Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File:                     2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier:          //RlhlTN1Or6HApA6RIb+W32PkVdJ6hPb80MZaF9rVA=
Subject key identifier:   83:AE:65:76:AA:12:D8:BD:AB:15:3F:B4:E1:1C:0A:9E:DA:BE:8B:FD
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer:       /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial:       019CAA5934AE93F2C71D1A6FBB6641D7766C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number:          064F
Signing time:             Sun 01 Mar 2026 17:01:38 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:38 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:38 +0000
Files and hashes:         1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: 4aSV5h0t7qGFKtutlrrFaRFIiT7dqiVlR4UfIRVVwEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:59:34:ae:93:f2:c7:1d:1a:6f:bb:66:41:d7:76:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
        Validity
            Not Before: Mar  1 17:01:38 2026 GMT
            Not After : Mar  2 17:01:38 2026 GMT
        Subject: CN=83ae6576aa12d8bdab153fb4e11c0a9edabe8bfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:17:05:4b:3f:9a:8f:49:33:34:26:31:2e:cc:
                    d9:87:93:76:d7:ce:68:64:d1:cb:1e:75:19:6d:aa:
                    cf:6d:a6:4f:7b:fd:c2:81:20:01:fd:3d:36:a3:59:
                    1f:50:61:a7:0a:dd:a4:10:3b:b6:9e:19:cb:6a:fe:
                    47:df:85:56:93:fc:de:74:4a:3b:00:7d:70:b1:cb:
                    98:82:68:c5:ab:da:55:f1:f6:25:b9:2b:b2:bc:59:
                    2c:59:2f:26:c0:9e:c4:51:2d:b4:0f:10:b0:dc:46:
                    d5:98:94:d1:b5:63:76:29:77:8f:f7:69:0a:d1:27:
                    49:74:77:65:40:c3:14:1f:65:73:9c:de:ac:2e:b1:
                    54:1d:f4:59:4d:3e:d4:8b:96:62:e0:81:d0:4b:29:
                    2f:aa:27:1d:9f:56:db:ae:ef:36:c9:32:6c:12:8f:
                    d0:f2:bc:38:85:ba:19:fd:c0:46:e2:08:ea:e5:e9:
                    4a:78:4b:7d:cc:54:aa:2e:48:19:3f:89:14:a9:ad:
                    a0:98:c4:dc:2d:12:47:bb:6f:10:fb:88:f9:39:17:
                    76:4b:f2:86:65:b6:53:bc:30:0a:57:be:1a:d8:9d:
                    ea:7d:9b:22:a0:d3:58:65:8f:1f:d6:f8:64:0d:98:
                    a4:18:8e:da:02:0b:07:fb:b6:5c:32:84:32:24:ff:
                    30:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:AE:65:76:AA:12:D8:BD:AB:15:3F:B4:E1:1C:0A:9E:DA:BE:8B:FD
            X509v3 Authority Key Identifier:
                keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:62:be:b4:12:61:27:75:e6:07:15:75:6d:e5:ff:4d:3f:e2:
         87:fb:7f:d4:e4:72:d9:66:e6:ab:d2:e6:54:90:c2:5c:be:07:
         b7:85:e0:1d:52:88:68:93:20:a1:a7:7e:6a:16:42:88:f2:b2:
         0f:01:7c:bd:bd:03:10:aa:d2:43:67:74:bf:bb:ed:3d:00:01:
         b8:ce:9a:5d:ce:4f:86:95:eb:5a:9e:f3:6c:85:a2:cc:4a:33:
         09:69:6c:0f:df:6c:ce:7a:5f:04:b6:a0:e6:e5:c5:95:08:52:
         3b:74:c6:fd:71:77:9d:bc:e4:1c:85:1a:f7:88:65:b8:6a:f1:
         d2:98:45:1e:8f:b6:66:df:cf:b0:cc:12:b8:b3:78:1e:18:f6:
         92:61:ba:96:08:c5:30:51:ec:ff:f3:8a:dc:78:13:6b:a9:25:
         15:96:72:0e:f6:4f:6c:57:69:5d:05:21:32:9f:cd:93:68:70:
         d4:bc:ce:86:e1:c2:17:93:60:67:e6:b8:30:af:bf:55:1a:ba:
         e7:4d:7a:5e:c4:cc:9c:6a:10:3f:18:9c:75:9e:b8:f5:57:f6:
         54:7e:c4:cd:7b:1e:58:b2:25:bb:eb:5c:71:71:50:7b:c0:e2:
         0e:c6:04:1c:dc:12:48:8f:62:eb:b1:2a:c7:df:f8:46:d3:e2:
         aa:ba:6a:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWTSuk/LHHRpvu2ZB13ZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjYwMzAxMTcwMTM4WhcNMjYwMzAyMTcwMTM4WjAzMTEwLwYDVQQD
Eyg4M2FlNjU3NmFhMTJkOGJkYWIxNTNmYjRlMTFjMGE5ZWRhYmU4YmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRcFSz+aj0kzNCYxLszZh5N2185o
ZNHLHnUZbarPbaZPe/3CgSAB/T02o1kfUGGnCt2kEDu2nhnLav5H34VWk/zedEo7
AH1wscuYgmjFq9pV8fYluSuyvFksWS8mwJ7EUS20DxCw3EbVmJTRtWN2KXeP92kK
0SdJdHdlQMMUH2VznN6sLrFUHfRZTT7Ui5Zi4IHQSykvqicdn1bbru82yTJsEo/Q
8rw4hboZ/cBG4gjq5elKeEt9zFSqLkgZP4kUqa2gmMTcLRJHu28Q+4j5ORd2S/KG
ZbZTvDAKV74a2J3qfZsioNNYZY8f1vhkDZikGI7aAgsH+7ZcMoQyJP8w8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOuZXaqEti9qxU/tOEcCp7avov9MB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmGK+tBJh
J3XmBxV1beX/TT/ih/t/1ORy2Wbmq9LmVJDCXL4Ht4XgHVKIaJMgoad+ahZCiPKy
DwF8vb0DEKrSQ2d0v7vtPQABuM6aXc5PhpXrWp7zbIWizEozCWlsD99sznpfBLag
5uXFlQhSO3TG/XF3nbzkHIUa94hluGrx0phFHo+2Zt/PsMwSuLN4Hhj2kmG6lgjF
MFHs//OK3HgTa6klFZZyDvZPbFdpXQUhMp/Nk2hw1LzOhuHCF5NgZ+a4MK+/VRq6
5016XsTMnGoQPxicdZ649Vf2VH7EzXseWLIlu+tccXFQe8DiDsYEHNwSSI9i67Eq
x9/4RtPiqrpqXA==
-----END CERTIFICATE-----