Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          cqMTQVcc4twFFvPDpg1AjqXRNsOo0fdc/ieBedrZnAA=
Subject key identifier:   D2:D7:CA:32:F0:7A:3F:49:11:9F:EC:53:BB:23:19:DE:CC:37:AE:F9
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       019ED3BD7578A5A525BA23DA927DE77F6894
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          1269
Signing time:             Wed 17 Jun 2026 04:01:09 +0000
Manifest this update:     Wed 17 Jun 2026 04:01:09 +0000
Manifest next update:     Thu 18 Jun 2026 04:01:09 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: xHgpOUG0OaDKY6nI0OAWFwcoRK1yHJYBazBMn1VhhMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 17 Jun 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:d3:bd:75:78:a5:a5:25:ba:23:da:92:7d:e7:7f:68:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Jun 17 04:01:09 2026 GMT
            Not After : Jun 18 04:01:09 2026 GMT
        Subject: CN=d2d7ca32f07a3f49119fec53bb2319decc37aef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ca:dc:27:dc:a0:6c:40:25:cd:bb:c1:f4:c5:
                    2c:d0:4f:23:02:a6:a6:3b:7a:3e:f1:bf:7b:4a:19:
                    8d:27:66:dc:bc:dd:09:51:76:4d:19:8b:82:e5:c1:
                    35:0c:38:0e:41:9e:99:0f:e6:67:b8:4a:c0:44:b9:
                    57:5a:19:f0:3d:1a:16:b2:22:38:2c:f6:0a:70:fb:
                    e9:f2:95:5d:37:ad:0a:7c:fc:20:11:97:d0:3a:bf:
                    b6:3a:c0:37:8f:f3:c1:08:e4:a6:a9:b9:59:f0:62:
                    06:6e:ca:59:f2:6a:2c:ba:2b:9b:5c:89:a3:49:a6:
                    9e:8a:33:d0:c2:a9:19:21:1c:ab:78:42:78:24:78:
                    a4:72:ae:47:88:6a:65:fb:48:2e:37:38:10:d4:e0:
                    37:6e:07:a1:bd:2e:57:a2:0c:bb:75:29:a3:b7:37:
                    ba:09:b8:4d:3c:13:4c:e4:d6:8e:50:53:0c:5a:a7:
                    5a:23:41:b4:21:86:3e:bf:4c:64:59:e9:57:c3:6a:
                    2d:f6:2e:39:ee:f1:ca:82:0b:c1:5b:90:e9:4c:4a:
                    13:64:28:fd:76:6a:27:16:9c:b1:2a:7c:02:5d:2f:
                    8c:60:5e:f8:bd:04:de:fb:66:c6:24:5f:ab:ff:1a:
                    68:2d:63:13:3f:98:9c:68:72:36:c6:67:eb:e4:77:
                    e1:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:D7:CA:32:F0:7A:3F:49:11:9F:EC:53:BB:23:19:DE:CC:37:AE:F9
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:26:66:de:b9:9f:da:14:da:8c:b9:39:50:b8:40:d9:5e:08:
         fd:15:fe:26:11:96:ab:d8:21:dd:8d:4e:81:61:79:fa:01:f8:
         88:ff:b4:6f:55:8f:fc:d9:e1:7b:19:5a:1f:c0:ad:bb:d4:57:
         7f:91:4c:2f:6d:24:65:bd:ae:b4:ad:78:a3:63:25:c8:d0:89:
         86:ea:7d:3c:40:01:4d:c9:a7:b4:76:b5:d1:19:2a:c8:2c:64:
         d3:59:2f:96:58:4e:3e:d1:61:46:7f:89:89:db:f1:c4:00:1b:
         12:bf:33:68:e9:7b:cc:70:28:7c:4f:22:7e:a8:0c:20:06:ba:
         b1:17:ef:5c:c8:7e:a8:cd:db:8e:60:b7:03:50:f4:03:c6:c4:
         15:dc:31:02:d0:8f:c6:fc:c8:74:57:e9:68:bc:b9:e2:68:d1:
         db:8a:09:34:ae:17:61:49:9c:88:45:4a:34:01:d3:42:c9:9c:
         00:4c:d8:9d:e6:14:7e:2f:a1:bd:9b:a9:51:85:c6:83:1f:94:
         fc:7b:82:0d:2a:35:a9:da:28:6a:a2:96:9d:84:37:c9:63:c5:
         da:d4:c4:18:9b:17:10:f1:86:ba:45:ef:18:7e:fd:ea:35:ff:
         a5:53:ab:06:d3:7c:a8:31:38:da:0c:c2:02:33:16:13:71:6f:
         e9:5e:2c:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7TvXV4paUluiPakn3nf2iUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjYwNjE3MDQwMTA5WhcNMjYwNjE4MDQwMTA5WjAzMTEwLwYDVQQD
EyhkMmQ3Y2EzMmYwN2EzZjQ5MTE5ZmVjNTNiYjIzMTlkZWNjMzdhZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsrcJ9ygbEAlzbvB9MUs0E8jAqam
O3o+8b97ShmNJ2bcvN0JUXZNGYuC5cE1DDgOQZ6ZD+ZnuErARLlXWhnwPRoWsiI4
LPYKcPvp8pVdN60KfPwgEZfQOr+2OsA3j/PBCOSmqblZ8GIGbspZ8mosuiubXImj
SaaeijPQwqkZIRyreEJ4JHikcq5HiGpl+0guNzgQ1OA3bgehvS5Xogy7dSmjtze6
CbhNPBNM5NaOUFMMWqdaI0G0IYY+v0xkWelXw2ot9i457vHKggvBW5DpTEoTZCj9
dmonFpyxKnwCXS+MYF74vQTe+2bGJF+r/xpoLWMTP5icaHI2xmfr5HfhGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLXyjLwej9JEZ/sU7sjGd7MN675MB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkyZm3rmf
2hTajLk5ULhA2V4I/RX+JhGWq9gh3Y1OgWF5+gH4iP+0b1WP/NnhexlaH8Ctu9RX
f5FML20kZb2utK14o2MlyNCJhup9PEABTcmntHa10RkqyCxk01kvllhOPtFhRn+J
idvxxAAbEr8zaOl7zHAofE8ifqgMIAa6sRfvXMh+qM3bjmC3A1D0A8bEFdwxAtCP
xvzIdFfpaLy54mjR24oJNK4XYUmciEVKNAHTQsmcAEzYneYUfi+hvZupUYXGgx+U
/HuCDSo1qdooaqKWnYQ3yWPF2tTEGJsXEPGGukXvGH796jX/pVOrBtN8qDE42gzC
AjMWE3Fv6V4sLg==
-----END CERTIFICATE-----