Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
File:                     2TLsITGy__Du_D-3jLxbjTLvHGE.mft (raw, json)
Hash identifier:          ZQgyRUpxl9tvAZWEdI7vZJZ+MqkAYveOrXACYBKHNHc=
Subject key identifier:   9E:D8:39:A3:12:EF:E1:85:EF:26:F1:AD:1C:5E:D8:05:35:C3:E5:98
Authority key identifier: D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61
Certificate issuer:       /CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
Certificate serial:       019EBFC8F97640A68ABF0C90B350AB20CBB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
Manifest number:          1425
Signing time:             Sat 13 Jun 2026 07:01:19 +0000
Manifest this update:     Sat 13 Jun 2026 07:01:19 +0000
Manifest next update:     Sun 14 Jun 2026 07:01:19 +0000
Files and hashes:         1: 2TLsITGy__Du_D-3jLxbjTLvHGE.crl (hash: BNHh88ysSuCQncqI4LO5q7hPT2T3jbyCCg2PNIhp0Fw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 07:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:c8:f9:76:40:a6:8a:bf:0c:90:b3:50:ab:20:cb:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
        Validity
            Not Before: Jun 13 07:01:19 2026 GMT
            Not After : Jun 14 07:01:19 2026 GMT
        Subject: CN=9ed839a312efe185ef26f1ad1c5ed80535c3e598
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:65:2b:13:1e:86:6b:eb:5a:9d:a2:a9:39:bd:
                    3f:53:e4:87:66:2d:3f:80:f4:97:28:c4:a8:f6:36:
                    a9:84:0b:71:d0:5e:db:36:4e:f2:de:10:7d:d3:27:
                    99:69:3c:b9:08:2e:bb:87:7f:cb:ce:b5:c5:da:df:
                    42:fb:81:77:96:e7:bb:69:38:11:ca:f9:d7:7f:0a:
                    5d:51:ea:ea:90:1c:24:01:6d:70:47:cd:9b:c5:2e:
                    89:4b:6d:0a:01:68:92:4d:cb:4a:45:45:d7:81:71:
                    79:01:f1:0e:fa:da:d1:c0:39:14:3b:da:9c:02:ae:
                    6c:b4:32:02:bb:3f:e7:4e:eb:13:d5:8d:8b:c7:06:
                    fa:80:fb:2f:20:e8:70:29:01:b5:c8:e1:65:89:49:
                    c4:fe:18:5f:8f:79:56:a8:8b:50:a8:28:7a:0f:80:
                    bb:1d:d4:a7:75:64:ac:55:73:6f:f3:cf:8c:65:fc:
                    da:3b:88:62:39:e1:30:36:f7:7d:98:fe:20:b7:3d:
                    71:44:6c:f6:13:ee:e7:c3:30:c3:1c:5a:c0:79:0a:
                    20:63:e2:97:f9:80:b1:24:4d:16:e9:ec:de:46:f4:
                    fb:ce:d9:1b:7a:c7:e4:00:29:f9:ee:6a:f7:71:4c:
                    b7:1f:ee:4b:ef:ba:f5:c1:61:6b:41:8a:2a:e1:b4:
                    a8:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D8:39:A3:12:EF:E1:85:EF:26:F1:AD:1C:5E:D8:05:35:C3:E5:98
            X509v3 Authority Key Identifier:
                keyid:D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:a5:18:1b:60:07:b0:e1:bf:5b:b7:33:56:d6:e2:87:cd:7f:
         c4:e3:f7:15:26:69:e3:90:d6:97:b6:2f:59:d9:eb:d3:52:a1:
         4b:70:85:47:38:ed:80:6e:e8:f6:d4:f3:a2:04:ec:c2:ce:24:
         25:6e:e7:3a:a7:71:d6:29:09:11:9f:9b:9f:07:e7:6e:ec:e1:
         0b:e6:83:f2:55:45:d8:47:1d:1a:7c:71:8e:0a:e6:88:69:11:
         17:e4:79:f9:55:c9:1c:0a:f8:17:d5:cc:2c:6c:51:47:5b:eb:
         56:55:4f:6e:d0:db:1c:44:cc:28:0c:41:89:49:a8:d4:28:f4:
         52:73:45:72:24:75:65:ee:60:f3:a9:b2:ed:83:a4:c5:5b:f5:
         0c:1d:f5:eb:6e:86:e9:19:38:78:de:b4:c3:da:1d:62:bd:00:
         55:62:15:b6:93:bf:48:c1:49:b4:e1:c5:b2:0f:0f:5f:e4:6a:
         17:4b:c9:9c:a5:04:f9:09:90:ec:b7:cb:67:aa:75:58:11:57:
         77:ec:29:a3:ef:a1:1f:9f:cc:10:1c:5d:4d:31:93:e3:c6:e6:
         54:28:03:b4:74:bd:52:02:1a:3e:ee:21:39:c3:cc:ff:b5:7d:
         0a:e6:f8:ea:93:0d:83:5f:82:8b:a2:6a:3c:25:d6:53:46:d7:
         5e:42:81:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/yPl2QKaKvwyQs1CrIMuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MzJlYzIxMzFiMmZmZjBlZWZjM2ZiNzhjYmM1YjhkMzJl
ZjFjNjEwHhcNMjYwNjEzMDcwMTE5WhcNMjYwNjE0MDcwMTE5WjAzMTEwLwYDVQQD
Eyg5ZWQ4MzlhMzEyZWZlMTg1ZWYyNmYxYWQxYzVlZDgwNTM1YzNlNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWUrEx6Ga+tanaKpOb0/U+SHZi0/
gPSXKMSo9japhAtx0F7bNk7y3hB90yeZaTy5CC67h3/LzrXF2t9C+4F3lue7aTgR
yvnXfwpdUerqkBwkAW1wR82bxS6JS20KAWiSTctKRUXXgXF5AfEO+trRwDkUO9qc
Aq5stDICuz/nTusT1Y2Lxwb6gPsvIOhwKQG1yOFliUnE/hhfj3lWqItQqCh6D4C7
HdSndWSsVXNv88+MZfzaO4hiOeEwNvd9mP4gtz1xRGz2E+7nwzDDHFrAeQogY+KX
+YCxJE0W6ezeRvT7ztkbesfkACn57mr3cUy3H+5L77r1wWFrQYoq4bSoVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7YOaMS7+GF7ybxrRxe2AU1w+WYMB8GA1UdIwQY
MBaAFNky7CExsv/w7vw/t4y8W40y7xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzIt
ZjIyOTgwZTVjYTkyLzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzItZjIyOTgwZTVjYTky
LzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPqUYG2AH
sOG/W7czVtbih81/xOP3FSZp45DWl7YvWdnr01KhS3CFRzjtgG7o9tTzogTsws4k
JW7nOqdx1ikJEZ+bnwfnbuzhC+aD8lVF2EcdGnxxjgrmiGkRF+R5+VXJHAr4F9XM
LGxRR1vrVlVPbtDbHETMKAxBiUmo1Cj0UnNFciR1Ze5g86my7YOkxVv1DB31626G
6Rk4eN60w9odYr0AVWIVtpO/SMFJtOHFsg8PX+RqF0vJnKUE+QmQ7LfLZ6p1WBFX
d+wpo++hH5/MEBxdTTGT48bmVCgDtHS9UgIaPu4hOcPM/7V9Cub46pMNg1+Ci6Jq
PCXWU0bXXkKB6w==
-----END CERTIFICATE-----