Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          SF2qb/3CmPXn5Slf3H36ECmdpb5zujsJeJOK/rCr6kQ=
Subject key identifier:   84:9D:EC:EC:68:CF:2E:72:2F:06:B3:3C:95:FF:7C:26:E4:C8:D6:BB
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       019EC0A3BA0638341BBD189A169182949127
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          0609
Signing time:             Sat 13 Jun 2026 11:00:15 +0000
Manifest this update:     Sat 13 Jun 2026 11:00:15 +0000
Manifest next update:     Sun 14 Jun 2026 11:00:15 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: k0q7YlWKF5wAQGbqBDpy6WNVK5sklNO7G5NTML280k4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:a3:ba:06:38:34:1b:bd:18:9a:16:91:82:94:91:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: Jun 13 11:00:15 2026 GMT
            Not After : Jun 14 11:00:15 2026 GMT
        Subject: CN=849decec68cf2e722f06b33c95ff7c26e4c8d6bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:c5:96:96:0a:0d:a0:8a:a5:9d:75:94:8f:78:
                    42:34:6e:e8:c5:84:f4:8b:27:18:db:19:43:f5:84:
                    82:8b:51:4f:38:9e:92:f3:b1:f7:fc:ae:6f:f7:e9:
                    4a:e4:fc:b6:50:f6:ee:7a:be:c5:d0:8f:65:3c:ec:
                    19:e5:b3:12:7a:2f:03:fb:5f:20:bc:e9:04:05:fb:
                    60:c7:2b:1e:93:fa:dd:e5:ea:f8:15:10:35:c6:ad:
                    ed:6e:55:08:ae:11:4f:b1:cf:6b:b0:47:c3:32:b4:
                    14:4c:a9:4f:d6:5d:4c:a1:98:3f:01:b3:80:a2:c3:
                    10:1a:df:da:ac:bf:e1:e5:55:72:49:d8:02:1a:7a:
                    38:d0:af:51:e6:21:9b:72:85:fa:e1:f7:44:51:9c:
                    70:cd:bf:7b:53:07:00:8a:a0:ab:fc:1d:c9:3c:11:
                    dc:7c:9a:43:ba:32:bf:ee:9e:20:bd:7d:29:b6:bf:
                    04:7e:c7:c2:49:0b:18:60:1e:62:b7:14:da:8b:26:
                    0f:25:2a:79:67:1b:59:f2:95:cf:a1:31:1b:75:88:
                    8a:ac:73:da:37:05:ea:d9:b6:48:97:e9:ae:df:b5:
                    2c:d9:10:b9:fc:9e:04:b3:ac:75:e9:ba:3d:70:5d:
                    a6:23:86:b0:5d:7a:86:ed:fe:9b:a7:88:4a:a8:ca:
                    11:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:9D:EC:EC:68:CF:2E:72:2F:06:B3:3C:95:FF:7C:26:E4:C8:D6:BB
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:91:30:22:0a:ce:f9:9f:e4:72:86:37:e3:49:04:c5:1b:a4:
         b9:51:c4:09:12:05:94:3f:c7:2f:17:00:a1:a9:bb:1d:3b:ac:
         2a:f7:de:72:e8:a9:85:6d:f2:11:88:47:24:37:b2:be:f7:63:
         18:0c:3c:53:96:b5:39:98:35:21:50:aa:67:8f:f8:49:1a:73:
         82:ff:97:83:8c:d5:35:a6:9f:98:fa:74:7e:5d:3f:b7:01:55:
         1d:86:5a:6d:1c:ab:4a:86:fa:22:20:c1:e3:27:48:30:16:66:
         ad:c3:17:31:f0:9c:d9:69:4e:ef:5a:ff:60:b0:6e:ac:ca:c6:
         9f:5c:42:be:f5:9e:e9:b0:f8:88:f0:ee:1a:25:78:ff:73:9c:
         89:67:e8:e8:5f:5c:6a:8d:17:b2:b3:47:db:b5:5a:a3:06:83:
         a9:72:3f:4a:96:68:58:de:58:f1:ea:fb:b7:35:75:07:d1:ba:
         9a:f1:5f:fb:2b:dd:ef:c3:f8:7f:65:0e:0d:86:c4:58:7c:17:
         9d:f8:87:a2:d5:6a:87:75:6a:4f:08:7a:39:bb:ea:6f:eb:25:
         34:e9:b1:a8:16:8e:19:3f:b0:46:1a:79:cf:3e:7c:10:84:2f:
         0b:c6:ad:78:6b:b5:bc:1f:8e:aa:f0:b2:2f:50:4c:d7:50:10:
         b2:79:b5:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7Ao7oGODQbvRiaFpGClJEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjYwNjEzMTEwMDE1WhcNMjYwNjE0MTEwMDE1WjAzMTEwLwYDVQQD
Eyg4NDlkZWNlYzY4Y2YyZTcyMmYwNmIzM2M5NWZmN2MyNmU0YzhkNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA78WWlgoNoIqlnXWUj3hCNG7oxYT0
iycY2xlD9YSCi1FPOJ6S87H3/K5v9+lK5Py2UPbuer7F0I9lPOwZ5bMSei8D+18g
vOkEBftgxysek/rd5er4FRA1xq3tblUIrhFPsc9rsEfDMrQUTKlP1l1MoZg/AbOA
osMQGt/arL/h5VVySdgCGno40K9R5iGbcoX64fdEUZxwzb97UwcAiqCr/B3JPBHc
fJpDujK/7p4gvX0ptr8EfsfCSQsYYB5itxTaiyYPJSp5ZxtZ8pXPoTEbdYiKrHPa
NwXq2bZIl+mu37Us2RC5/J4Es6x16bo9cF2mI4awXXqG7f6bp4hKqMoROwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISd7Oxozy5yLwazPJX/fCbkyNa7MB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiJEwIgrO
+Z/kcoY340kExRukuVHECRIFlD/HLxcAoam7HTusKvfecuiphW3yEYhHJDeyvvdj
GAw8U5a1OZg1IVCqZ4/4SRpzgv+Xg4zVNaafmPp0fl0/twFVHYZabRyrSob6IiDB
4ydIMBZmrcMXMfCc2WlO71r/YLBurMrGn1xCvvWe6bD4iPDuGiV4/3OciWfo6F9c
ao0XsrNH27VaowaDqXI/SpZoWN5Y8er7tzV1B9G6mvFf+yvd78P4f2UODYbEWHwX
nfiHotVqh3VqTwh6Obvqb+slNOmxqBaOGT+wRhp5zz58EIQvC8ateGu1vB+OqvCy
L1BM11AQsnm1IA==
-----END CERTIFICATE-----