Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          Cazc/H/Htjvfb4Dy80g8Van5paVa3vEXj7PZFVuR4wI=
Subject key identifier:   2F:87:97:B2:76:F9:94:CB:67:18:F1:FD:F0:32:0D:FD:3E:9F:2C:60
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       019CAB6AC54779C5CEAEAC162D24437C843F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          114B
Signing time:             Sun 01 Mar 2026 22:00:27 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:27 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:27 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: +8VjJtrHnyQlSZwRkbHQpaG18qfTYZ3xb1ZT3LEGTXs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:c5:47:79:c5:ce:ae:ac:16:2d:24:43:7c:84:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Mar  1 22:00:27 2026 GMT
            Not After : Mar  2 22:00:27 2026 GMT
        Subject: CN=2f8797b276f994cb6718f1fdf0320dfd3e9f2c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:42:8d:e0:1e:25:08:0f:73:7a:c3:4f:c9:62:
                    b1:bf:33:d9:53:e8:d3:09:6d:1c:78:b3:04:3a:00:
                    f1:86:31:c6:22:0e:c3:2d:c7:3e:50:eb:43:32:a7:
                    80:4c:62:26:25:2a:ef:a9:e4:41:5d:c8:eb:25:29:
                    7f:38:dd:1a:5b:ab:1f:88:86:54:68:bb:ba:13:e4:
                    39:a0:0a:41:d3:51:5e:29:5e:36:e6:63:bf:7d:0a:
                    28:12:4f:a5:bf:ba:e3:fe:f0:88:ff:5b:e1:73:a4:
                    f9:48:c6:5b:2a:06:d9:97:73:b9:59:97:50:c6:76:
                    9f:c5:25:ad:82:09:f2:67:62:46:13:7a:ec:59:b0:
                    ef:73:bb:20:86:48:bb:d3:16:65:90:9a:06:36:ef:
                    c4:d1:b3:09:8e:53:82:6a:2d:fd:58:9f:5d:78:41:
                    6d:1d:1a:ea:fe:e4:23:6c:c2:e4:39:99:d3:86:00:
                    26:00:0e:a8:72:20:b1:ff:fb:fe:0f:48:3f:d3:05:
                    06:e6:45:31:77:d4:75:df:74:1e:bb:4c:dc:90:77:
                    87:84:d1:63:ec:32:a7:df:fb:dd:d6:ca:9a:db:c3:
                    0e:46:4d:b4:74:24:2a:82:db:3f:2b:97:1e:c0:49:
                    dd:49:c4:cb:0f:6b:49:5b:ff:af:35:21:96:2e:b9:
                    d7:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:87:97:B2:76:F9:94:CB:67:18:F1:FD:F0:32:0D:FD:3E:9F:2C:60
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:9e:ff:15:05:02:99:20:f3:77:1a:b9:b4:97:e9:66:b9:c9:
         0c:82:fb:a9:d1:47:87:cc:1a:9c:c4:ce:41:e4:a4:02:fd:6a:
         ee:d7:83:fc:db:bd:1e:2e:1f:06:91:89:7b:1b:a7:c4:bd:8a:
         35:a0:e0:89:75:be:25:f4:b7:b7:41:70:27:f7:74:bb:62:74:
         77:cf:bc:04:fd:f9:52:bb:86:24:79:11:26:85:9f:6b:fa:0f:
         26:8a:11:c7:09:04:51:b3:13:9e:6f:b4:9d:14:bf:ce:ec:4b:
         68:07:79:3c:af:da:e5:59:74:49:4f:f4:ed:12:66:3a:cd:d4:
         0f:5a:5e:b0:24:32:8e:b7:12:42:4e:92:30:42:29:55:b2:21:
         39:99:9a:39:3a:ee:22:02:90:f4:22:3e:7b:f2:40:71:34:a1:
         ab:d3:db:01:e7:39:76:23:d8:37:19:06:36:d5:02:b2:b3:f9:
         be:77:15:ae:83:ce:75:93:f7:0d:bd:a0:0c:a6:36:04:58:f9:
         48:9e:83:6c:21:f0:de:1f:c0:d0:79:0f:9c:d8:66:85:cb:7a:
         d5:8c:b1:fb:91:03:78:cb:83:c3:9e:70:5c:a3:c3:dc:2e:b3:
         32:23:83:0a:f2:8f:d7:59:d8:a5:84:b4:d1:11:db:de:66:55:
         54:c6:c1:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrasVHecXOrqwWLSRDfIQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjYwMzAxMjIwMDI3WhcNMjYwMzAyMjIwMDI3WjAzMTEwLwYDVQQD
EygyZjg3OTdiMjc2Zjk5NGNiNjcxOGYxZmRmMDMyMGRmZDNlOWYyYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUKN4B4lCA9zesNPyWKxvzPZU+jT
CW0ceLMEOgDxhjHGIg7DLcc+UOtDMqeATGImJSrvqeRBXcjrJSl/ON0aW6sfiIZU
aLu6E+Q5oApB01FeKV425mO/fQooEk+lv7rj/vCI/1vhc6T5SMZbKgbZl3O5WZdQ
xnafxSWtggnyZ2JGE3rsWbDvc7sghki70xZlkJoGNu/E0bMJjlOCai39WJ9deEFt
HRrq/uQjbMLkOZnThgAmAA6ociCx//v+D0g/0wUG5kUxd9R133Qeu0zckHeHhNFj
7DKn3/vd1sqa28MORk20dCQqgts/K5cewEndScTLD2tJW/+vNSGWLrnXpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+Hl7J2+ZTLZxjx/fAyDf0+nyxgMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW57/FQUC
mSDzdxq5tJfpZrnJDIL7qdFHh8wanMTOQeSkAv1q7teD/Nu9Hi4fBpGJexunxL2K
NaDgiXW+JfS3t0FwJ/d0u2J0d8+8BP35UruGJHkRJoWfa/oPJooRxwkEUbMTnm+0
nRS/zuxLaAd5PK/a5Vl0SU/07RJmOs3UD1pesCQyjrcSQk6SMEIpVbIhOZmaOTru
IgKQ9CI+e/JAcTShq9PbAec5diPYNxkGNtUCsrP5vncVroPOdZP3Db2gDKY2BFj5
SJ6DbCHw3h/A0HkPnNhmhct61Yyx+5EDeMuDw55wXKPD3C6zMiODCvKP11nYpYS0
0RHb3mZVVMbBHQ==
-----END CERTIFICATE-----