Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File:                     2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier:          M+dddXZ3yF6LKqT7cVjc8s7nEI0NtCK7MoUS4wL9G5Y=
Subject key identifier:   95:E3:D7:37:69:03:BE:30:6C:CC:DD:8E:2B:3A:CA:95:00:7D:D6:94
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer:       /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial:       019EBF5A135E3EC8DB63FF0AA201CDB2487D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number:          0763
Signing time:             Sat 13 Jun 2026 05:00:11 +0000
Manifest this update:     Sat 13 Jun 2026 05:00:11 +0000
Manifest next update:     Sun 14 Jun 2026 05:00:11 +0000
Files and hashes:         1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: NJ8YTEcK8aXBrD+rgrnwQzl84HWFiFUSipYTgcppDmA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 05:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:5a:13:5e:3e:c8:db:63:ff:0a:a2:01:cd:b2:48:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
        Validity
            Not Before: Jun 13 05:00:11 2026 GMT
            Not After : Jun 14 05:00:11 2026 GMT
        Subject: CN=95e3d7376903be306cccdd8e2b3aca95007dd694
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:73:9c:d1:53:fc:94:57:b2:87:53:73:af:f5:
                    bc:de:d8:34:ec:2f:08:c8:98:7b:df:50:35:d1:ba:
                    1b:74:4e:d5:26:6c:e5:37:87:9a:f4:7e:9d:18:a0:
                    fb:0f:91:4c:6a:63:bf:a7:a2:cd:0f:e9:e9:aa:89:
                    99:d2:7b:47:8b:68:20:e2:ed:49:e3:d7:5e:37:a4:
                    ed:f1:99:cc:e4:54:cb:0f:c3:2c:18:3b:6c:1d:3c:
                    11:43:d7:5c:06:92:20:07:c3:c3:c1:a1:05:af:66:
                    a5:72:28:09:c8:56:61:7b:42:1a:0c:c5:10:35:8a:
                    c9:c6:65:ed:2f:6d:8b:4f:da:d9:77:e4:cf:b1:b3:
                    78:ef:47:4d:b3:fa:77:32:0d:06:a9:a4:0a:83:62:
                    35:28:3a:1c:ab:cc:ec:a4:bb:43:b4:82:a1:79:1d:
                    69:14:cf:9a:d3:48:a7:57:ef:e9:fd:b8:5f:76:3a:
                    45:26:e3:02:24:69:8d:fc:ba:20:55:18:65:09:8b:
                    54:6d:2f:8e:fb:50:bc:53:d3:cb:dc:03:b7:96:18:
                    73:d9:ed:e0:45:aa:6f:82:dd:9e:3a:b1:e9:6d:96:
                    64:2c:7c:06:07:c1:01:c4:1b:e7:30:b2:28:d7:2d:
                    bb:c2:ac:97:6c:a9:34:0a:c4:60:9f:d1:38:4a:76:
                    46:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:E3:D7:37:69:03:BE:30:6C:CC:DD:8E:2B:3A:CA:95:00:7D:D6:94
            X509v3 Authority Key Identifier:
                keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:8d:58:10:2a:67:aa:9f:52:4a:8d:44:45:0b:1f:41:ae:cf:
         b7:06:06:e2:f7:ae:79:5f:19:f7:2e:cd:c0:19:12:dc:49:92:
         a9:5f:fc:48:82:3a:f4:90:d7:e2:52:31:94:02:04:c5:5f:40:
         38:cf:91:81:26:16:f0:33:5b:30:48:85:0e:f9:67:37:4c:94:
         b1:9a:48:6b:5b:e9:fd:05:66:ba:34:9e:a5:5a:08:04:18:9d:
         56:f1:73:b1:74:53:36:2c:67:cc:75:19:4c:b5:ef:dd:79:6d:
         75:12:81:f7:d6:ff:3a:45:c3:62:c1:d2:af:a6:6d:a3:47:ca:
         54:08:2f:78:6c:e8:ea:a6:db:b0:6b:b1:7d:45:5c:81:a0:b2:
         60:ca:35:1a:f2:e3:f0:d8:cf:55:51:39:ea:e4:e1:54:64:59:
         30:d3:52:3b:19:f7:0c:1c:d6:fa:cc:b8:24:fd:4c:99:46:7c:
         96:62:f1:e9:bb:e8:95:5b:88:0f:05:f3:50:f8:49:18:10:9c:
         c2:dc:a4:fa:11:ed:53:af:0e:07:19:86:f0:f7:8b:98:18:a1:
         0d:de:fc:3e:cd:a5:67:92:bd:60:0f:b0:de:2c:d4:1a:11:04:
         06:4e:5c:fe:6a:04:bb:6c:a1:f8:73:17:2d:0e:2b:a0:48:5b:
         58:f7:21:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/WhNePsjbY/8KogHNskh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjYwNjEzMDUwMDExWhcNMjYwNjE0MDUwMDExWjAzMTEwLwYDVQQD
Eyg5NWUzZDczNzY5MDNiZTMwNmNjY2RkOGUyYjNhY2E5NTAwN2RkNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknOc0VP8lFeyh1Nzr/W83tg07C8I
yJh731A10bobdE7VJmzlN4ea9H6dGKD7D5FMamO/p6LND+npqomZ0ntHi2gg4u1J
49deN6Tt8ZnM5FTLD8MsGDtsHTwRQ9dcBpIgB8PDwaEFr2alcigJyFZhe0IaDMUQ
NYrJxmXtL22LT9rZd+TPsbN470dNs/p3Mg0GqaQKg2I1KDocq8zspLtDtIKheR1p
FM+a00inV+/p/bhfdjpFJuMCJGmN/LogVRhlCYtUbS+O+1C8U9PL3AO3lhhz2e3g
Rapvgt2eOrHpbZZkLHwGB8EBxBvnMLIo1y27wqyXbKk0CsRgn9E4SnZGVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXj1zdpA74wbMzdjis6ypUAfdaUMB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkY1YECpn
qp9SSo1ERQsfQa7PtwYG4veueV8Z9y7NwBkS3EmSqV/8SII69JDX4lIxlAIExV9A
OM+RgSYW8DNbMEiFDvlnN0yUsZpIa1vp/QVmujSepVoIBBidVvFzsXRTNixnzHUZ
TLXv3XltdRKB99b/OkXDYsHSr6Zto0fKVAgveGzo6qbbsGuxfUVcgaCyYMo1GvLj
8NjPVVE56uThVGRZMNNSOxn3DBzW+sy4JP1MmUZ8lmLx6bvolVuIDwXzUPhJGBCc
wtyk+hHtU68OBxmG8PeLmBihDd78Ps2lZ5K9YA+w3izUGhEEBk5c/moEu2yh+HMX
LQ4roEhbWPch1w==
-----END CERTIFICATE-----