Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          JM+7o8jyh6A1DfyYgrvjIOrJIVxkCrQhkTkGpQlYJeM=
Subject key identifier:   95:A9:3C:66:84:60:72:1A:CA:D6:42:99:F1:0C:18:71:CF:3D:7A:88
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       019D9B50873BBD26E81F7FD6D233B7029917
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          174F
Signing time:             Fri 17 Apr 2026 12:00:38 +0000
Manifest this update:     Fri 17 Apr 2026 12:00:38 +0000
Manifest next update:     Sat 18 Apr 2026 12:00:38 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: LyfhE8p9Wkx7in5muVGxvD3IGZZhC8VML+rTwKPpeJM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:87:3b:bd:26:e8:1f:7f:d6:d2:33:b7:02:99:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Apr 17 12:00:38 2026 GMT
            Not After : Apr 18 12:00:38 2026 GMT
        Subject: CN=95a93c668460721acad64299f10c1871cf3d7a88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:6d:16:10:1f:83:72:74:7d:d6:34:95:59:71:
                    c4:5f:f7:3e:72:bd:2a:f2:77:9b:72:d0:6d:d6:31:
                    4b:de:95:c7:9a:b4:d3:05:f0:ed:5d:82:65:7a:be:
                    2d:26:45:3f:36:c1:bc:30:47:34:7b:5e:c9:27:e9:
                    26:75:5f:bc:50:23:5a:99:bc:19:25:24:f0:58:ae:
                    bb:7c:a6:0d:44:c5:a8:c8:cc:21:1e:a1:52:50:6e:
                    84:02:b4:3e:e4:94:6e:8c:9c:e6:b2:2f:04:8a:23:
                    80:ed:2e:7b:ac:4a:85:78:d9:4d:81:bd:82:28:06:
                    be:c5:2d:64:93:16:1d:27:04:6c:4b:ae:6c:83:11:
                    6e:c6:12:eb:70:d8:2e:85:fd:67:06:ac:b8:86:16:
                    56:47:dc:d0:9a:05:4f:be:d3:72:b6:27:0a:b3:e7:
                    89:13:75:8b:1a:ae:3c:9b:2b:c2:76:55:eb:ec:e6:
                    a2:64:62:79:a7:bc:51:61:fe:37:e4:68:a1:37:8b:
                    0e:a5:34:27:c9:02:41:66:eb:b9:90:b7:7b:fe:2d:
                    3b:b4:22:ca:ed:20:59:f4:7a:3f:3b:1e:2e:8e:e9:
                    e2:bd:57:81:ad:be:ae:dc:c4:cf:52:1a:1c:34:45:
                    11:23:78:60:88:2d:a1:a1:6d:b1:99:1d:84:c5:44:
                    8b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:A9:3C:66:84:60:72:1A:CA:D6:42:99:F1:0C:18:71:CF:3D:7A:88
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:e3:33:d0:82:d5:d7:91:25:25:77:07:18:53:91:59:65:cd:
         90:07:d7:3d:4b:2d:11:83:a1:d3:6a:60:04:4b:01:16:c8:a4:
         7f:0e:ca:e3:8e:ac:56:17:4b:a2:3b:d3:80:4d:96:7d:a1:42:
         58:d7:43:ab:79:a7:cd:07:f3:c1:6c:82:6c:c4:a8:a8:94:49:
         6e:d1:be:a5:5c:66:da:cf:8c:b5:37:a7:ec:fc:b9:7f:f7:c9:
         2b:31:bb:b1:22:67:75:6f:10:6e:ae:aa:80:a0:85:2d:16:d6:
         b0:02:8c:da:8b:14:0a:f6:d0:cf:9c:7f:a9:ca:d7:4a:56:29:
         9c:88:5d:2b:4c:fe:fd:8e:fe:b2:8c:ad:8f:78:8a:50:e1:e6:
         1f:93:70:89:d9:96:1a:5d:f2:ad:ad:1f:1a:08:84:cb:91:d7:
         b9:c0:ab:63:7a:a6:0d:f9:3c:ff:77:15:c6:54:0e:18:cc:02:
         84:39:b2:80:55:bc:1b:1c:e9:e4:25:1f:1e:0a:c2:62:5e:9f:
         12:a5:c9:c9:c2:d6:8d:b4:a5:74:c9:0b:6d:d8:78:3f:13:0f:
         1f:d8:ea:c8:45:af:74:a3:c3:d6:69:99:91:c8:0e:56:75:4a:
         e1:82:51:cf:26:26:ee:a1:a7:dc:61:8b:64:f8:f5:61:82:82:
         15:4c:12:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUIc7vSboH3/W0jO3ApkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjYwNDE3MTIwMDM4WhcNMjYwNDE4MTIwMDM4WjAzMTEwLwYDVQQD
Eyg5NWE5M2M2Njg0NjA3MjFhY2FkNjQyOTlmMTBjMTg3MWNmM2Q3YTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn20WEB+DcnR91jSVWXHEX/c+cr0q
8nebctBt1jFL3pXHmrTTBfDtXYJler4tJkU/NsG8MEc0e17JJ+kmdV+8UCNambwZ
JSTwWK67fKYNRMWoyMwhHqFSUG6EArQ+5JRujJzmsi8EiiOA7S57rEqFeNlNgb2C
KAa+xS1kkxYdJwRsS65sgxFuxhLrcNguhf1nBqy4hhZWR9zQmgVPvtNyticKs+eJ
E3WLGq48myvCdlXr7OaiZGJ5p7xRYf435GihN4sOpTQnyQJBZuu5kLd7/i07tCLK
7SBZ9Ho/Ox4ujunivVeBrb6u3MTPUhocNEURI3hgiC2hoW2xmR2ExUSLzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWpPGaEYHIaytZCmfEMGHHPPXqIMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAguMz0ILV
15ElJXcHGFORWWXNkAfXPUstEYOh02pgBEsBFsikfw7K446sVhdLojvTgE2WfaFC
WNdDq3mnzQfzwWyCbMSoqJRJbtG+pVxm2s+MtTen7Py5f/fJKzG7sSJndW8Qbq6q
gKCFLRbWsAKM2osUCvbQz5x/qcrXSlYpnIhdK0z+/Y7+soytj3iKUOHmH5NwidmW
Gl3yra0fGgiEy5HXucCrY3qmDfk8/3cVxlQOGMwChDmygFW8Gxzp5CUfHgrCYl6f
EqXJycLWjbSldMkLbdh4PxMPH9jqyEWvdKPD1mmZkcgOVnVK4YJRzyYm7qGn3GGL
ZPj1YYKCFUwSoA==
-----END CERTIFICATE-----