Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          Y51AfrQAzeYAHbRXGCUIGojsmlgYGjPwvgkTBnzUdwI=
Subject key identifier:   34:29:EC:C6:29:1C:68:91:DD:F1:3B:96:5B:65:1C:C5:C5:F6:EE:F9
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       019CAB6B730DBD1B20FE7596C68E435D7C89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0C54
Signing time:             Sun 01 Mar 2026 22:01:11 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:11 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:11 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: MV8Tjmg+O78DwUuxsEMyGr4yk41H2Y1NXbooZ3SkMtk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:73:0d:bd:1b:20:fe:75:96:c6:8e:43:5d:7c:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Mar  1 22:01:11 2026 GMT
            Not After : Mar  2 22:01:11 2026 GMT
        Subject: CN=3429ecc6291c6891ddf13b965b651cc5c5f6eef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:68:7d:5b:37:df:4e:88:82:67:8b:6b:b9:a6:
                    81:16:2b:0f:f3:52:4f:77:13:63:f7:98:72:d0:e0:
                    5e:b1:5a:39:ac:e4:ab:de:5a:3f:31:98:c5:0e:c1:
                    a8:b8:1a:0f:4e:09:9b:b2:40:d0:46:29:38:e3:58:
                    48:6d:fb:1d:c5:6f:3f:90:1b:33:56:82:5d:d6:41:
                    0f:29:49:d7:82:5c:43:f5:64:36:40:f3:17:2b:f7:
                    08:fb:bc:0c:c5:f7:86:12:9f:67:ab:b5:05:0a:67:
                    0d:9a:84:74:6f:71:30:25:9f:2d:2a:29:73:28:ca:
                    db:06:f4:61:5b:ef:2d:94:c1:41:10:e9:cd:41:f6:
                    25:97:2d:a2:d5:73:49:7a:0f:6d:42:bb:ad:28:5e:
                    4b:6b:d6:84:57:17:6a:37:26:af:e4:73:00:78:e4:
                    07:d3:be:82:7e:3b:f6:0c:15:a6:8b:2b:65:6c:ce:
                    91:4a:c4:7c:68:35:0f:36:68:18:12:aa:a8:8c:ac:
                    b9:68:30:a9:3c:b9:17:f6:df:d2:c6:84:8f:3c:98:
                    d3:d2:50:61:fd:54:8a:91:f7:1b:77:1f:f6:14:f8:
                    26:0a:92:d8:e0:50:df:c9:3b:12:39:7a:58:7e:8e:
                    17:4b:12:69:04:2a:cc:63:8b:e8:90:29:c5:dc:6d:
                    9f:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:29:EC:C6:29:1C:68:91:DD:F1:3B:96:5B:65:1C:C5:C5:F6:EE:F9
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:7c:a1:a9:c8:2d:f3:ca:58:09:05:46:63:a2:b3:a7:12:0d:
         59:d4:f6:58:6a:1e:94:7d:cb:47:dc:58:8e:20:bb:11:55:72:
         56:5e:f3:15:f9:cc:e8:9c:f0:d2:47:d0:d3:0b:6b:2e:0e:a7:
         25:14:3f:10:62:c2:0c:1a:6e:ba:db:0e:56:52:67:af:62:00:
         5d:ed:bb:f1:fd:55:94:5e:a2:d9:84:ff:9c:c2:2b:06:1c:f2:
         b3:f6:a7:0b:c1:0f:44:28:20:21:50:a6:9b:24:5f:b5:c0:49:
         0a:04:4f:78:64:a3:f1:fa:0f:1f:d7:3d:91:c8:11:f1:1f:65:
         1d:e7:39:c6:76:e2:df:91:71:86:45:09:86:a0:8c:ce:07:34:
         47:39:f7:90:9e:61:93:7b:24:df:9b:01:a4:72:55:8f:72:d3:
         4b:85:0d:61:61:fb:dc:1d:01:98:aa:0c:73:f7:9f:70:b5:3b:
         6e:ad:c7:39:24:b9:b7:a6:30:96:41:66:44:19:25:bf:af:d5:
         a3:40:16:f0:12:89:72:8a:4a:ea:ab:c1:7c:74:b9:e8:9e:84:
         5d:f5:7c:79:00:2a:5c:a9:ee:ea:1e:8a:70:e2:d4:24:f4:c2:
         4c:97:f4:8a:72:86:49:43:9b:8c:7f:ec:75:63:8c:ed:e6:d8:
         c6:5d:9d:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra3MNvRsg/nWWxo5DXXyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjYwMzAxMjIwMTExWhcNMjYwMzAyMjIwMTExWjAzMTEwLwYDVQQD
EygzNDI5ZWNjNjI5MWM2ODkxZGRmMTNiOTY1YjY1MWNjNWM1ZjZlZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWh9WzffToiCZ4truaaBFisP81JP
dxNj95hy0OBesVo5rOSr3lo/MZjFDsGouBoPTgmbskDQRik441hIbfsdxW8/kBsz
VoJd1kEPKUnXglxD9WQ2QPMXK/cI+7wMxfeGEp9nq7UFCmcNmoR0b3EwJZ8tKilz
KMrbBvRhW+8tlMFBEOnNQfYlly2i1XNJeg9tQrutKF5La9aEVxdqNyav5HMAeOQH
076Cfjv2DBWmiytlbM6RSsR8aDUPNmgYEqqojKy5aDCpPLkX9t/SxoSPPJjT0lBh
/VSKkfcbdx/2FPgmCpLY4FDfyTsSOXpYfo4XSxJpBCrMY4vokCnF3G2fBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQp7MYpHGiR3fE7lltlHMXF9u75MB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKHyhqcgt
88pYCQVGY6KzpxINWdT2WGoelH3LR9xYjiC7EVVyVl7zFfnM6Jzw0kfQ0wtrLg6n
JRQ/EGLCDBpuutsOVlJnr2IAXe278f1VlF6i2YT/nMIrBhzys/anC8EPRCggIVCm
myRftcBJCgRPeGSj8foPH9c9kcgR8R9lHec5xnbi35FxhkUJhqCMzgc0Rzn3kJ5h
k3sk35sBpHJVj3LTS4UNYWH73B0BmKoMc/efcLU7bq3HOSS5t6YwlkFmRBklv6/V
o0AW8BKJcopK6qvBfHS56J6EXfV8eQAqXKnu6h6KcOLUJPTCTJf0inKGSUObjH/s
dWOM7ebYxl2dyQ==
-----END CERTIFICATE-----