Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          RS23G7v4q6gyv+k268W/RTA1EfJUgWjYrktlHy17pek=
Subject key identifier:   7D:D0:5D:84:D2:4E:4D:6C:08:7F:8D:81:BD:25:5C:4C:9A:26:1F:77
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       019D9A3E2080CD18301A868DF35F63845FC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          0822
Signing time:             Fri 17 Apr 2026 07:00:55 +0000
Manifest this update:     Fri 17 Apr 2026 07:00:55 +0000
Manifest next update:     Sat 18 Apr 2026 07:00:55 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: fY1y+jeXlMWwUY/AYO5k3PMpYdz1GXnp89i8UWYznqQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:20:80:cd:18:30:1a:86:8d:f3:5f:63:84:5f:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Apr 17 07:00:55 2026 GMT
            Not After : Apr 18 07:00:55 2026 GMT
        Subject: CN=7dd05d84d24e4d6c087f8d81bd255c4c9a261f77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:04:77:4c:48:0d:1f:74:82:ec:45:f6:67:0d:
                    e6:8c:70:da:93:c6:46:76:48:63:f6:c7:3d:b0:a0:
                    4e:71:3b:69:e7:f3:a0:ca:da:38:8b:14:84:a1:11:
                    d6:fb:e3:79:26:17:23:3d:80:8a:bf:fc:ec:ec:03:
                    4b:dd:1c:f5:4d:ce:01:70:f3:f7:8f:a9:36:15:c4:
                    56:2d:1b:b5:96:f0:d1:1a:d2:98:1e:2a:2d:e6:34:
                    b2:c6:fe:9c:2e:ea:b9:dc:4d:aa:af:df:00:a4:28:
                    78:3b:e7:f2:f0:8f:10:90:58:8e:de:5e:1e:bf:3f:
                    57:9a:30:2f:4a:46:50:27:62:46:4a:d3:b7:27:4e:
                    4c:5a:08:26:86:23:1c:cc:fd:3a:79:29:83:6e:03:
                    07:eb:a4:5b:f9:28:ec:b4:58:0b:b2:55:c3:17:90:
                    f9:0f:13:0f:5c:c1:14:37:2d:e4:0c:1f:89:4f:0c:
                    26:7d:52:43:56:c6:98:45:cc:19:fe:10:f2:28:65:
                    dd:ce:d2:e7:ff:de:9c:a3:ee:d1:e8:30:01:67:78:
                    10:dd:31:02:74:26:41:ad:bb:fb:a9:66:30:b8:99:
                    05:ad:ae:84:d3:dc:5c:25:8d:e5:91:30:74:7b:7a:
                    fd:eb:a0:fe:d1:aa:93:53:0c:e0:5c:a4:8c:22:da:
                    84:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:D0:5D:84:D2:4E:4D:6C:08:7F:8D:81:BD:25:5C:4C:9A:26:1F:77
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:21:11:f6:7d:f1:46:b4:a8:b8:cf:45:b4:74:18:aa:4e:23:
         01:0d:f4:14:9e:e7:b1:be:26:c9:98:d6:fb:ce:a6:bb:2c:9a:
         16:48:77:f6:5e:11:9a:18:10:8a:b0:be:74:ce:cf:bb:0c:c4:
         47:02:91:af:44:53:fe:e2:f4:4c:a9:12:a9:28:97:c3:49:d5:
         48:f4:8a:0f:f4:8c:ac:f8:51:3a:85:f8:b0:38:26:de:b3:76:
         60:09:5b:18:77:67:97:20:7a:4e:e0:70:69:60:ec:bd:35:ee:
         87:a5:35:f3:8c:1d:00:28:de:13:59:20:75:7c:b2:92:04:29:
         ea:b7:be:39:04:3a:be:92:16:2d:73:de:59:1c:46:55:b2:da:
         15:a6:bf:43:2e:2c:b2:74:8b:7d:d4:1e:e1:60:16:eb:45:6a:
         61:ab:58:fb:44:9b:ca:42:e7:10:ae:55:26:ba:c1:24:0c:ff:
         ce:8d:86:93:71:09:0b:25:1b:e8:9e:4f:80:47:96:ff:ff:d7:
         22:e2:e3:58:ac:ba:4d:bb:59:0e:16:6e:d4:42:33:be:d6:9b:
         cd:b1:59:2b:76:63:69:7b:02:55:2b:4b:9d:0e:2b:ac:37:0e:
         ce:74:9f:81:f7:e4:cd:e9:c1:c4:81:78:2f:19:3b:22:b9:f0:
         ac:b4:b6:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPiCAzRgwGoaN819jhF/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjYwNDE3MDcwMDU1WhcNMjYwNDE4MDcwMDU1WjAzMTEwLwYDVQQD
Eyg3ZGQwNWQ4NGQyNGU0ZDZjMDg3ZjhkODFiZDI1NWM0YzlhMjYxZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQR3TEgNH3SC7EX2Zw3mjHDak8ZG
dkhj9sc9sKBOcTtp5/Ogyto4ixSEoRHW++N5JhcjPYCKv/zs7ANL3Rz1Tc4BcPP3
j6k2FcRWLRu1lvDRGtKYHiot5jSyxv6cLuq53E2qr98ApCh4O+fy8I8QkFiO3l4e
vz9XmjAvSkZQJ2JGStO3J05MWggmhiMczP06eSmDbgMH66Rb+SjstFgLslXDF5D5
DxMPXMEUNy3kDB+JTwwmfVJDVsaYRcwZ/hDyKGXdztLn/96co+7R6DABZ3gQ3TEC
dCZBrbv7qWYwuJkFra6E09xcJY3lkTB0e3r966D+0aqTUwzgXKSMItqEqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3QXYTSTk1sCH+Ngb0lXEyaJh93MB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoyER9n3x
RrSouM9FtHQYqk4jAQ30FJ7nsb4myZjW+86muyyaFkh39l4RmhgQirC+dM7PuwzE
RwKRr0RT/uL0TKkSqSiXw0nVSPSKD/SMrPhROoX4sDgm3rN2YAlbGHdnlyB6TuBw
aWDsvTXuh6U184wdACjeE1kgdXyykgQp6re+OQQ6vpIWLXPeWRxGVbLaFaa/Qy4s
snSLfdQe4WAW60VqYatY+0SbykLnEK5VJrrBJAz/zo2Gk3EJCyUb6J5PgEeW///X
IuLjWKy6TbtZDhZu1EIzvtabzbFZK3ZjaXsCVStLnQ4rrDcOznSfgffkzenBxIF4
Lxk7IrnwrLS2eA==
-----END CERTIFICATE-----