Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
File:                     2nVBcltyi1qJ87-vIPh2VWPC8_s.mft (raw, json)
Hash identifier:          cYzsnl4sx37nL+KauONNAP/MsaixUvpV60Pj/RLTpJg=
Subject key identifier:   7D:7E:E1:C4:8C:5D:9E:26:12:FC:3F:BB:73:D5:DE:3C:79:A6:86:45
Authority key identifier: DA:75:41:72:5B:72:8B:5A:89:F3:BF:AF:20:F8:76:55:63:C2:F3:FB
Certificate issuer:       /CN=da7541725b728b5a89f3bfaf20f8765563c2f3fb
Certificate serial:       019EBE7FA05EBA6BC5A5E0BE892205794B72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
Manifest number:          1955
Signing time:             Sat 13 Jun 2026 01:01:35 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:35 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:35 +0000
Files and hashes:         1: 2nVBcltyi1qJ87-vIPh2VWPC8_s.crl (hash: IOCMGePen1OdPHGnsQe0frwxxOxMRKxbGM4FiMj8evk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:a0:5e:ba:6b:c5:a5:e0:be:89:22:05:79:4b:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da7541725b728b5a89f3bfaf20f8765563c2f3fb
        Validity
            Not Before: Jun 13 01:01:35 2026 GMT
            Not After : Jun 14 01:01:35 2026 GMT
        Subject: CN=7d7ee1c48c5d9e2612fc3fbb73d5de3c79a68645
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:f0:ad:66:90:84:ff:39:69:35:4d:8b:10:c2:
                    67:e8:c2:d6:94:ac:8d:31:b4:82:e6:e0:a7:c3:d5:
                    7d:e9:38:80:2c:0e:cb:73:c3:6f:16:79:79:72:50:
                    ee:b7:ee:7c:01:4b:33:10:7c:59:0d:5f:e1:78:c1:
                    12:af:ca:12:03:4a:88:af:08:6d:c8:71:c3:9c:f4:
                    e4:fb:2f:84:10:58:37:6c:6e:db:d3:48:66:f5:5c:
                    2c:43:57:c4:6b:dc:7c:5f:e0:6b:92:eb:40:79:24:
                    a9:6b:f6:ec:d7:d6:54:87:2d:4a:cc:dd:59:81:c9:
                    b3:cb:8e:aa:68:a0:71:98:1f:1b:fb:29:15:a9:72:
                    32:1e:d5:47:f5:ed:26:ee:6b:f1:a2:ab:31:0e:b7:
                    03:33:0c:4a:c0:6e:52:96:7b:2f:c0:c9:3b:2f:e1:
                    7c:89:67:5a:34:05:37:9d:88:ae:96:d4:96:f0:69:
                    a5:d8:8c:02:2c:b1:b1:66:92:72:bd:a4:fc:6c:8a:
                    e8:fb:79:b4:13:a1:5e:e1:88:cf:78:6f:31:51:21:
                    bd:c6:fa:74:97:3a:70:67:d6:19:53:be:34:ad:3e:
                    b2:31:00:a2:c8:cc:ce:c2:c9:7d:24:27:7d:52:1a:
                    93:b9:20:53:b2:c0:90:bd:ea:5a:f1:39:11:a5:f6:
                    dd:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:7E:E1:C4:8C:5D:9E:26:12:FC:3F:BB:73:D5:DE:3C:79:A6:86:45
            X509v3 Authority Key Identifier:
                keyid:DA:75:41:72:5B:72:8B:5A:89:F3:BF:AF:20:F8:76:55:63:C2:F3:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:cb:1d:f9:92:da:b4:1e:dc:d1:b5:c4:62:8e:8a:0f:72:87:
         05:3f:da:59:4d:4f:e1:f4:09:db:a7:d8:ed:7e:45:7e:54:b7:
         4e:43:7a:46:82:6b:11:53:12:98:0d:c9:14:6f:a4:af:3e:b2:
         28:ca:b6:be:a6:77:df:16:44:34:61:66:43:3d:b3:ce:e1:b7:
         15:94:57:24:63:b3:b4:2e:df:70:bc:9b:60:2f:e9:61:b8:ea:
         18:da:c2:50:61:e0:0b:a9:ad:2c:92:72:13:b4:cb:09:9f:c7:
         57:54:79:30:68:a9:ec:b1:69:89:01:d2:fc:48:8a:8c:b8:a7:
         20:d8:17:88:b8:73:a5:3f:0e:05:11:fd:d2:33:57:d7:0a:af:
         bc:47:d4:ef:a3:f4:74:9d:93:e3:c8:5a:35:bc:f5:38:18:9f:
         ed:84:9d:e4:ff:bc:14:7f:78:af:d3:84:ae:ca:92:bc:16:24:
         9b:b9:dd:7c:ed:89:4d:83:70:32:f1:78:2c:4f:e1:28:dd:5a:
         d4:ae:0b:6b:89:05:a8:80:09:fb:f0:f3:5a:5a:ba:f5:53:3b:
         04:bf:6e:de:69:f7:94:cb:71:8e:9c:92:52:ad:43:89:15:17:
         88:80:f7:7d:d3:36:4f:a6:ca:6b:ed:67:86:f4:0e:7c:cc:86:
         1e:e6:f0:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+f6BeumvFpeC+iSIFeUtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzU0MTcyNWI3MjhiNWE4OWYzYmZhZjIwZjg3NjU1NjNj
MmYzZmIwHhcNMjYwNjEzMDEwMTM1WhcNMjYwNjE0MDEwMTM1WjAzMTEwLwYDVQQD
Eyg3ZDdlZTFjNDhjNWQ5ZTI2MTJmYzNmYmI3M2Q1ZGUzYzc5YTY4NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvCtZpCE/zlpNU2LEMJn6MLWlKyN
MbSC5uCnw9V96TiALA7Lc8NvFnl5clDut+58AUszEHxZDV/heMESr8oSA0qIrwht
yHHDnPTk+y+EEFg3bG7b00hm9VwsQ1fEa9x8X+BrkutAeSSpa/bs19ZUhy1KzN1Z
gcmzy46qaKBxmB8b+ykVqXIyHtVH9e0m7mvxoqsxDrcDMwxKwG5SlnsvwMk7L+F8
iWdaNAU3nYiultSW8Gml2IwCLLGxZpJyvaT8bIro+3m0E6Fe4YjPeG8xUSG9xvp0
lzpwZ9YZU740rT6yMQCiyMzOwsl9JCd9UhqTuSBTssCQvepa8TkRpfbd3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1+4cSMXZ4mEvw/u3PV3jx5poZFMB8GA1UdIwQY
MBaAFNp1QXJbcotaifO/ryD4dlVjwvP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80ZDM5YjEtZmM5YS00NDc2LWE3OWMt
ZGI4ZmQ1MDdkMWI2LzEvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80ZDM5YjEtZmM5YS00NDc2LWE3OWMtZGI4ZmQ1MDdkMWI2
LzEvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc8sd+ZLa
tB7c0bXEYo6KD3KHBT/aWU1P4fQJ26fY7X5FflS3TkN6RoJrEVMSmA3JFG+krz6y
KMq2vqZ33xZENGFmQz2zzuG3FZRXJGOztC7fcLybYC/pYbjqGNrCUGHgC6mtLJJy
E7TLCZ/HV1R5MGip7LFpiQHS/EiKjLinINgXiLhzpT8OBRH90jNX1wqvvEfU76P0
dJ2T48haNbz1OBif7YSd5P+8FH94r9OErsqSvBYkm7ndfO2JTYNwMvF4LE/hKN1a
1K4La4kFqIAJ+/DzWlq69VM7BL9u3mn3lMtxjpySUq1DiRUXiID3fdM2T6bKa+1n
hvQOfMyGHubw5A==
-----END CERTIFICATE-----