Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
File:                     GyceKuYih3VSuJ28R016EwWEpI4.mft (raw, json)
Hash identifier:          VQuCjBC7obyAmK9tzQ9i+UZYBrmWdwpSbzyv3RP7eaU=
Subject key identifier:   95:CD:AF:4E:D8:0C:8D:A9:C7:13:C3:49:A0:D2:84:02:09:68:00:01
Authority key identifier: 1B:27:1E:2A:E6:22:87:75:52:B8:9D:BC:47:4D:7A:13:05:84:A4:8E
Certificate issuer:       /CN=1b271e2ae622877552b89dbc474d7a130584a48e
Certificate serial:       019D3941110D64BFA3538F06355F91B309B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
Manifest number:          0C9C
Signing time:             Sun 29 Mar 2026 11:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:58 +0000
Files and hashes:         1: GyceKuYih3VSuJ28R016EwWEpI4.crl (hash: zEemtJDd/L4W3amwBCBhCSHTFvQ8JWYZxAvQn0d/O5E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 11:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:11:0d:64:bf:a3:53:8f:06:35:5f:91:b3:09:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b271e2ae622877552b89dbc474d7a130584a48e
        Validity
            Not Before: Mar 29 11:00:58 2026 GMT
            Not After : Mar 30 11:00:58 2026 GMT
        Subject: CN=95cdaf4ed80c8da9c713c349a0d2840209680001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:0e:e2:a6:93:bc:6f:46:c0:87:4f:7a:08:6f:
                    cd:e4:b8:f5:59:79:95:d8:f7:48:98:62:a2:1b:1b:
                    cf:85:9a:99:c7:90:0a:b0:33:77:6a:ca:54:24:01:
                    8b:c6:53:cb:f6:0c:e0:78:8b:26:10:89:a4:6c:93:
                    bb:92:79:2d:06:96:ce:3f:0a:3f:33:bf:5f:40:18:
                    37:d6:51:7a:e8:73:1f:ec:ed:e3:16:c5:48:bb:22:
                    1f:3d:2a:fa:bc:b7:ef:28:62:2a:b7:7b:1f:60:16:
                    6d:26:9d:21:ec:cc:24:63:59:0b:7e:fb:b6:22:2c:
                    d3:ec:cd:77:16:fd:59:95:e1:34:0c:0f:d1:ae:27:
                    a4:12:b1:9e:fe:3d:17:b3:8c:3b:0a:04:5d:2d:b6:
                    da:97:d2:64:75:6e:45:04:4f:64:b1:2b:15:69:f2:
                    f4:22:a2:82:3e:36:e1:99:6b:0d:99:06:bc:c6:11:
                    5f:30:1f:9d:97:53:cd:a8:31:53:d0:7c:3c:92:40:
                    54:03:d6:93:4b:65:bf:8c:9c:eb:46:35:15:26:b9:
                    ac:39:31:e2:4a:6f:b2:73:64:04:9f:97:81:e0:2d:
                    47:2c:36:76:91:10:77:f3:c7:7b:17:22:da:a8:a7:
                    9e:4f:e8:52:11:7c:3f:08:55:23:21:38:16:0f:ea:
                    9a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:CD:AF:4E:D8:0C:8D:A9:C7:13:C3:49:A0:D2:84:02:09:68:00:01
            X509v3 Authority Key Identifier:
                keyid:1B:27:1E:2A:E6:22:87:75:52:B8:9D:BC:47:4D:7A:13:05:84:A4:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:50:f3:52:ff:d7:9b:40:0a:de:9d:53:40:aa:37:bd:7f:ef:
         e6:37:3a:0f:ad:8e:ba:39:a3:bc:be:fa:06:e3:19:5b:ad:b6:
         01:71:72:ef:1b:0e:db:0c:ec:42:98:ea:62:2f:7f:44:79:85:
         f9:ca:f0:27:cc:7e:96:0a:40:ba:19:29:fe:51:b4:e3:90:8c:
         17:f4:96:62:45:f5:f2:95:31:0b:c6:19:f4:04:d7:4f:67:67:
         e9:cc:67:8f:a6:17:8b:bc:86:59:2b:c4:f9:74:2b:f7:a5:bb:
         9b:f6:9e:fe:b7:c1:95:d6:88:76:0e:8d:f6:d6:bd:15:43:6a:
         03:0c:67:b1:1d:53:31:c6:08:32:31:19:34:6f:f7:33:0c:bc:
         11:41:b2:4d:fd:94:3a:7e:8b:1f:46:c7:6a:47:6b:13:7e:2f:
         2f:60:67:d7:ac:ae:0c:f2:2b:72:18:46:74:a5:46:1f:7f:e0:
         f5:b3:b5:91:48:bb:a8:b5:20:01:a9:5c:c9:de:20:d8:1d:36:
         42:a6:3f:2c:97:38:e7:51:f6:94:db:f0:97:c6:6c:4c:7f:ef:
         b2:e7:31:7b:da:5a:77:a7:b2:49:39:34:02:b9:99:2c:f6:d1:
         00:8a:cd:50:89:0f:a5:9c:57:6a:65:6e:8b:12:9c:42:c6:74:
         21:3c:74:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QRENZL+jU48GNV+RswmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjcxZTJhZTYyMjg3NzU1MmI4OWRiYzQ3NGQ3YTEzMDU4
NGE0OGUwHhcNMjYwMzI5MTEwMDU4WhcNMjYwMzMwMTEwMDU4WjAzMTEwLwYDVQQD
Eyg5NWNkYWY0ZWQ4MGM4ZGE5YzcxM2MzNDlhMGQyODQwMjA5NjgwMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9g7ippO8b0bAh096CG/N5Lj1WXmV
2PdImGKiGxvPhZqZx5AKsDN3aspUJAGLxlPL9gzgeIsmEImkbJO7knktBpbOPwo/
M79fQBg31lF66HMf7O3jFsVIuyIfPSr6vLfvKGIqt3sfYBZtJp0h7MwkY1kLfvu2
IizT7M13Fv1ZleE0DA/RriekErGe/j0Xs4w7CgRdLbbal9JkdW5FBE9ksSsVafL0
IqKCPjbhmWsNmQa8xhFfMB+dl1PNqDFT0Hw8kkBUA9aTS2W/jJzrRjUVJrmsOTHi
Sm+yc2QEn5eB4C1HLDZ2kRB388d7FyLaqKeeT+hSEXw/CFUjITgWD+qaMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXNr07YDI2pxxPDSaDShAIJaAABMB8GA1UdIwQY
MBaAFBsnHirmIod1UridvEdNehMFhKSOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yMGQ2YTgtYzRlMi00N2UzLTkwZGYt
MWM4ZWQzNmQyNTY2LzEvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yMGQ2YTgtYzRlMi00N2UzLTkwZGYtMWM4ZWQzNmQyNTY2
LzEvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeVDzUv/X
m0AK3p1TQKo3vX/v5jc6D62OujmjvL76BuMZW622AXFy7xsO2wzsQpjqYi9/RHmF
+crwJ8x+lgpAuhkp/lG045CMF/SWYkX18pUxC8YZ9ATXT2dn6cxnj6YXi7yGWSvE
+XQr96W7m/ae/rfBldaIdg6N9ta9FUNqAwxnsR1TMcYIMjEZNG/3Mwy8EUGyTf2U
On6LH0bHakdrE34vL2Bn16yuDPIrchhGdKVGH3/g9bO1kUi7qLUgAalcyd4g2B02
QqY/LJc451H2lNvwl8ZsTH/vsucxe9pad6eySTk0ArmZLPbRAIrNUIkPpZxXamVu
ixKcQsZ0ITx0+w==
-----END CERTIFICATE-----