Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.mft
File:                     gnSkfvUV7gcuLOK8w74KNN1zQfs.mft (raw, json)
Hash identifier:          ccOroEbgJE6+eKH+zRxycc4Elgaz+HJx0pyH07lxUHQ=
Subject key identifier:   D5:85:EA:54:DB:69:09:AE:A4:2A:95:5C:2A:84:88:FD:11:08:F7:01
Authority key identifier: 82:74:A4:7E:F5:15:EE:07:2E:2C:E2:BC:C3:BE:0A:34:DD:73:41:FB
Certificate issuer:       /CN=8274a47ef515ee072e2ce2bcc3be0a34dd7341fb
Certificate serial:       019D37C0D14845F203CD146849254F851B8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gnSkfvUV7gcuLOK8w74KNN1zQfs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.mft
Manifest number:          01DE
Signing time:             Sun 29 Mar 2026 04:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:16 +0000
Files and hashes:         1: gnSkfvUV7gcuLOK8w74KNN1zQfs.crl (hash: dEFXFPUvXGI5WsyF+kAEXSQFmKblsByui8+7pRy2Mho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gnSkfvUV7gcuLOK8w74KNN1zQfs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:d1:48:45:f2:03:cd:14:68:49:25:4f:85:1b:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8274a47ef515ee072e2ce2bcc3be0a34dd7341fb
        Validity
            Not Before: Mar 29 04:01:16 2026 GMT
            Not After : Mar 30 04:01:16 2026 GMT
        Subject: CN=d585ea54db6909aea42a955c2a8488fd1108f701
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e2:6f:f3:24:1e:d2:05:d0:37:9a:ae:a1:cb:
                    2e:2e:be:94:7a:20:1a:ac:b4:f9:25:8f:e4:fc:b1:
                    66:3e:f2:01:ed:a7:b2:a8:27:b0:c5:41:74:b4:1f:
                    58:b0:41:1b:0c:cb:04:2e:0a:72:76:22:1b:f6:9b:
                    17:eb:90:15:4b:bb:97:98:27:e5:88:f1:14:0a:ee:
                    1a:57:2e:ec:bf:bf:54:89:fd:a7:49:ef:96:fd:c0:
                    63:2d:de:1d:14:0d:f7:b8:4b:aa:ee:8b:f6:20:88:
                    85:a2:73:aa:ba:6d:a9:7d:76:0e:12:77:fe:0a:36:
                    df:84:5d:e9:99:ea:47:3c:63:ee:ed:5d:00:82:2e:
                    f6:bd:b5:69:f7:a5:1b:32:a2:9f:97:3e:3c:23:aa:
                    61:9e:46:28:ac:c9:60:81:38:6a:7f:32:06:7c:40:
                    85:e3:15:47:a6:74:73:e8:9b:1e:a8:17:f7:94:7a:
                    fa:ce:67:dc:a1:b0:34:de:6d:cc:69:6e:36:cf:cd:
                    c7:0b:95:10:2b:23:b1:d7:01:1c:be:7c:cc:ba:e7:
                    dc:f5:bc:c9:c6:47:18:6b:e0:0a:68:5a:3e:04:dd:
                    1e:78:a5:11:60:cf:86:da:0b:b1:31:45:e2:c2:96:
                    2b:1a:7f:51:2a:eb:34:52:df:d1:d1:5a:2d:75:84:
                    96:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:85:EA:54:DB:69:09:AE:A4:2A:95:5C:2A:84:88:FD:11:08:F7:01
            X509v3 Authority Key Identifier:
                keyid:82:74:A4:7E:F5:15:EE:07:2E:2C:E2:BC:C3:BE:0A:34:DD:73:41:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnSkfvUV7gcuLOK8w74KNN1zQfs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:40:c1:60:e1:9c:ba:f4:d2:53:d9:a5:eb:cb:36:e2:69:28:
         6f:ed:2b:a9:49:83:e6:0b:d7:be:d6:01:f1:48:ff:85:8c:58:
         ec:83:cb:ce:4b:75:72:84:b8:01:70:8b:1d:f5:9a:e4:29:94:
         97:0b:ec:3a:66:6d:32:16:97:ab:07:7c:9a:18:46:59:cb:8e:
         06:df:00:01:d8:bc:7f:1d:38:f1:82:a2:ae:c0:04:d1:36:11:
         2b:c4:f0:72:8e:8c:49:20:06:af:13:50:46:04:f3:b8:43:2e:
         f4:82:7b:51:db:3b:41:34:2d:64:3d:8c:98:9a:ea:2e:b3:ec:
         30:44:43:28:46:00:9e:42:02:2a:5a:87:61:48:59:80:53:14:
         43:e4:e0:02:ad:d8:83:f9:5b:92:6c:e2:08:ae:12:67:ab:dd:
         ac:53:d8:c1:ba:0a:ac:a1:5a:59:8c:cb:7c:0e:b6:7f:be:f2:
         be:23:7a:fe:b8:b3:a0:80:d6:e9:39:da:4a:91:30:18:a1:05:
         b7:19:21:cc:53:c1:77:24:b0:b8:de:aa:7a:6c:a8:58:21:91:
         bf:05:74:b3:09:4a:62:36:b0:d5:ee:30:a8:f2:07:30:0c:fc:
         f0:b5:28:6f:cd:3d:a0:89:f9:91:df:76:88:4e:54:38:a9:4e:
         96:ce:80:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wNFIRfIDzRRoSSVPhRuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzRhNDdlZjUxNWVlMDcyZTJjZTJiY2MzYmUwYTM0ZGQ3
MzQxZmIwHhcNMjYwMzI5MDQwMTE2WhcNMjYwMzMwMDQwMTE2WjAzMTEwLwYDVQQD
EyhkNTg1ZWE1NGRiNjkwOWFlYTQyYTk1NWMyYTg0ODhmZDExMDhmNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOJv8yQe0gXQN5quocsuLr6UeiAa
rLT5JY/k/LFmPvIB7aeyqCewxUF0tB9YsEEbDMsELgpydiIb9psX65AVS7uXmCfl
iPEUCu4aVy7sv79Uif2nSe+W/cBjLd4dFA33uEuq7ov2IIiFonOqum2pfXYOEnf+
CjbfhF3pmepHPGPu7V0Agi72vbVp96UbMqKflz48I6phnkYorMlggThqfzIGfECF
4xVHpnRz6JseqBf3lHr6zmfcobA03m3MaW42z83HC5UQKyOx1wEcvnzMuufc9bzJ
xkcYa+AKaFo+BN0eeKURYM+G2guxMUXiwpYrGn9RKus0Ut/R0VotdYSW4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWF6lTbaQmupCqVXCqEiP0RCPcBMB8GA1UdIwQY
MBaAFIJ0pH71Fe4HLizivMO+CjTdc0H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25Ta2Z2VVY3Z2N1TE9LOHc3NEtOTjF6UWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mOTYxYWYtZThkZC00ZjY0LTk1NDct
NzM2MzM3MzE1NWJlLzEvZ25Ta2Z2VVY3Z2N1TE9LOHc3NEtOTjF6UWZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mOTYxYWYtZThkZC00ZjY0LTk1NDctNzM2MzM3MzE1NWJl
LzEvZ25Ta2Z2VVY3Z2N1TE9LOHc3NEtOTjF6UWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiEDBYOGc
uvTSU9ml68s24mkob+0rqUmD5gvXvtYB8Uj/hYxY7IPLzkt1coS4AXCLHfWa5CmU
lwvsOmZtMhaXqwd8mhhGWcuOBt8AAdi8fx048YKirsAE0TYRK8Twco6MSSAGrxNQ
RgTzuEMu9IJ7Uds7QTQtZD2MmJrqLrPsMERDKEYAnkICKlqHYUhZgFMUQ+TgAq3Y
g/lbkmziCK4SZ6vdrFPYwboKrKFaWYzLfA62f77yviN6/rizoIDW6TnaSpEwGKEF
txkhzFPBdySwuN6qemyoWCGRvwV0swlKYjaw1e4wqPIHMAz88LUob809oIn5kd92
iE5UOKlOls6AIA==
-----END CERTIFICATE-----