Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          aRodm4DVfMQxjjPgODSim11pn0EnGNGE4lPtbZSGQ7A=
Subject key identifier:   1D:AA:E4:31:D5:4A:91:A7:15:89:91:44:3C:7C:CA:72:66:33:22:0B
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       019EC25C30DB11323687FAF949354AE029FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          1856
Signing time:             Sat 13 Jun 2026 19:01:22 +0000
Manifest this update:     Sat 13 Jun 2026 19:01:22 +0000
Manifest next update:     Sun 14 Jun 2026 19:01:22 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: 3igy+gz0sH1p8UFHsO2DxrD3G9A1Yv+WgbboVB/aQ2w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 17:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c2:5c:30:db:11:32:36:87:fa:f9:49:35:4a:e0:29:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Jun 13 19:01:22 2026 GMT
            Not After : Jun 14 19:01:22 2026 GMT
        Subject: CN=1daae431d54a91a7158991443c7cca726633220b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:23:35:e8:56:40:9a:31:dd:2b:ac:62:fa:eb:
                    6a:ba:4d:7b:92:67:b3:73:77:1f:9b:09:13:bf:bd:
                    6f:28:4a:8c:70:88:ce:b7:bc:ac:18:35:be:1d:04:
                    73:44:f0:c9:38:aa:69:96:8f:41:28:1e:a7:b0:33:
                    f0:e9:bd:ef:94:48:a5:12:36:4e:77:53:08:63:19:
                    08:16:ac:f1:78:c7:62:dc:26:39:93:2b:11:86:5f:
                    b2:39:8f:a5:bf:af:be:7f:7b:83:50:6b:ef:8d:1a:
                    32:46:66:75:a1:16:7b:0d:f8:3c:d0:0d:f4:25:2d:
                    86:13:eb:70:37:67:f5:cb:78:c8:0a:ba:91:58:47:
                    f4:d8:fb:92:5d:7e:11:48:6b:6b:b0:bd:ce:56:67:
                    58:2e:63:5f:fc:de:1a:3c:1a:c1:7d:c2:67:63:2d:
                    f0:da:13:f1:05:da:83:8b:b6:4a:ea:24:88:11:7d:
                    7d:c9:66:b1:67:4f:78:7c:af:95:48:dc:b7:a5:79:
                    e5:b4:5c:4e:a1:87:70:31:7a:92:f1:21:62:28:a8:
                    9f:21:8b:19:ef:3e:cc:e7:3b:e2:e4:89:8f:a5:82:
                    d8:f2:63:56:ed:09:b5:f0:c4:9f:0e:53:e5:3e:65:
                    77:29:a6:7f:d8:a0:51:dc:8c:99:8b:0a:64:22:54:
                    22:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:AA:E4:31:D5:4A:91:A7:15:89:91:44:3C:7C:CA:72:66:33:22:0B
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:7f:86:87:df:10:06:bd:52:82:14:64:1c:93:13:d3:cf:09:
         5d:0f:d3:8e:54:c6:8c:5c:ef:f2:51:7c:fc:f7:d6:6f:fa:b1:
         8e:8b:c9:02:ac:77:de:0f:18:8d:e2:15:93:dc:af:fc:03:30:
         4f:93:3d:20:42:b8:d0:84:da:d1:35:d6:42:62:ab:73:cd:c7:
         ef:a1:7c:40:18:e4:6a:f0:fe:55:15:a1:57:41:c5:76:ba:2e:
         21:f7:54:68:96:1a:30:00:3f:1c:9d:d5:9c:7f:62:19:b4:63:
         8a:52:a2:22:79:c6:55:45:e0:72:06:6b:4c:1a:90:b9:b5:55:
         22:37:32:c3:78:64:76:0b:2f:18:c3:9d:13:03:34:04:85:8a:
         fd:28:60:18:4f:4d:ca:d9:5b:fc:8b:d3:42:ee:1a:12:03:93:
         0b:fc:fc:68:e2:69:14:94:12:8d:44:7f:4b:25:2a:35:41:94:
         6b:55:1a:02:cd:81:24:c5:f9:9f:0a:ef:18:1b:b6:94:8a:46:
         22:24:69:ef:0d:cf:5c:89:40:23:03:9f:7b:f0:3e:b0:66:19:
         1b:47:8c:ef:33:92:40:a2:c5:ed:69:d4:61:13:f7:87:f6:ae:
         5f:ca:66:68:c0:85:8b:12:a7:35:cf:26:6c:ee:13:85:40:a6:
         44:31:7a:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7CXDDbETI2h/r5STVK4Cn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjYwNjEzMTkwMTIyWhcNMjYwNjE0MTkwMTIyWjAzMTEwLwYDVQQD
EygxZGFhZTQzMWQ1NGE5MWE3MTU4OTkxNDQzYzdjY2E3MjY2MzMyMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSM16FZAmjHdK6xi+utquk17kmez
c3cfmwkTv71vKEqMcIjOt7ysGDW+HQRzRPDJOKpplo9BKB6nsDPw6b3vlEilEjZO
d1MIYxkIFqzxeMdi3CY5kysRhl+yOY+lv6++f3uDUGvvjRoyRmZ1oRZ7Dfg80A30
JS2GE+twN2f1y3jICrqRWEf02PuSXX4RSGtrsL3OVmdYLmNf/N4aPBrBfcJnYy3w
2hPxBdqDi7ZK6iSIEX19yWaxZ094fK+VSNy3pXnltFxOoYdwMXqS8SFiKKifIYsZ
7z7M5zvi5ImPpYLY8mNW7Qm18MSfDlPlPmV3KaZ/2KBR3IyZiwpkIlQifQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2q5DHVSpGnFYmRRDx8ynJmMyILMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3+Gh98Q
Br1SghRkHJMT088JXQ/TjlTGjFzv8lF8/PfWb/qxjovJAqx33g8YjeIVk9yv/AMw
T5M9IEK40ITa0TXWQmKrc83H76F8QBjkavD+VRWhV0HFdrouIfdUaJYaMAA/HJ3V
nH9iGbRjilKiInnGVUXgcgZrTBqQubVVIjcyw3hkdgsvGMOdEwM0BIWK/ShgGE9N
ytlb/IvTQu4aEgOTC/z8aOJpFJQSjUR/SyUqNUGUa1UaAs2BJMX5nwrvGBu2lIpG
IiRp7w3PXIlAIwOfe/A+sGYZG0eM7zOSQKLF7WnUYRP3h/auX8pmaMCFixKnNc8m
bO4ThUCmRDF6dA==
-----END CERTIFICATE-----