Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          bP6yGXB/o5CmnPEy3N6ll7TG79YSQpE9PImuAeuxhfc=
Subject key identifier:   74:DD:0F:2B:90:DC:D4:5C:32:B6:C2:1E:E3:1D:56:A9:CF:5F:42:B9
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       019D38D37CAF749E46E91EAF183F8C64E885
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0D1D
Signing time:             Sun 29 Mar 2026 09:01:17 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:17 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:17 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: ArgPV3L+xKyNTQCr/vqDUIphlepc8w+yE/n8PHnzr8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:7c:af:74:9e:46:e9:1e:af:18:3f:8c:64:e8:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Mar 29 09:01:17 2026 GMT
            Not After : Mar 30 09:01:17 2026 GMT
        Subject: CN=74dd0f2b90dcd45c32b6c21ee31d56a9cf5f42b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:d1:81:1a:9d:6f:8b:20:76:ff:f3:36:66:74:
                    35:26:58:5e:e2:d0:f6:e4:bf:e5:ea:74:c5:3e:37:
                    dd:d0:f8:13:8b:65:3b:05:c4:cb:25:2a:a7:b9:53:
                    86:ed:86:9d:d6:22:ab:4c:14:96:c1:24:dc:18:df:
                    44:96:cd:a5:4d:8f:4e:82:36:73:41:72:bd:70:96:
                    de:1e:2c:05:d6:6b:07:1c:3b:2e:a5:4a:74:30:8d:
                    ea:52:31:ed:b6:ff:6a:97:71:1a:91:c1:6d:87:59:
                    6c:3f:29:c2:80:3c:63:a1:bf:5a:f9:49:fb:71:72:
                    d9:c6:1f:75:b0:22:1e:ad:f0:a6:5c:35:4d:d4:46:
                    71:2d:f8:4e:e8:26:29:7e:23:57:c4:b4:60:8b:9d:
                    b1:cd:3a:bf:ee:a9:7e:79:f3:7a:be:cb:37:bb:2e:
                    35:21:5a:79:1e:b1:45:a8:d6:67:09:4b:12:7d:b7:
                    bf:c9:22:23:e0:ea:5c:09:21:52:b3:92:48:15:0b:
                    9d:2c:4c:bc:5e:c1:0d:3d:f7:59:d4:a8:36:23:6e:
                    ff:33:1d:2a:f6:0b:f7:91:6f:83:ab:65:a4:89:a4:
                    44:f1:49:4e:a9:98:52:90:e3:34:56:f0:ae:89:7e:
                    42:b9:ad:ab:2e:fd:ac:51:d3:1b:c4:9e:76:82:35:
                    3a:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:DD:0F:2B:90:DC:D4:5C:32:B6:C2:1E:E3:1D:56:A9:CF:5F:42:B9
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:50:a6:05:10:36:79:f6:78:c4:69:80:2c:32:71:3c:84:7a:
         20:78:66:ee:cd:db:d7:27:74:49:e3:35:a8:4a:f2:fa:1a:53:
         06:56:52:7c:82:e1:5f:ce:5c:48:e8:e4:c5:c7:52:fa:c2:d8:
         30:f4:3a:da:ad:af:4b:e9:83:3a:19:6d:70:43:a0:7b:95:73:
         54:99:a9:21:a1:9f:21:65:3d:b2:17:fb:7b:cb:6a:ed:7a:ad:
         6b:1d:e9:1f:32:a8:f6:d6:7a:68:91:43:29:d6:0f:df:e6:34:
         21:91:cc:44:50:2d:f8:ff:b8:c3:c3:c8:d9:28:e6:a6:19:4f:
         bf:c5:3b:2d:15:bd:32:60:0a:a9:f3:5a:1b:c9:12:40:35:10:
         b9:d8:86:33:ce:31:e2:99:74:c5:ce:a0:80:a5:37:fa:bb:0c:
         61:4c:6b:39:36:de:ca:76:95:b9:df:97:1a:2c:d0:6e:40:38:
         29:82:f3:99:0c:b2:ee:cf:1c:ac:8d:ff:34:d6:c0:0f:b7:4c:
         9b:61:ad:ae:33:52:34:f2:3e:20:21:98:ce:c4:e3:4a:da:50:
         89:c8:0c:e9:1b:68:78:f2:8a:13:ef:fa:dd:55:38:7e:c5:f9:
         eb:93:04:a6:5e:1c:1b:36:76:11:23:42:1f:9c:04:38:69:9e:
         8f:4b:0b:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0403yvdJ5G6R6vGD+MZOiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjYwMzI5MDkwMTE3WhcNMjYwMzMwMDkwMTE3WjAzMTEwLwYDVQQD
Eyg3NGRkMGYyYjkwZGNkNDVjMzJiNmMyMWVlMzFkNTZhOWNmNWY0MmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNGBGp1viyB2//M2ZnQ1Jlhe4tD2
5L/l6nTFPjfd0PgTi2U7BcTLJSqnuVOG7Yad1iKrTBSWwSTcGN9Els2lTY9OgjZz
QXK9cJbeHiwF1msHHDsupUp0MI3qUjHttv9ql3EakcFth1lsPynCgDxjob9a+Un7
cXLZxh91sCIerfCmXDVN1EZxLfhO6CYpfiNXxLRgi52xzTq/7ql+efN6vss3uy41
IVp5HrFFqNZnCUsSfbe/ySIj4OpcCSFSs5JIFQudLEy8XsENPfdZ1Kg2I27/Mx0q
9gv3kW+Dq2WkiaRE8UlOqZhSkOM0VvCuiX5Cua2rLv2sUdMbxJ52gjU6fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTdDyuQ3NRcMrbCHuMdVqnPX0K5MB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdFCmBRA2
efZ4xGmALDJxPIR6IHhm7s3b1yd0SeM1qEry+hpTBlZSfILhX85cSOjkxcdS+sLY
MPQ62q2vS+mDOhltcEOge5VzVJmpIaGfIWU9shf7e8tq7Xqtax3pHzKo9tZ6aJFD
KdYP3+Y0IZHMRFAt+P+4w8PI2SjmphlPv8U7LRW9MmAKqfNaG8kSQDUQudiGM84x
4pl0xc6ggKU3+rsMYUxrOTbeynaVud+XGizQbkA4KYLzmQyy7s8crI3/NNbAD7dM
m2GtrjNSNPI+ICGYzsTjStpQicgM6RtoePKKE+/63VU4fsX565MEpl4cGzZ2ESNC
H5wEOGmej0sLbQ==
-----END CERTIFICATE-----