIUEZSvxNuO5QkGe4gjwV6UA1gLRJl
hT/ZjzvebVkU19Bkqc4+IKLgdV6o0igVgE67eANw3jinaJRVhsQPrhswCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSodVwXuqQpCvzIuKrwxwDFqH4rMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJVlYBmGm
pQHqjN+b/SpSwii7e3iXkPaw8LYRDz6Ipe9mg0miDzpr3yxP+KitUuYw8U1xr1CA
JhxSQ6jwlClMrB9Urjnwi51XaQOLTrArK8c31CJjIQ5rvQ+e2Ifur7DrbysgDjVv
mQ0K1qFGtvmnI/0ro+EzIypl5sb98ODej0JXf5avrvaluAnZlwsMur4fdgaMS5b5
EecGSWELUAsXCNvcNObg898d0dtN4zciRYIU8bBXYwr9boR++ge2rmD8bObNTOuQ
QrygreZystinjWL7gBxUxn2WUHOqZyqTRLr8o+jtGD5PooX/FPBV+FxG03Lq8x0g
4ayBqGBwr32bSA==
-----END CERTIFICATE-----