Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
File:                     G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json)
Hash identifier:          O0PmqAbvNch2l1qAMJP4yiqWrUrWKEVX3LwVyZloPLk=
Subject key identifier:   EE:B3:5B:32:39:00:A0:E7:7C:1D:4B:A0:05:6D:27:88:48:A1:BA:F9
Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A
Certificate issuer:       /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
Certificate serial:       019D389BB5EF90DD1448573C2696660E76A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
Manifest number:          066C
Signing time:             Sun 29 Mar 2026 08:00:21 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:21 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:21 +0000
Files and hashes:         1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: QrXy2DFTHadBPFF3S2e78wq2z/iOySgLE4vgzY/P/4o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:b5:ef:90:dd:14:48:57:3c:26:96:66:0e:76:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
        Validity
            Not Before: Mar 29 08:00:21 2026 GMT
            Not After : Mar 30 08:00:21 2026 GMT
        Subject: CN=eeb35b323900a0e77c1d4ba0056d278848a1baf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:cc:9e:1e:a2:0d:29:29:dc:e9:35:3b:4f:e4:
                    fe:2f:e0:55:1c:84:2a:9b:78:8d:fa:14:f2:e4:c9:
                    3d:8b:4b:f2:b1:04:54:0d:a0:af:26:cb:26:0e:6b:
                    cf:0d:45:33:57:7a:88:e7:22:53:8b:2f:55:e9:4f:
                    e5:a1:6b:6d:e7:bf:39:d9:59:8e:ff:1b:8a:84:da:
                    fe:c7:46:0c:95:ba:f0:d5:15:bc:db:9a:e7:ac:55:
                    fb:fc:be:94:1c:ed:e5:90:d1:85:92:2c:65:60:b2:
                    1d:f6:3f:c5:e1:a7:3b:e1:a3:5d:45:ea:98:7e:ab:
                    6c:68:01:db:83:72:3f:07:d0:0a:12:28:67:97:b1:
                    2c:d0:64:f5:5a:12:34:76:46:4d:23:b4:51:66:e0:
                    aa:4c:40:91:57:77:f8:6a:18:dc:2d:72:7f:79:73:
                    ae:c2:ad:c9:b4:ab:2d:7e:01:73:28:81:61:9b:42:
                    52:e7:a8:dc:40:3f:6f:8e:48:e5:6d:e4:83:b2:69:
                    ce:86:b2:71:f6:b3:ea:b8:76:6a:7a:88:8b:af:74:
                    39:1b:b5:30:77:9d:b3:a5:a3:6b:26:78:d0:4f:1c:
                    a2:a2:60:0d:da:fa:fc:04:77:4a:7c:8a:ec:0d:d5:
                    4c:29:74:9b:ee:90:a8:fb:d1:33:fd:a8:08:4b:34:
                    bf:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:B3:5B:32:39:00:A0:E7:7C:1D:4B:A0:05:6D:27:88:48:A1:BA:F9
            X509v3 Authority Key Identifier:
                keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:22:c6:c2:32:a7:08:00:20:b5:37:6e:3e:2b:bd:e0:36:6c:
         90:4a:93:eb:81:6c:8b:11:f8:80:ef:e2:4e:57:5c:03:65:2a:
         35:bd:5e:2e:54:31:77:d4:65:63:b6:cb:98:d3:b8:9d:fb:6c:
         0b:00:a8:a5:f8:b6:39:d7:c1:2e:24:30:6c:aa:2a:43:c7:a7:
         7e:69:56:81:c6:a4:5a:e4:63:1e:cb:c3:30:ee:86:6e:3b:56:
         e5:ab:d4:bf:78:f1:bd:bd:e9:df:b0:33:16:8e:74:40:f5:17:
         7e:63:bf:79:80:fa:bc:f8:dc:fe:4b:45:c3:ad:66:e5:b3:c3:
         c6:74:b9:c6:1b:ea:b0:83:94:2a:ae:d3:bc:81:75:c2:51:86:
         17:f4:aa:ed:dd:d3:91:b3:82:16:ab:68:46:d9:fe:cb:14:f5:
         09:a7:a2:74:44:7d:5e:f0:73:31:61:b5:6b:26:ad:13:aa:1c:
         51:a4:e3:3e:b0:e8:c0:c4:2b:5a:a0:86:30:00:e9:09:2f:5c:
         ac:e1:8d:d5:9e:2b:b3:5a:ce:47:61:cb:7c:9f:7c:89:17:23:
         f2:4a:3b:1f:f7:0d:5a:df:eb:fc:86:e9:42:62:06:96:d0:68:
         a6:e6:02:64:a8:4e:51:cc:fd:9f:ed:ba:06:06:c7:5f:3a:a7:
         2e:6c:f2:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m7XvkN0USFc8JpZmDnaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl
MThkOWEwHhcNMjYwMzI5MDgwMDIxWhcNMjYwMzMwMDgwMDIxWjAzMTEwLwYDVQQD
EyhlZWIzNWIzMjM5MDBhMGU3N2MxZDRiYTAwNTZkMjc4ODQ4YTFiYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cyeHqINKSnc6TU7T+T+L+BVHIQq
m3iN+hTy5Mk9i0vysQRUDaCvJssmDmvPDUUzV3qI5yJTiy9V6U/loWtt57852VmO
/xuKhNr+x0YMlbrw1RW825rnrFX7/L6UHO3lkNGFkixlYLId9j/F4ac74aNdReqY
fqtsaAHbg3I/B9AKEihnl7Es0GT1WhI0dkZNI7RRZuCqTECRV3f4ahjcLXJ/eXOu
wq3JtKstfgFzKIFhm0JS56jcQD9vjkjlbeSDsmnOhrJx9rPquHZqeoiLr3Q5G7Uw
d52zpaNrJnjQTxyiomAN2vr8BHdKfIrsDdVMKXSb7pCo+9Ez/agISzS/9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6zWzI5AKDnfB1LoAVtJ4hIobr5MB8GA1UdIwQY
MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt
M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl
LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAViLGwjKn
CAAgtTduPiu94DZskEqT64FsixH4gO/iTldcA2UqNb1eLlQxd9RlY7bLmNO4nfts
CwCopfi2OdfBLiQwbKoqQ8enfmlWgcakWuRjHsvDMO6GbjtW5avUv3jxvb3p37Az
Fo50QPUXfmO/eYD6vPjc/ktFw61m5bPDxnS5xhvqsIOUKq7TvIF1wlGGF/Sq7d3T
kbOCFqtoRtn+yxT1CaeidER9XvBzMWG1ayatE6ocUaTjPrDowMQrWqCGMADpCS9c
rOGN1Z4rs1rOR2HLfJ98iRcj8ko7H/cNWt/r/IbpQmIGltBopuYCZKhOUcz9n+26
BgbHXzqnLmzy1w==
-----END CERTIFICATE-----