Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          /qcc2rhGoQANxhehp3qgQ6AKmpnehdoKQkH2HkZoigs=
Subject key identifier:   88:FA:01:7A:8C:A5:62:F4:37:2D:02:65:FF:63:4C:9C:2B:52:4A:E0
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       019EBEB64AB2394E10D1AD60353F0A8716D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          1061
Signing time:             Sat 13 Jun 2026 02:01:18 +0000
Manifest this update:     Sat 13 Jun 2026 02:01:18 +0000
Manifest next update:     Sun 14 Jun 2026 02:01:18 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: vqa1LdZnlnrs5DBodfOktaOWLr0gtBfC1xywuJ8Nc3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:b6:4a:b2:39:4e:10:d1:ad:60:35:3f:0a:87:16:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: Jun 13 02:01:18 2026 GMT
            Not After : Jun 14 02:01:18 2026 GMT
        Subject: CN=88fa017a8ca562f4372d0265ff634c9c2b524ae0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:65:93:ba:41:d7:a6:94:43:fd:67:39:16:fa:
                    1b:19:41:b7:42:57:7c:fb:71:28:81:c0:9a:7c:4a:
                    c0:24:fc:00:fc:01:87:f5:01:8b:1e:6e:e0:43:10:
                    45:80:f3:3b:17:b0:9b:5d:d5:a3:fd:be:a6:ad:ed:
                    5b:c3:46:07:67:e6:4c:d6:78:51:da:6d:a5:28:84:
                    a5:08:b9:b5:59:04:f1:b4:fb:cc:ac:13:62:ff:c0:
                    0d:1b:5d:2e:dd:1d:67:a8:ca:22:d8:87:be:db:df:
                    b1:c9:5c:68:e6:a7:1c:43:e8:c9:e0:0c:6f:dd:95:
                    6d:17:c7:fb:ed:d3:95:87:ce:e1:b1:0b:fe:5e:b3:
                    60:21:ec:03:e3:3e:de:76:ee:b6:dc:98:3a:55:8d:
                    30:41:85:cd:42:c5:20:2b:33:9b:cd:28:25:4b:9d:
                    cf:57:e3:b1:bb:3b:70:10:5a:87:69:fd:67:e2:b4:
                    7f:ec:22:76:c8:06:b5:be:82:6f:d4:fc:73:24:73:
                    62:ff:60:7f:6f:e7:26:65:5f:11:d8:58:51:60:b5:
                    8b:61:13:24:bb:95:3f:11:51:e8:f7:1e:eb:dd:83:
                    e8:f1:b5:98:2c:ac:6a:68:bf:01:69:c3:14:b8:45:
                    0b:36:15:e5:69:a7:34:15:4c:b2:e4:eb:a6:4b:f8:
                    cc:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:FA:01:7A:8C:A5:62:F4:37:2D:02:65:FF:63:4C:9C:2B:52:4A:E0
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:e7:b7:59:7a:2b:b7:cc:10:49:55:8b:8b:35:84:3f:1d:c9:
         3c:0f:66:61:fc:dc:47:32:1b:0b:86:e8:b2:7a:c6:db:fb:ed:
         48:34:d1:de:56:71:55:a3:64:a3:63:b0:96:b8:78:10:6e:ba:
         5e:d2:f4:f1:6c:89:4b:d1:62:57:ed:ff:ce:2e:71:65:ff:2a:
         5f:58:a2:ff:8c:85:91:03:29:67:a9:83:89:45:c6:04:cc:f9:
         18:52:01:6e:77:89:1d:44:dd:9a:70:ce:1d:8e:00:8e:c2:d0:
         31:f0:64:ee:0b:eb:6e:13:3f:81:23:aa:48:20:e8:00:d8:51:
         fe:33:eb:b5:4c:0d:de:eb:d0:07:63:b8:59:28:8e:83:aa:67:
         25:b8:af:63:2b:39:ee:74:40:36:d1:95:e2:97:f7:41:40:b3:
         e3:26:7e:42:c7:d3:2a:48:f2:ca:20:0d:5b:44:f9:89:01:cf:
         0b:fc:90:6e:20:a3:6d:a0:71:2c:1e:40:a1:3e:d8:8e:48:bc:
         ba:2e:38:9c:7f:81:5b:39:d3:11:5f:61:ed:c3:a5:e7:04:d4:
         34:bc:20:c6:cd:71:ab:b6:3e:bb:d7:d1:52:25:f4:8b:f6:ba:
         53:4a:10:a7:78:9a:02:ae:64:ce:b2:30:e8:f7:f0:11:0d:0d:
         f4:15:5c:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+tkqyOU4Q0a1gNT8KhxbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjYwNjEzMDIwMTE4WhcNMjYwNjE0MDIwMTE4WjAzMTEwLwYDVQQD
Eyg4OGZhMDE3YThjYTU2MmY0MzcyZDAyNjVmZjYzNGM5YzJiNTI0YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWWTukHXppRD/Wc5FvobGUG3Qld8
+3EogcCafErAJPwA/AGH9QGLHm7gQxBFgPM7F7CbXdWj/b6mre1bw0YHZ+ZM1nhR
2m2lKISlCLm1WQTxtPvMrBNi/8ANG10u3R1nqMoi2Ie+29+xyVxo5qccQ+jJ4Axv
3ZVtF8f77dOVh87hsQv+XrNgIewD4z7edu623Jg6VY0wQYXNQsUgKzObzSglS53P
V+OxuztwEFqHaf1n4rR/7CJ2yAa1voJv1PxzJHNi/2B/b+cmZV8R2FhRYLWLYRMk
u5U/EVHo9x7r3YPo8bWYLKxqaL8BacMUuEULNhXlaac0FUyy5OumS/jMMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIj6AXqMpWL0Ny0CZf9jTJwrUkrgMB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACOe3WXor
t8wQSVWLizWEPx3JPA9mYfzcRzIbC4bosnrG2/vtSDTR3lZxVaNko2Owlrh4EG66
XtL08WyJS9FiV+3/zi5xZf8qX1ii/4yFkQMpZ6mDiUXGBMz5GFIBbneJHUTdmnDO
HY4AjsLQMfBk7gvrbhM/gSOqSCDoANhR/jPrtUwN3uvQB2O4WSiOg6pnJbivYys5
7nRANtGV4pf3QUCz4yZ+QsfTKkjyyiANW0T5iQHPC/yQbiCjbaBxLB5AoT7Yjki8
ui44nH+BWznTEV9h7cOl5wTUNLwgxs1xq7Y+u9fRUiX0i/a6U0oQp3iaAq5kzrIw
6PfwEQ0N9BVcpw==
-----END CERTIFICATE-----