Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          LDQSuE0ujlDeR5UmCiLhsuTA7ghaiuaEHfOlXgJ5AZg=
Subject key identifier:   36:FE:43:9E:9B:73:CF:94:36:0A:3A:00:F9:10:91:E9:65:8E:44:8F
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       019EC1B6A65077016B4B79CBA56E1C7D627F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          08BB
Signing time:             Sat 13 Jun 2026 16:00:33 +0000
Manifest this update:     Sat 13 Jun 2026 16:00:33 +0000
Manifest next update:     Sun 14 Jun 2026 16:00:33 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: BRSARE6+d7YI8ZfUvMT+/k+Ams2mLVhHpLykoLF69NI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 16:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c1:b6:a6:50:77:01:6b:4b:79:cb:a5:6e:1c:7d:62:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Jun 13 16:00:33 2026 GMT
            Not After : Jun 14 16:00:33 2026 GMT
        Subject: CN=36fe439e9b73cf94360a3a00f91091e9658e448f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ef:40:82:5e:9c:1f:27:62:a4:06:50:65:ea:
                    e9:f1:e8:39:e6:2d:cb:ba:2d:a9:d4:72:48:ac:85:
                    b6:78:bf:03:15:05:f3:07:31:a4:02:bf:85:7c:e1:
                    fd:11:b1:68:d1:ec:fd:e5:f7:18:87:57:0f:9f:09:
                    f5:ed:74:92:8a:dd:5a:b5:cc:f4:3f:d3:bc:a0:cf:
                    ee:e7:32:4f:f1:ca:fe:e8:36:ce:65:8f:b3:e6:6c:
                    e7:b7:3a:24:22:3a:bd:9a:64:44:d8:5b:3b:bb:4e:
                    d3:d3:4c:57:46:12:3c:44:86:97:6c:23:1d:c8:2a:
                    86:b9:9d:bf:a9:24:28:6a:c7:eb:a5:2c:d5:a0:35:
                    a3:7b:c8:33:b1:6e:c6:ad:e0:0f:1a:39:8b:c4:de:
                    c1:2a:ad:86:78:ae:32:60:24:68:ab:57:21:a2:26:
                    1c:2e:64:e3:36:5b:1d:b6:bf:2b:b3:93:b2:dc:9e:
                    f1:20:da:f9:0a:4a:d0:bf:c3:02:5b:fc:38:fa:23:
                    c4:bb:bf:be:bd:21:aa:12:51:0d:54:2f:96:94:ee:
                    8f:03:91:3c:8a:7c:97:17:97:7d:51:08:0e:f6:ba:
                    45:0d:06:0a:09:cb:21:b5:13:fd:ff:18:bc:69:a3:
                    c2:b9:da:97:33:fe:99:27:14:28:26:77:87:af:11:
                    3a:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:FE:43:9E:9B:73:CF:94:36:0A:3A:00:F9:10:91:E9:65:8E:44:8F
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:9d:1a:54:54:44:21:f4:77:fa:cb:91:08:30:e8:1b:4e:39:
         15:f8:b4:1e:f7:aa:d8:52:fd:56:24:35:b8:e3:85:25:e5:0e:
         26:60:14:40:d4:83:fb:06:b2:81:24:d4:a2:81:30:1f:e8:d7:
         93:f6:88:9f:a3:fd:5e:ac:fd:9f:b8:a1:34:d9:56:1d:c5:a8:
         cf:b5:ee:71:5a:e5:cb:a1:c8:ec:da:d2:ef:e7:9f:28:ad:8b:
         41:87:2b:f7:b9:aa:9c:24:9c:30:58:86:88:8e:eb:e0:ac:f8:
         06:e6:2a:f0:b5:bb:8a:52:a1:6e:a1:31:55:6b:0f:20:56:6d:
         2f:fb:17:09:4a:7f:83:f8:f6:f3:c8:86:b2:e4:f9:75:f5:a4:
         be:cb:6b:7d:b7:a5:31:65:d5:07:5e:f0:0b:23:e7:60:b0:7a:
         eb:77:cb:83:70:f0:a4:b0:65:2a:07:44:98:90:e3:4a:ca:0b:
         9a:e5:09:dc:74:ad:71:bf:c0:e1:a3:54:e1:13:84:17:a4:f8:
         73:34:b3:f4:a5:40:38:29:c5:e8:fb:77:f0:26:a7:11:d6:cf:
         8c:a1:a2:92:c9:0e:71:4f:8a:b8:c8:16:8f:c3:f7:27:01:ee:
         75:a4:46:c5:27:89:b0:42:f5:2f:29:75:41:fb:c8:bf:6e:76:
         56:08:98:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7BtqZQdwFrS3nLpW4cfWJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjYwNjEzMTYwMDMzWhcNMjYwNjE0MTYwMDMzWjAzMTEwLwYDVQQD
EygzNmZlNDM5ZTliNzNjZjk0MzYwYTNhMDBmOTEwOTFlOTY1OGU0NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte9Agl6cHydipAZQZerp8eg55i3L
ui2p1HJIrIW2eL8DFQXzBzGkAr+FfOH9EbFo0ez95fcYh1cPnwn17XSSit1atcz0
P9O8oM/u5zJP8cr+6DbOZY+z5mzntzokIjq9mmRE2Fs7u07T00xXRhI8RIaXbCMd
yCqGuZ2/qSQoasfrpSzVoDWje8gzsW7GreAPGjmLxN7BKq2GeK4yYCRoq1choiYc
LmTjNlsdtr8rs5Oy3J7xINr5CkrQv8MCW/w4+iPEu7++vSGqElENVC+WlO6PA5E8
inyXF5d9UQgO9rpFDQYKCcshtRP9/xi8aaPCudqXM/6ZJxQoJneHrxE6ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDb+Q56bc8+UNgo6APkQkelljkSPMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB50aVFRE
IfR3+suRCDDoG045Ffi0Hveq2FL9ViQ1uOOFJeUOJmAUQNSD+waygSTUooEwH+jX
k/aIn6P9Xqz9n7ihNNlWHcWoz7XucVrly6HI7NrS7+efKK2LQYcr97mqnCScMFiG
iI7r4Kz4BuYq8LW7ilKhbqExVWsPIFZtL/sXCUp/g/j288iGsuT5dfWkvstrfbel
MWXVB17wCyPnYLB663fLg3DwpLBlKgdEmJDjSsoLmuUJ3HStcb/A4aNU4ROEF6T4
czSz9KVAOCnF6Pt38CanEdbPjKGikskOcU+KuMgWj8P3JwHudaRGxSeJsEL1Lyl1
QfvIv252VgiYlA==
-----END CERTIFICATE-----