Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          QiC6msTuGCwRRiGnoTK0ylQHNHvwBfFDj7EcZiZ38ZY=
Subject key identifier:   6B:8D:F3:56:1E:FB:4B:27:18:79:04:7D:F0:F8:57:7B:38:BC:81:E3
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       019CAAFD507827AC87C9236A0C200AD5D37D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          05AB
Signing time:             Sun 01 Mar 2026 20:00:53 +0000
Manifest this update:     Sun 01 Mar 2026 20:00:53 +0000
Manifest next update:     Mon 02 Mar 2026 20:00:53 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: Cc47jdLa8tdhLJWp9K00+jwEPeoGVX7+jJTJ0aSKD2k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:fd:50:78:27:ac:87:c9:23:6a:0c:20:0a:d5:d3:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: Mar  1 20:00:53 2026 GMT
            Not After : Mar  2 20:00:53 2026 GMT
        Subject: CN=6b8df3561efb4b271879047df0f8577b38bc81e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:34:1e:8c:e4:4f:09:5a:3a:9f:75:db:e8:0c:
                    7e:c6:7b:76:75:54:76:e0:bc:81:ff:b9:b7:36:42:
                    c7:20:c5:84:02:11:eb:6c:8e:7d:66:5e:33:5f:d0:
                    0f:3c:b7:9d:f8:d3:31:f7:90:cd:04:f4:e5:83:4d:
                    c2:ea:cb:97:91:a3:24:44:85:ae:34:9c:da:8e:4e:
                    d6:d8:aa:1c:ea:0c:da:c2:7a:3a:36:ad:b7:3e:59:
                    77:ab:84:98:bf:d3:e7:59:95:9b:03:fe:c7:dd:e0:
                    53:08:b8:37:59:b2:bf:e3:02:c2:1b:b4:e4:2c:21:
                    60:40:96:4f:85:69:a5:1c:5c:63:23:17:69:2c:60:
                    26:e8:bc:43:75:ec:4c:49:ae:a5:cb:28:f3:dd:a5:
                    e2:67:5c:ee:9f:1f:8d:0d:f6:b4:ee:a9:84:5d:63:
                    35:de:b9:f8:e6:6a:d3:30:a5:1d:be:87:ba:cf:6d:
                    8f:a0:dc:d7:8d:13:c3:96:92:f5:7f:61:6f:6d:77:
                    94:37:76:d5:01:72:0e:68:8d:9b:96:e6:ac:ef:f5:
                    b9:dc:22:45:ea:05:f0:75:8b:d7:3d:db:0a:30:fb:
                    cc:63:67:18:a8:33:ee:c1:d6:88:86:1e:f8:08:ef:
                    c6:57:13:d0:e4:61:d4:00:cc:55:2c:e1:97:3d:c0:
                    f4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:8D:F3:56:1E:FB:4B:27:18:79:04:7D:F0:F8:57:7B:38:BC:81:E3
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:af:2c:ce:28:ce:a8:ac:11:48:c0:04:20:0e:4b:c2:23:73:
         80:b5:de:83:8b:b7:e5:e3:e4:a8:05:34:ff:9b:2f:bc:2f:6f:
         ad:97:a4:c9:8f:e2:63:56:f0:56:87:b7:67:f3:d1:68:b8:af:
         fa:e2:66:9a:1c:9c:bb:84:a7:23:9d:de:90:73:e4:0e:59:a6:
         45:8b:54:bc:06:b5:18:ce:a9:d1:ef:3e:39:e7:7f:47:d9:95:
         36:13:89:36:17:a6:4c:14:07:d5:e6:09:49:47:62:7b:d4:d4:
         58:51:22:ee:4e:5a:2e:61:e5:f4:16:0f:6e:4c:bd:cb:dc:c3:
         96:d0:9e:af:60:3f:2a:5f:17:76:f5:af:33:c9:0d:fd:c9:d8:
         f0:d2:3a:3d:82:73:ad:74:87:c7:4f:98:40:83:af:97:22:f3:
         c8:89:b8:5a:1b:b3:e8:90:65:b4:22:97:55:f4:f8:42:12:b6:
         80:e8:25:dc:b7:6e:c1:e2:dc:8c:10:86:31:e9:64:25:8d:9f:
         03:82:27:64:33:a1:16:97:2d:9f:ef:32:3d:12:14:0a:28:1b:
         ca:af:68:b3:66:67:cf:79:f6:17:70:95:db:89:d0:54:22:1c:
         00:b1:45:7c:eb:82:8a:9b:40:c2:29:c3:f5:1b:07:2c:f4:c2:
         d9:28:f3:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/VB4J6yHySNqDCAK1dN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjYwMzAxMjAwMDUzWhcNMjYwMzAyMjAwMDUzWjAzMTEwLwYDVQQD
Eyg2YjhkZjM1NjFlZmI0YjI3MTg3OTA0N2RmMGY4NTc3YjM4YmM4MWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzQejORPCVo6n3Xb6Ax+xnt2dVR2
4LyB/7m3NkLHIMWEAhHrbI59Zl4zX9APPLed+NMx95DNBPTlg03C6suXkaMkRIWu
NJzajk7W2Koc6gzawno6Nq23Pll3q4SYv9PnWZWbA/7H3eBTCLg3WbK/4wLCG7Tk
LCFgQJZPhWmlHFxjIxdpLGAm6LxDdexMSa6lyyjz3aXiZ1zunx+NDfa07qmEXWM1
3rn45mrTMKUdvoe6z22PoNzXjRPDlpL1f2FvbXeUN3bVAXIOaI2bluas7/W53CJF
6gXwdYvXPdsKMPvMY2cYqDPuwdaIhh74CO/GVxPQ5GHUAMxVLOGXPcD0mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGuN81Ye+0snGHkEffD4V3s4vIHjMB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY68szijO
qKwRSMAEIA5LwiNzgLXeg4u35ePkqAU0/5svvC9vrZekyY/iY1bwVoe3Z/PRaLiv
+uJmmhycu4SnI53ekHPkDlmmRYtUvAa1GM6p0e8+Oed/R9mVNhOJNhemTBQH1eYJ
SUdie9TUWFEi7k5aLmHl9BYPbky9y9zDltCer2A/Kl8XdvWvM8kN/cnY8NI6PYJz
rXSHx0+YQIOvlyLzyIm4Whuz6JBltCKXVfT4QhK2gOgl3LduweLcjBCGMelkJY2f
A4InZDOhFpctn+8yPRIUCigbyq9os2Znz3n2F3CV24nQVCIcALFFfOuCiptAwinD
9RsHLPTC2SjzqA==
-----END CERTIFICATE-----