Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.mft
File:                     GpvZxsEozNlD9_dyKSLGb2a07dU.mft (raw, json)
Hash identifier:          RlvJRkDGCDUtRHbJGRaqJesOSm0EmX+iAbgLzYdqeV8=
Subject key identifier:   F1:AB:F7:A8:E1:3C:A8:E3:D6:EA:92:84:F3:FB:AA:96:FD:71:02:4A
Authority key identifier: 1A:9B:D9:C6:C1:28:CC:D9:43:F7:F7:72:29:22:C6:6F:66:B4:ED:D5
Certificate issuer:       /CN=1a9bd9c6c128ccd943f7f7722922c66f66b4edd5
Certificate serial:       019D390A1A12004A71115224EEEB06063EE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GpvZxsEozNlD9_dyKSLGb2a07dU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.mft
Manifest number:          0123
Signing time:             Sun 29 Mar 2026 10:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:56 +0000
Files and hashes:         1: GpvZxsEozNlD9_dyKSLGb2a07dU.crl (hash: kRI/CZthTpCIbDJ38py1ExQ2gWS3H/8aAfXHCEUu1Ds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GpvZxsEozNlD9_dyKSLGb2a07dU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:1a:12:00:4a:71:11:52:24:ee:eb:06:06:3e:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a9bd9c6c128ccd943f7f7722922c66f66b4edd5
        Validity
            Not Before: Mar 29 10:00:56 2026 GMT
            Not After : Mar 30 10:00:56 2026 GMT
        Subject: CN=f1abf7a8e13ca8e3d6ea9284f3fbaa96fd71024a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:9f:e0:cf:3b:24:6f:b7:66:90:e5:50:86:11:
                    dc:30:62:58:f3:de:7e:9c:60:86:d7:89:bb:54:89:
                    c0:08:2e:a4:da:b9:b3:09:16:ce:7c:84:5f:1a:68:
                    60:1a:e8:9e:d7:f5:55:72:28:f6:ea:62:d1:e9:2c:
                    ee:29:76:18:9d:fc:bb:76:f9:bf:ea:b1:61:d8:99:
                    97:33:c3:9d:ba:6e:e7:55:6d:bf:11:7c:41:e9:ab:
                    d1:49:ff:8c:a9:5f:bf:37:2f:4e:20:1a:67:1f:96:
                    c4:d8:a8:9a:f6:d9:e6:31:e2:57:d2:98:6c:c8:f0:
                    04:ec:dc:ce:f7:0f:d5:b4:96:38:82:29:f0:1d:25:
                    48:cc:6c:1f:18:d7:b8:26:b1:d3:42:e0:28:40:e3:
                    31:6f:54:5f:fe:6c:37:75:f9:11:00:fa:64:8d:34:
                    dc:e6:68:ff:48:57:72:17:8a:72:2f:3e:38:08:bb:
                    be:9b:28:79:4c:f9:eb:0f:3d:42:37:04:59:23:86:
                    b8:09:36:30:2c:85:b3:85:7f:8b:6d:df:36:7a:e3:
                    1b:0b:82:49:20:88:e1:42:40:26:67:95:e3:ed:41:
                    90:ae:3f:ac:7d:0d:a3:0e:9a:f0:6d:e4:b3:a0:2f:
                    94:03:b0:c5:7e:9d:3d:07:c1:92:e7:55:d0:0b:0b:
                    a1:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:AB:F7:A8:E1:3C:A8:E3:D6:EA:92:84:F3:FB:AA:96:FD:71:02:4A
            X509v3 Authority Key Identifier:
                keyid:1A:9B:D9:C6:C1:28:CC:D9:43:F7:F7:72:29:22:C6:6F:66:B4:ED:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpvZxsEozNlD9_dyKSLGb2a07dU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:85:a1:21:74:38:78:9c:9a:da:3c:1e:55:48:92:dd:e0:14:
         6d:c0:57:24:16:f5:3e:36:36:74:96:7b:6d:11:20:a6:44:ea:
         e9:11:26:b9:f9:a2:59:83:54:9f:8d:04:81:c5:05:7b:50:48:
         e7:ee:00:88:a7:b3:56:c5:68:79:25:f0:11:3d:51:8e:90:70:
         64:17:8e:68:33:ed:fd:30:52:17:aa:a7:92:61:c1:24:de:45:
         c0:33:35:80:0e:b0:bf:cb:cd:34:21:cb:f0:f7:b3:e9:84:fb:
         47:e5:dd:60:d5:c8:9f:e8:0e:68:65:72:be:07:c9:45:82:23:
         97:9e:1f:c4:5e:07:38:b6:2d:29:62:ca:56:cd:15:fa:96:3b:
         f8:68:03:19:09:0d:d1:13:2c:42:e2:d5:38:ce:1f:69:54:f6:
         eb:31:f9:66:4f:a8:5c:c6:9b:ee:63:9b:98:5d:4b:b4:4c:f8:
         2b:cd:79:e7:a6:19:32:ba:ab:ef:94:4b:c8:0c:b3:44:b7:7f:
         35:b5:10:42:e3:ef:63:52:fc:db:a4:e3:cd:56:d2:68:fd:b1:
         7b:14:8d:cc:77:f7:70:a7:7b:75:f3:05:4f:65:a2:ef:30:8d:
         ec:f0:15:49:1e:7c:1c:e1:5f:73:a9:5b:d1:34:29:52:a5:4f:
         64:87:74:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ChoSAEpxEVIk7usGBj7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOWJkOWM2YzEyOGNjZDk0M2Y3Zjc3MjI5MjJjNjZmNjZi
NGVkZDUwHhcNMjYwMzI5MTAwMDU2WhcNMjYwMzMwMTAwMDU2WjAzMTEwLwYDVQQD
EyhmMWFiZjdhOGUxM2NhOGUzZDZlYTkyODRmM2ZiYWE5NmZkNzEwMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z/gzzskb7dmkOVQhhHcMGJY895+
nGCG14m7VInACC6k2rmzCRbOfIRfGmhgGuie1/VVcij26mLR6SzuKXYYnfy7dvm/
6rFh2JmXM8Odum7nVW2/EXxB6avRSf+MqV+/Ny9OIBpnH5bE2Kia9tnmMeJX0phs
yPAE7NzO9w/VtJY4ginwHSVIzGwfGNe4JrHTQuAoQOMxb1Rf/mw3dfkRAPpkjTTc
5mj/SFdyF4pyLz44CLu+myh5TPnrDz1CNwRZI4a4CTYwLIWzhX+Lbd82euMbC4JJ
IIjhQkAmZ5Xj7UGQrj+sfQ2jDprwbeSzoC+UA7DFfp09B8GS51XQCwuhIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGr96jhPKjj1uqShPP7qpb9cQJKMB8GA1UdIwQY
MBaAFBqb2cbBKMzZQ/f3cikixm9mtO3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3B2WnhzRW96TmxEOV9keUtTTEdiMmEwN2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iN2IzZjUtNWMwYS00OWY4LTkwZGIt
Yzk2NzBiMmRhMzIwLzEvR3B2WnhzRW96TmxEOV9keUtTTEdiMmEwN2RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iN2IzZjUtNWMwYS00OWY4LTkwZGItYzk2NzBiMmRhMzIw
LzEvR3B2WnhzRW96TmxEOV9keUtTTEdiMmEwN2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF4WhIXQ4
eJya2jweVUiS3eAUbcBXJBb1PjY2dJZ7bREgpkTq6REmufmiWYNUn40EgcUFe1BI
5+4AiKezVsVoeSXwET1RjpBwZBeOaDPt/TBSF6qnkmHBJN5FwDM1gA6wv8vNNCHL
8Pez6YT7R+XdYNXIn+gOaGVyvgfJRYIjl54fxF4HOLYtKWLKVs0V+pY7+GgDGQkN
0RMsQuLVOM4faVT26zH5Zk+oXMab7mObmF1LtEz4K81556YZMrqr75RLyAyzRLd/
NbUQQuPvY1L826TjzVbSaP2xexSNzHf3cKd7dfMFT2Wi7zCN7PAVSR58HOFfc6lb
0TQpUqVPZId0cg==
-----END CERTIFICATE-----