Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          cR7BhWixyNDFbhbWfjn7h4BKsIcoUaKIudw2JunfjxE=
Subject key identifier:   2C:08:E3:6E:23:0B:4F:DD:41:3F:32:3D:C6:F1:F0:13:68:93:AC:3D
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       019D9886C85906E9158041D30E3A1B812B48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          0626
Signing time:             Thu 16 Apr 2026 23:01:02 +0000
Manifest this update:     Thu 16 Apr 2026 23:01:02 +0000
Manifest next update:     Fri 17 Apr 2026 23:01:02 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: sDcccxWFX/dqE7hGLTD4190DqzlaE/Hwiy+bJ8qrwSg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 23:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:86:c8:59:06:e9:15:80:41:d3:0e:3a:1b:81:2b:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: Apr 16 23:01:02 2026 GMT
            Not After : Apr 17 23:01:02 2026 GMT
        Subject: CN=2c08e36e230b4fdd413f323dc6f1f0136893ac3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:eb:87:21:93:1e:ac:ab:7d:e6:f6:18:26:8f:
                    33:64:62:c4:7d:da:ed:f8:74:9c:42:cc:86:13:99:
                    3a:d5:06:e9:8f:bb:04:84:95:20:7d:4e:9a:c0:13:
                    d4:db:5f:df:90:e7:0a:52:ef:05:18:97:ff:b2:df:
                    8f:ed:25:4a:8c:0c:d1:22:b0:02:ad:12:ad:fc:b1:
                    89:db:2a:2a:ce:3d:77:4f:86:f3:05:57:aa:c0:34:
                    ff:06:0d:e2:8d:e6:c3:5c:77:ac:b1:97:8e:dc:7b:
                    cf:10:34:b9:31:29:88:db:00:fb:64:6d:33:ea:75:
                    86:68:01:e7:09:81:f0:c7:9b:f9:db:b1:42:a5:51:
                    db:b8:2d:9b:6f:56:1f:8d:94:e7:ca:7b:78:82:ed:
                    37:0b:31:29:87:5d:df:72:e6:31:94:9c:bb:9a:ac:
                    83:a6:a7:6b:ca:74:3a:88:fb:0c:d3:86:7b:99:fb:
                    a1:47:31:ce:60:05:40:f3:8c:45:a7:4f:8a:8a:c3:
                    87:f1:f4:93:73:03:f8:9b:84:48:77:ee:4d:b5:56:
                    f9:46:c4:7c:e1:d3:88:98:2e:2c:a4:7a:91:0a:d6:
                    d5:e9:60:f1:f4:ba:33:34:7d:6f:27:ac:e4:1b:f9:
                    78:05:5d:7b:52:9b:ec:1d:cf:5d:34:74:65:00:05:
                    88:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:08:E3:6E:23:0B:4F:DD:41:3F:32:3D:C6:F1:F0:13:68:93:AC:3D
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:df:39:03:95:2c:4c:35:d1:68:bc:91:a0:32:2a:a4:e4:e8:
         38:39:93:b4:cd:e3:1b:14:81:3e:11:e4:e3:67:7e:b2:2c:6c:
         f0:35:6f:e2:cd:ee:d4:e0:21:fd:4a:e9:88:a9:69:94:4d:90:
         8e:11:6a:77:9b:9b:6d:c1:d1:7a:38:12:d9:19:61:89:5e:97:
         3d:fc:a9:4b:78:42:2b:0f:10:ff:23:13:5d:72:fb:a3:42:16:
         3e:16:f6:e1:35:b2:5c:58:b9:68:69:3a:6c:cc:f4:f0:1a:6d:
         55:bc:9c:35:2e:60:9d:25:17:27:47:57:ad:79:c3:eb:a7:cc:
         e6:98:93:6f:f4:a7:b6:aa:33:c1:9e:32:05:0b:7d:3a:ff:86:
         6d:10:50:8c:6c:99:0c:85:48:13:01:ed:e9:21:0f:09:b2:cc:
         45:3a:50:5d:16:1c:81:e0:cb:c1:5e:e2:37:64:74:b3:35:c6:
         23:3c:1c:03:70:19:11:24:3f:81:56:d0:a3:ed:fa:3a:2b:04:
         09:c8:6c:20:ba:ad:2b:5e:7e:5f:5f:cf:a7:ee:7a:8e:98:05:
         b1:6e:eb:b8:28:47:64:cd:37:ce:99:fc:64:aa:f5:0f:00:7b:
         df:19:2a:81:f7:49:76:69:9b:2a:dd:06:57:25:7d:36:54:ed:
         c2:8c:51:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YhshZBukVgEHTDjobgStIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjYwNDE2MjMwMTAyWhcNMjYwNDE3MjMwMTAyWjAzMTEwLwYDVQQD
EygyYzA4ZTM2ZTIzMGI0ZmRkNDEzZjMyM2RjNmYxZjAxMzY4OTNhYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+uHIZMerKt95vYYJo8zZGLEfdrt
+HScQsyGE5k61Qbpj7sEhJUgfU6awBPU21/fkOcKUu8FGJf/st+P7SVKjAzRIrAC
rRKt/LGJ2yoqzj13T4bzBVeqwDT/Bg3ijebDXHessZeO3HvPEDS5MSmI2wD7ZG0z
6nWGaAHnCYHwx5v527FCpVHbuC2bb1YfjZTnynt4gu03CzEph13fcuYxlJy7mqyD
pqdrynQ6iPsM04Z7mfuhRzHOYAVA84xFp0+KisOH8fSTcwP4m4RId+5NtVb5RsR8
4dOImC4spHqRCtbV6WDx9LozNH1vJ6zkG/l4BV17UpvsHc9dNHRlAAWI7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwI424jC0/dQT8yPcbx8BNok6w9MB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEt85A5Us
TDXRaLyRoDIqpOToODmTtM3jGxSBPhHk42d+sixs8DVv4s3u1OAh/UrpiKlplE2Q
jhFqd5ubbcHRejgS2RlhiV6XPfypS3hCKw8Q/yMTXXL7o0IWPhb24TWyXFi5aGk6
bMz08BptVbycNS5gnSUXJ0dXrXnD66fM5piTb/SntqozwZ4yBQt9Ov+GbRBQjGyZ
DIVIEwHt6SEPCbLMRTpQXRYcgeDLwV7iN2R0szXGIzwcA3AZESQ/gVbQo+36OisE
CchsILqtK15+X1/Pp+56jpgFsW7ruChHZM03zpn8ZKr1DwB73xkqgfdJdmmbKt0G
VyV9NlTtwoxRlg==
-----END CERTIFICATE-----