Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          6nwysGoG43PaLHssT3vcHqdyo4/b4gTVFkvn3c+xJUc=
Subject key identifier:   72:7B:CA:95:3C:3E:40:06:E7:98:2D:C1:F6:EF:31:0F:2A:CC:13:A1
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       019CADC77AEDBC7A7757E4F6FDF17EEF1927
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          16D4
Signing time:             Mon 02 Mar 2026 09:00:57 +0000
Manifest this update:     Mon 02 Mar 2026 09:00:57 +0000
Manifest next update:     Tue 03 Mar 2026 09:00:57 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: 12REsEk2gXkLG+ASeTQmwZCP9tdvX3rS8NQ8BEs14Ug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:7a:ed:bc:7a:77:57:e4:f6:fd:f1:7e:ef:19:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Mar  2 09:00:57 2026 GMT
            Not After : Mar  3 09:00:57 2026 GMT
        Subject: CN=727bca953c3e4006e7982dc1f6ef310f2acc13a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:fc:c9:ab:c5:c9:b6:dc:75:36:d1:41:a2:96:
                    92:d7:de:46:10:57:cc:f9:cd:b5:79:fa:3e:52:70:
                    b5:00:af:3b:3c:44:f0:ab:3f:da:01:13:54:49:bb:
                    04:cc:9d:6c:3e:5f:e8:58:03:d0:64:41:aa:a2:6b:
                    53:6d:38:39:59:7d:8e:7d:9b:28:8e:12:a4:5a:2d:
                    2b:64:f2:cf:ea:8f:65:fe:a3:e4:05:27:91:bf:18:
                    48:b4:73:90:ff:9a:d5:29:0b:5d:e0:e6:a9:a2:bd:
                    e4:c3:e5:9a:c8:0d:0e:d8:5b:2d:62:96:80:24:a1:
                    b2:8e:a8:5d:76:7d:e6:cd:0a:ed:4b:4b:c6:e2:1d:
                    01:ae:8e:0b:35:24:d3:cf:41:98:79:14:ad:60:79:
                    e4:a7:b7:eb:25:ed:05:54:92:ba:a6:f8:f0:b1:d9:
                    c8:15:19:87:5f:70:9b:69:bf:67:29:b6:53:f6:93:
                    dd:8a:2c:01:a5:c1:3a:f3:9f:4d:d6:ab:3a:6d:6a:
                    c1:76:0f:c5:9d:1e:84:38:5d:26:22:c9:48:d8:f0:
                    5f:c7:3a:c3:06:10:f4:ac:f6:c8:7b:c4:4d:c4:6d:
                    da:76:28:b3:46:27:ed:58:d9:fb:00:f5:82:eb:9f:
                    20:05:dd:54:24:b2:10:a0:01:23:1b:d6:2a:53:85:
                    e7:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:7B:CA:95:3C:3E:40:06:E7:98:2D:C1:F6:EF:31:0F:2A:CC:13:A1
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:ab:3d:bf:07:cb:8f:59:5b:bd:c8:4c:5b:73:30:f5:1f:c1:
         c1:f4:34:26:37:06:75:68:c6:e1:b7:30:bd:4a:03:b8:90:d1:
         a0:60:10:19:1f:7c:64:87:23:ed:a3:3b:69:41:d6:1f:4b:b0:
         a0:85:66:2a:c0:72:42:ee:b2:c7:30:23:f6:07:d8:20:3b:b3:
         d9:71:c1:1e:cf:b2:70:fb:dd:03:f2:bc:ad:eb:ea:74:0d:c8:
         7d:e6:cd:0a:63:bd:a9:d7:79:5f:4f:e0:f6:a3:6e:f1:51:06:
         3a:9f:e7:14:e8:b7:2f:67:08:fb:ba:86:af:d5:1c:dc:41:c6:
         8a:0c:08:47:ce:76:cc:27:b0:31:cf:c2:17:c8:f1:42:37:8a:
         24:b8:e7:37:ed:ed:36:d1:a1:a3:e5:d9:ed:55:31:8e:b6:89:
         e8:d2:cd:be:20:f0:9c:9a:d3:30:98:b9:02:da:d4:77:44:e0:
         7e:87:bd:0c:a9:a9:4f:67:18:c8:74:cd:39:c5:ef:57:b4:0b:
         8d:66:19:e4:93:35:95:68:a9:4f:bc:40:3f:71:f1:12:d6:a2:
         ea:aa:34:5f:5c:8b:9f:5a:23:05:c1:0a:8d:c8:e7:90:2b:be:
         92:80:09:94:c9:3d:79:58:e8:b2:c7:f2:9d:d0:3c:a9:c7:ed:
         bd:c6:b5:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx3rtvHp3V+T2/fF+7xknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjYwMzAyMDkwMDU3WhcNMjYwMzAzMDkwMDU3WjAzMTEwLwYDVQQD
Eyg3MjdiY2E5NTNjM2U0MDA2ZTc5ODJkYzFmNmVmMzEwZjJhY2MxM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofzJq8XJttx1NtFBopaS195GEFfM
+c21efo+UnC1AK87PETwqz/aARNUSbsEzJ1sPl/oWAPQZEGqomtTbTg5WX2OfZso
jhKkWi0rZPLP6o9l/qPkBSeRvxhItHOQ/5rVKQtd4Oapor3kw+WayA0O2FstYpaA
JKGyjqhddn3mzQrtS0vG4h0Bro4LNSTTz0GYeRStYHnkp7frJe0FVJK6pvjwsdnI
FRmHX3Cbab9nKbZT9pPdiiwBpcE6859N1qs6bWrBdg/FnR6EOF0mIslI2PBfxzrD
BhD0rPbIe8RNxG3adiizRiftWNn7APWC658gBd1UJLIQoAEjG9YqU4Xn8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJ7ypU8PkAG55gtwfbvMQ8qzBOhMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6s9vwfL
j1lbvchMW3Mw9R/BwfQ0JjcGdWjG4bcwvUoDuJDRoGAQGR98ZIcj7aM7aUHWH0uw
oIVmKsByQu6yxzAj9gfYIDuz2XHBHs+ycPvdA/K8revqdA3IfebNCmO9qdd5X0/g
9qNu8VEGOp/nFOi3L2cI+7qGr9Uc3EHGigwIR852zCewMc/CF8jxQjeKJLjnN+3t
NtGho+XZ7VUxjraJ6NLNviDwnJrTMJi5AtrUd0Tgfoe9DKmpT2cYyHTNOcXvV7QL
jWYZ5JM1lWipT7xAP3HxEtai6qo0X1yLn1ojBcEKjcjnkCu+koAJlMk9eVjossfy
ndA8qcftvca1TA==
-----END CERTIFICATE-----