Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          LbK1z6P+HBoKM4tkyatNZJ3S5dt9PnuqWkjCoeZyisk=
Subject key identifier:   77:DA:14:93:67:D6:37:8C:5F:B5:76:88:67:37:1F:96:F5:93:E7:93
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       019EBE1114C737228D5ECE4BA9989536D18E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          06BE
Signing time:             Fri 12 Jun 2026 23:00:50 +0000
Manifest this update:     Fri 12 Jun 2026 23:00:50 +0000
Manifest next update:     Sat 13 Jun 2026 23:00:50 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: PAwKgUpzAEduu9500fGQHHhySXBm0Uv8y5CcZ9e1x64=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 13 Jun 2026 23:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:11:14:c7:37:22:8d:5e:ce:4b:a9:98:95:36:d1:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: Jun 12 23:00:50 2026 GMT
            Not After : Jun 13 23:00:50 2026 GMT
        Subject: CN=77da149367d6378c5fb5768867371f96f593e793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a1:72:a4:7e:1d:30:b0:df:53:bb:79:7b:5e:
                    8e:80:a8:21:a0:a8:bb:d0:b4:60:61:b9:5c:fd:71:
                    82:c6:05:0b:4a:f4:4a:ef:90:d8:b4:8c:2e:a1:89:
                    8e:8c:01:8c:d4:fb:57:ac:cb:93:09:fb:22:61:bb:
                    9f:57:aa:62:69:18:a6:de:8a:40:c4:ca:58:f2:c6:
                    15:6b:de:d6:17:d0:50:b7:96:6d:71:d3:d6:95:a0:
                    90:23:78:e9:7f:22:6f:6d:f9:24:c5:a2:e1:bc:f2:
                    1a:42:a0:72:d6:9d:74:5f:60:dd:97:5f:94:b9:e2:
                    df:73:68:e7:e7:5e:b8:aa:88:9a:c4:c4:b5:44:ca:
                    0d:71:af:6f:1e:00:39:65:bd:5a:f7:12:26:ae:2c:
                    d9:a6:42:05:5f:44:7c:71:ac:29:16:5b:f8:f2:52:
                    0b:97:42:06:41:ce:24:53:cc:4f:e9:a5:25:3e:90:
                    c1:98:8b:0a:7c:35:2f:f9:2a:bd:d9:6c:f0:a1:ee:
                    da:cd:07:ec:a3:e1:2c:48:55:b5:8f:4b:2f:13:c3:
                    f1:d8:50:68:2a:58:91:97:7c:4d:97:8a:36:aa:c4:
                    be:a1:05:3c:41:6a:10:62:d4:01:8d:45:a5:3b:85:
                    df:77:aa:a5:6d:aa:c4:5e:c3:f0:c6:dd:64:ab:2e:
                    3d:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:DA:14:93:67:D6:37:8C:5F:B5:76:88:67:37:1F:96:F5:93:E7:93
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:c0:92:db:7b:d6:34:51:64:41:21:ed:3f:eb:01:3d:63:b7:
         9e:ef:94:38:03:a2:58:67:6d:e4:76:08:f5:0a:9e:21:56:14:
         59:b6:cd:52:57:6f:be:8b:e5:c6:64:82:ca:13:75:50:fe:d4:
         d5:8d:df:90:4c:ee:5c:0b:01:ff:b3:1a:e8:06:77:cd:06:4c:
         b0:e2:79:10:b6:b9:a1:c2:62:27:3c:07:c7:65:8b:b4:b5:17:
         3b:06:d3:98:69:65:99:dc:34:17:8c:a3:6b:b3:3e:d9:a0:a4:
         61:a4:83:fc:c1:bb:3b:a9:86:27:33:78:cb:08:d9:d0:77:e8:
         bd:08:e1:81:3d:08:de:e2:a0:64:95:92:b1:88:61:f9:30:58:
         a1:da:23:86:18:33:79:7c:95:b0:3f:00:82:16:0f:03:d6:c7:
         f0:da:24:87:d0:73:d3:a5:01:cf:98:c3:b4:13:0b:a1:10:60:
         6e:f4:aa:45:a8:ba:3c:5a:31:f4:d8:c3:49:96:6b:6d:4a:4b:
         f6:2d:ce:06:7d:ff:93:89:52:ef:7c:98:5a:b1:0a:95:62:80:
         ee:c0:b6:a5:65:73:41:5a:ed:97:74:0c:fa:02:87:0a:a8:dc:
         b9:ab:40:5f:be:8e:1b:f4:89:63:7a:d3:f4:51:4d:91:27:6a:
         cf:6e:0e:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+ERTHNyKNXs5LqZiVNtGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjYwNjEyMjMwMDUwWhcNMjYwNjEzMjMwMDUwWjAzMTEwLwYDVQQD
Eyg3N2RhMTQ5MzY3ZDYzNzhjNWZiNTc2ODg2NzM3MWY5NmY1OTNlNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaFypH4dMLDfU7t5e16OgKghoKi7
0LRgYblc/XGCxgULSvRK75DYtIwuoYmOjAGM1PtXrMuTCfsiYbufV6piaRim3opA
xMpY8sYVa97WF9BQt5ZtcdPWlaCQI3jpfyJvbfkkxaLhvPIaQqBy1p10X2Ddl1+U
ueLfc2jn5164qoiaxMS1RMoNca9vHgA5Zb1a9xImrizZpkIFX0R8cawpFlv48lIL
l0IGQc4kU8xP6aUlPpDBmIsKfDUv+Sq92Wzwoe7azQfso+EsSFW1j0svE8Px2FBo
KliRl3xNl4o2qsS+oQU8QWoQYtQBjUWlO4Xfd6qlbarEXsPwxt1kqy49JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfaFJNn1jeMX7V2iGc3H5b1k+eTMB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfcCS23vW
NFFkQSHtP+sBPWO3nu+UOAOiWGdt5HYI9QqeIVYUWbbNUldvvovlxmSCyhN1UP7U
1Y3fkEzuXAsB/7Ma6AZ3zQZMsOJ5ELa5ocJiJzwHx2WLtLUXOwbTmGllmdw0F4yj
a7M+2aCkYaSD/MG7O6mGJzN4ywjZ0HfovQjhgT0I3uKgZJWSsYhh+TBYodojhhgz
eXyVsD8AghYPA9bH8Nokh9Bz06UBz5jDtBMLoRBgbvSqRai6PFox9NjDSZZrbUpL
9i3OBn3/k4lS73yYWrEKlWKA7sC2pWVzQVrtl3QM+gKHCqjcuatAX76OG/SJY3rT
9FFNkSdqz24Ozg==
-----END CERTIFICATE-----