Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          NlAlJv+OpO5iDKvJP28umuiC0zvbqaphJBnXcVIdxtQ=
Subject key identifier:   1D:2F:22:F7:3F:DA:E1:EE:AD:6D:77:20:C4:54:A9:A6:BB:EB:A6:F1
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       019DA2D392233FBC79AE27DDF80E2472CD7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          0575
Signing time:             Sat 18 Apr 2026 23:01:07 +0000
Manifest this update:     Sat 18 Apr 2026 23:01:07 +0000
Manifest next update:     Sun 19 Apr 2026 23:01:07 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: 1Dx5az58cSXTZKAoYpHyZwswmBQ81HJb61hOGGkqfbI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 23:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:d3:92:23:3f:bc:79:ae:27:dd:f8:0e:24:72:cd:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: Apr 18 23:01:07 2026 GMT
            Not After : Apr 19 23:01:07 2026 GMT
        Subject: CN=1d2f22f73fdae1eead6d7720c454a9a6bbeba6f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:98:ed:c2:69:e9:64:9f:e3:da:05:b9:f5:41:
                    a4:37:50:93:dc:3f:4e:d5:51:6e:dc:7f:6d:4e:0e:
                    07:0f:57:db:19:24:3c:19:65:f3:21:c5:52:d3:cd:
                    54:3c:63:15:23:f4:ca:8a:21:99:56:f8:63:1c:26:
                    a6:43:ca:d7:a4:ab:ee:fa:20:75:c8:dc:05:c2:87:
                    db:7a:77:c9:df:59:74:d6:83:0f:6d:6c:fa:f0:53:
                    fd:51:30:46:20:e7:f0:73:03:4c:1d:99:8a:76:0f:
                    a1:21:b5:de:fa:97:e9:f2:0e:fb:84:c7:aa:8e:c7:
                    83:38:3a:76:e4:6d:ec:49:4b:25:d9:97:7b:6c:f8:
                    32:5e:04:dc:ff:8a:b8:1c:27:a2:60:bf:eb:40:e9:
                    e6:15:c8:c1:c2:ac:c3:1b:e2:e1:bd:29:56:78:ba:
                    bb:1d:65:ef:9d:33:d6:fd:26:50:cc:95:69:a7:f0:
                    7b:12:e9:8c:5a:15:6e:f3:1a:6e:cd:48:f6:bb:43:
                    66:ca:63:31:17:2e:2f:ec:6e:8e:4d:77:47:f7:4e:
                    80:42:94:4b:fb:66:e4:3f:06:8b:75:bf:5a:a0:f3:
                    e3:0e:c1:af:8f:1f:75:5c:96:f4:6f:ea:b4:92:df:
                    fb:9c:71:00:1f:85:f3:5c:1f:0c:c4:ad:74:bf:eb:
                    9b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:2F:22:F7:3F:DA:E1:EE:AD:6D:77:20:C4:54:A9:A6:BB:EB:A6:F1
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:31:1e:5f:8c:19:a8:84:a6:b7:3a:c6:5d:08:1b:87:69:a4:
         99:d7:d8:4a:64:0a:f6:93:ce:14:e0:24:b9:72:51:83:f3:41:
         bf:13:ec:51:21:ba:09:5c:65:38:32:ce:b5:37:7f:ac:e0:53:
         e6:df:ec:26:67:5c:4a:9d:1d:42:70:e0:f6:fa:bd:90:04:f5:
         ac:e6:d1:9b:75:1c:3f:59:ae:de:20:37:5e:18:7d:d4:f9:ce:
         52:ee:6f:60:4c:ec:08:fe:0b:26:e2:af:85:0a:c4:57:a1:02:
         e6:9e:8a:76:69:81:f1:0e:d3:b3:fa:b2:a7:d3:60:24:05:e9:
         b8:af:48:3c:db:a2:b6:e0:84:84:55:43:33:0a:81:f0:bb:c3:
         2b:82:77:1e:9e:87:ec:eb:93:6b:75:89:83:5d:e4:b6:9f:ad:
         43:4c:ad:07:df:8f:ba:d4:60:55:52:53:45:97:04:98:c2:bd:
         85:31:cc:c2:9d:e6:ba:35:5e:88:54:67:d6:1c:54:d2:4a:4e:
         2a:9c:68:bf:c3:7d:68:cb:12:1c:ae:9a:18:d1:53:12:dc:c3:
         cf:81:4b:ab:72:f9:ec:68:ce:e8:4a:a2:b7:c2:f2:29:23:54:
         ed:10:23:24:e1:6a:9a:6f:96:3f:5f:35:d0:c8:78:71:5e:90:
         65:b4:b1:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2i05IjP7x5rifd+A4kcs1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjYwNDE4MjMwMTA3WhcNMjYwNDE5MjMwMTA3WjAzMTEwLwYDVQQD
EygxZDJmMjJmNzNmZGFlMWVlYWQ2ZDc3MjBjNDU0YTlhNmJiZWJhNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5jtwmnpZJ/j2gW59UGkN1CT3D9O
1VFu3H9tTg4HD1fbGSQ8GWXzIcVS081UPGMVI/TKiiGZVvhjHCamQ8rXpKvu+iB1
yNwFwofbenfJ31l01oMPbWz68FP9UTBGIOfwcwNMHZmKdg+hIbXe+pfp8g77hMeq
jseDODp25G3sSUsl2Zd7bPgyXgTc/4q4HCeiYL/rQOnmFcjBwqzDG+LhvSlWeLq7
HWXvnTPW/SZQzJVpp/B7EumMWhVu8xpuzUj2u0NmymMxFy4v7G6OTXdH906AQpRL
+2bkPwaLdb9aoPPjDsGvjx91XJb0b+q0kt/7nHEAH4XzXB8MxK10v+ubqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0vIvc/2uHurW13IMRUqaa766bxMB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhTEeX4wZ
qISmtzrGXQgbh2mkmdfYSmQK9pPOFOAkuXJRg/NBvxPsUSG6CVxlODLOtTd/rOBT
5t/sJmdcSp0dQnDg9vq9kAT1rObRm3UcP1mu3iA3Xhh91PnOUu5vYEzsCP4LJuKv
hQrEV6EC5p6KdmmB8Q7Ts/qyp9NgJAXpuK9IPNuituCEhFVDMwqB8LvDK4J3Hp6H
7OuTa3WJg13ktp+tQ0ytB9+PutRgVVJTRZcEmMK9hTHMwp3mujVeiFRn1hxU0kpO
Kpxov8N9aMsSHK6aGNFTEtzDz4FLq3L57GjO6Eqit8LyKSNU7RAjJOFqmm+WP181
0Mh4cV6QZbSxVQ==
-----END CERTIFICATE-----