Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
File:                     2ggpHPxyjQF2DsQngQlqxrTHSl0.mft (raw, json)
Hash identifier:          2z4LLYb/zI3ZCmy4Xc/WYXwL7WCTfVVXLzx0V4jptBI=
Subject key identifier:   A9:67:03:0D:F5:5C:DA:77:54:FC:9B:8A:57:AC:DB:53:A3:FB:D0:CE
Authority key identifier: DA:08:29:1C:FC:72:8D:01:76:0E:C4:27:81:09:6A:C6:B4:C7:4A:5D
Certificate issuer:       /CN=da08291cfc728d01760ec42781096ac6b4c74a5d
Certificate serial:       019D9AE2765E9ABC09D91D8B0B3E3B2235B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 10:00:25 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:25 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:25 +0000
Files and hashes:         1: 2ggpHPxyjQF2DsQngQlqxrTHSl0.crl (hash: RLB32FiFvNDI9ugLSoihH7Q4+BN0VGTNeU8Q0lHEwyI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:76:5e:9a:bc:09:d9:1d:8b:0b:3e:3b:22:35:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da08291cfc728d01760ec42781096ac6b4c74a5d
        Validity
            Not Before: Apr 17 10:00:25 2026 GMT
            Not After : Apr 18 10:00:25 2026 GMT
        Subject: CN=a967030df55cda7754fc9b8a57acdb53a3fbd0ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:9d:c4:1d:d5:e4:3a:eb:0a:4c:a4:96:bb:7e:
                    65:22:f3:17:ab:7f:83:82:cb:8d:35:b6:3b:22:29:
                    9d:01:e5:02:e9:b7:be:cd:b0:c2:e6:f2:c8:a4:06:
                    04:fa:e6:44:4e:15:65:be:77:d7:77:ff:ee:c0:c4:
                    83:1d:82:3c:43:d0:1d:8c:55:54:08:f5:3c:77:05:
                    6e:b1:43:4e:86:31:00:8c:d0:ab:62:5c:a9:b2:f8:
                    4a:95:b3:0a:57:03:70:dd:98:96:52:b6:fb:47:60:
                    34:a4:08:23:aa:d5:b7:d4:a0:21:86:24:b3:e8:f2:
                    f0:3f:a9:18:2b:73:89:e3:7f:c9:f2:75:95:0f:b3:
                    db:d2:4e:45:11:63:c2:c5:d4:c7:b5:a0:6c:a5:74:
                    5c:a5:5c:ad:31:c7:95:7c:f7:30:3c:4a:6f:df:ac:
                    1c:b0:50:aa:12:38:95:1c:f1:ee:9c:26:f0:5d:01:
                    60:60:e2:a2:c7:c4:fc:b5:ed:b3:10:45:61:b7:4e:
                    f8:31:6f:aa:47:a6:b9:48:c6:80:87:98:ae:75:fe:
                    d7:0d:ea:72:0c:33:4f:ec:6a:e1:50:bb:b2:5f:ce:
                    50:55:70:54:68:9d:83:57:eb:e3:b7:f7:cf:79:4a:
                    4e:58:3c:65:98:73:81:b1:ce:e6:96:0d:f4:d7:7e:
                    c0:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:67:03:0D:F5:5C:DA:77:54:FC:9B:8A:57:AC:DB:53:A3:FB:D0:CE
            X509v3 Authority Key Identifier:
                keyid:DA:08:29:1C:FC:72:8D:01:76:0E:C4:27:81:09:6A:C6:B4:C7:4A:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:72:3a:ff:11:c0:86:af:9c:11:1c:c7:af:b4:f7:9f:6e:4e:
         d1:37:d7:c1:55:40:c5:ad:87:74:47:62:72:45:96:b1:84:0e:
         e3:97:41:d9:a1:00:80:13:a9:cd:a9:24:b9:81:16:12:3c:dd:
         b6:c4:60:6d:7a:0c:ee:86:e9:0a:b1:eb:f5:a4:f9:dd:9a:94:
         93:c9:b0:57:c4:ce:82:1f:3c:24:be:8f:a6:5b:fd:1e:85:62:
         e6:75:09:b2:27:7e:6c:6e:5b:1e:e8:96:80:fd:68:7f:cd:ff:
         36:9f:e8:38:e9:f4:cc:17:96:b0:7f:0a:85:44:04:6d:74:a6:
         b0:7e:43:1c:d4:9b:a3:c1:d7:2b:be:43:1d:4b:a6:61:fa:3a:
         c7:51:be:f8:42:7e:b4:2c:56:1f:c5:3b:dd:64:3d:67:f5:b5:
         94:4b:71:5e:4e:21:f3:e5:6c:ae:ec:56:cf:b5:ff:ee:70:3c:
         bd:83:58:f5:46:24:a1:a2:55:1b:6d:07:88:5c:1e:c9:f4:31:
         9f:c1:c2:bb:56:0d:56:ff:8f:ce:36:c7:c3:35:b9:3a:03:0a:
         24:58:f1:41:fe:9f:9f:49:81:01:51:ff:6f:34:55:c3:f1:31:
         82:c2:0d:b0:6c:8d:4d:94:77:d2:d0:31:22:27:e0:e0:7c:1e:
         cf:4b:2b:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4nZemrwJ2R2LCz47IjW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDgyOTFjZmM3MjhkMDE3NjBlYzQyNzgxMDk2YWM2YjRj
NzRhNWQwHhcNMjYwNDE3MTAwMDI1WhcNMjYwNDE4MTAwMDI1WjAzMTEwLwYDVQQD
EyhhOTY3MDMwZGY1NWNkYTc3NTRmYzliOGE1N2FjZGI1M2EzZmJkMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ3EHdXkOusKTKSWu35lIvMXq3+D
gsuNNbY7IimdAeUC6be+zbDC5vLIpAYE+uZEThVlvnfXd//uwMSDHYI8Q9AdjFVU
CPU8dwVusUNOhjEAjNCrYlypsvhKlbMKVwNw3ZiWUrb7R2A0pAgjqtW31KAhhiSz
6PLwP6kYK3OJ43/J8nWVD7Pb0k5FEWPCxdTHtaBspXRcpVytMceVfPcwPEpv36wc
sFCqEjiVHPHunCbwXQFgYOKix8T8te2zEEVht074MW+qR6a5SMaAh5iudf7XDepy
DDNP7GrhULuyX85QVXBUaJ2DV+vjt/fPeUpOWDxlmHOBsc7mlg30137AswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlnAw31XNp3VPybiles21Oj+9DOMB8GA1UdIwQY
MBaAFNoIKRz8co0Bdg7EJ4EJasa0x0pdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80NGRhYzAtMTY3YS00OTkzLWI5YTgt
YjA1Y2ZmYjE4N2ZhLzEvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80NGRhYzAtMTY3YS00OTkzLWI5YTgtYjA1Y2ZmYjE4N2Zh
LzEvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3I6/xHA
hq+cERzHr7T3n25O0TfXwVVAxa2HdEdickWWsYQO45dB2aEAgBOpzakkuYEWEjzd
tsRgbXoM7obpCrHr9aT53ZqUk8mwV8TOgh88JL6Pplv9HoVi5nUJsid+bG5bHuiW
gP1of83/Np/oOOn0zBeWsH8KhUQEbXSmsH5DHNSbo8HXK75DHUumYfo6x1G++EJ+
tCxWH8U73WQ9Z/W1lEtxXk4h8+VsruxWz7X/7nA8vYNY9UYkoaJVG20HiFweyfQx
n8HCu1YNVv+PzjbHwzW5OgMKJFjxQf6fn0mBAVH/bzRVw/ExgsINsGyNTZR30tAx
Iifg4Hwez0srZQ==
-----END CERTIFICATE-----