Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          at9jr1hPhUJcNf8DwM7hOELNbfK4Fji5M/26D2Ad+0E=
Subject key identifier:   9A:D3:94:79:E3:FC:DD:23:75:69:A5:BA:75:04:2A:BE:E9:2C:14:04
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       019D98F4E07786CA71239DB13FDAA8027EB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          11C6
Signing time:             Fri 17 Apr 2026 01:01:18 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:18 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:18 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: 2DSA0aOb+W1DCl72AHhCvxkpry2Br7fgXTnKM8NZMwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:e0:77:86:ca:71:23:9d:b1:3f:da:a8:02:7e:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Apr 17 01:01:18 2026 GMT
            Not After : Apr 18 01:01:18 2026 GMT
        Subject: CN=9ad39479e3fcdd237569a5ba75042abee92c1404
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:8a:6a:de:9c:09:e4:e8:93:ef:cf:f8:70:51:
                    56:5d:3a:e9:14:94:f9:5c:c1:2c:f3:4e:0a:71:91:
                    80:1b:9f:dc:43:9f:99:68:c3:2f:52:8c:f9:7c:b3:
                    91:6d:15:73:81:fd:80:07:b3:22:5c:b8:55:84:20:
                    0e:89:28:49:e3:23:85:4e:62:e6:66:c5:88:c5:70:
                    26:c6:85:0c:72:fb:dd:35:8b:cd:f6:b9:32:6e:9d:
                    91:07:4f:b3:8a:28:51:8d:85:32:93:47:04:ef:6b:
                    c5:18:80:87:a7:40:04:60:8c:50:d3:5e:ff:5c:50:
                    18:fb:2d:2e:3a:c8:05:62:15:37:91:33:ef:a0:62:
                    a9:69:09:7f:f3:43:51:15:43:5c:30:4e:dd:74:1e:
                    c1:e3:4c:cb:9a:4e:b4:8f:9c:64:e2:e3:52:96:17:
                    34:1a:0d:13:ef:ff:13:5d:0e:ea:39:9a:d5:31:f2:
                    a5:ac:9a:38:0c:aa:22:50:63:d4:91:df:2c:e3:dd:
                    82:20:1e:71:dc:da:a4:25:63:49:06:be:26:e4:bb:
                    f4:89:ab:f1:7e:26:a1:08:b5:f5:4e:5b:72:17:5c:
                    c6:56:fa:54:6a:5b:46:b8:7f:ff:a1:57:a8:77:1c:
                    62:b9:7c:84:a3:e9:2f:6a:72:00:9c:60:b0:9c:46:
                    49:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:D3:94:79:E3:FC:DD:23:75:69:A5:BA:75:04:2A:BE:E9:2C:14:04
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:15:52:a6:4c:6d:5e:2c:62:b3:cb:4b:c2:e6:84:5b:80:5a:
         27:f1:b2:ab:ed:a6:9e:ef:70:66:91:a5:0a:78:8b:bd:2c:61:
         a1:c5:0a:12:7f:21:da:af:3e:70:1a:bd:a0:35:02:a7:5c:4e:
         1a:3b:14:23:c3:fd:97:e5:c4:65:f8:d3:3d:44:72:85:fb:be:
         74:9e:2c:54:c0:bc:a5:9c:27:55:53:8a:e8:02:c8:ac:6a:46:
         31:2b:9a:de:7a:49:37:f8:af:c1:78:97:15:dd:76:3a:04:93:
         3b:1c:ff:45:39:95:a8:69:a5:3c:07:b9:b9:2a:6c:ef:30:06:
         f9:ae:60:8f:2a:63:07:ea:a9:f5:de:01:b8:ab:d1:e6:80:2b:
         44:1b:08:84:b9:6a:89:a9:49:d8:3c:fb:86:1b:a8:82:b3:5f:
         24:0a:3f:7e:fa:8b:a5:ea:8a:7d:a3:a1:72:6d:24:75:6f:c9:
         7f:d9:f9:9f:89:ad:7d:05:5d:2f:c6:f8:4e:df:ce:96:3b:5d:
         13:3d:89:3f:28:4d:0c:1e:ba:ed:7f:65:06:32:e8:8a:50:71:
         dd:d8:e7:8b:b2:74:4d:76:bb:57:78:8d:c9:81:c4:4e:6c:4c:
         dc:05:b4:67:89:a2:bd:12:17:f3:d8:c7:3c:3c:77:5b:9d:b1:
         58:de:14:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9OB3hspxI52xP9qoAn6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjYwNDE3MDEwMTE4WhcNMjYwNDE4MDEwMTE4WjAzMTEwLwYDVQQD
Eyg5YWQzOTQ3OWUzZmNkZDIzNzU2OWE1YmE3NTA0MmFiZWU5MmMxNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYpq3pwJ5OiT78/4cFFWXTrpFJT5
XMEs804KcZGAG5/cQ5+ZaMMvUoz5fLORbRVzgf2AB7MiXLhVhCAOiShJ4yOFTmLm
ZsWIxXAmxoUMcvvdNYvN9rkybp2RB0+ziihRjYUyk0cE72vFGICHp0AEYIxQ017/
XFAY+y0uOsgFYhU3kTPvoGKpaQl/80NRFUNcME7ddB7B40zLmk60j5xk4uNSlhc0
Gg0T7/8TXQ7qOZrVMfKlrJo4DKoiUGPUkd8s492CIB5x3NqkJWNJBr4m5Lv0iavx
fiahCLX1TltyF1zGVvpUaltGuH//oVeodxxiuXyEo+kvanIAnGCwnEZJVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrTlHnj/N0jdWmlunUEKr7pLBQEMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBVSpkxt
Xixis8tLwuaEW4BaJ/Gyq+2mnu9wZpGlCniLvSxhocUKEn8h2q8+cBq9oDUCp1xO
GjsUI8P9l+XEZfjTPURyhfu+dJ4sVMC8pZwnVVOK6ALIrGpGMSua3npJN/ivwXiX
Fd12OgSTOxz/RTmVqGmlPAe5uSps7zAG+a5gjypjB+qp9d4BuKvR5oArRBsIhLlq
ialJ2Dz7hhuogrNfJAo/fvqLpeqKfaOhcm0kdW/Jf9n5n4mtfQVdL8b4Tt/Oljtd
Ez2JPyhNDB667X9lBjLoilBx3djni7J0TXa7V3iNyYHETmxM3AW0Z4mivRIX89jH
PDx3W52xWN4U5A==
-----END CERTIFICATE-----