Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
File:                     gXNntPK_jrMfbhYk7Vbtq6nwITs.mft (raw, json)
Hash identifier:          8xF+KFpbzAwND1aCM8cIvXAM4GEeiCfTlyGJLC3mdAQ=
Subject key identifier:   75:77:C0:6C:F8:2D:88:CC:06:0E:D6:71:D5:B0:28:5C:F5:2C:C0:08
Authority key identifier: 81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B
Certificate issuer:       /CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
Certificate serial:       019D38D2E295AD2B6E39D3E0A254159CC66C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
Manifest number:          0FAA
Signing time:             Sun 29 Mar 2026 09:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:37 +0000
Files and hashes:         1: gXNntPK_jrMfbhYk7Vbtq6nwITs.crl (hash: 5wE1ELamWjdgOfM2NqpWqFsDcbxPIq8ixmKAa8A+HlA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:e2:95:ad:2b:6e:39:d3:e0:a2:54:15:9c:c6:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
        Validity
            Not Before: Mar 29 09:00:37 2026 GMT
            Not After : Mar 30 09:00:37 2026 GMT
        Subject: CN=7577c06cf82d88cc060ed671d5b0285cf52cc008
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:06:ae:ad:6e:1b:2c:78:82:23:f8:3d:eb:67:
                    0b:78:f6:01:4d:73:13:c4:6b:27:f0:cd:3a:31:c4:
                    8f:da:fc:da:f8:48:38:56:9b:e5:d3:45:5f:f5:e8:
                    0a:ca:86:e5:db:5c:b5:36:c6:05:d5:ad:16:81:23:
                    ec:e8:4c:26:04:2c:d4:3f:38:fa:a9:37:ff:33:f6:
                    de:10:2a:b4:a0:7d:63:24:4e:c3:c6:1b:4b:a8:dc:
                    b4:18:ff:2e:6a:47:51:8f:19:72:7a:42:16:cf:2f:
                    02:39:a9:eb:06:bc:d0:b1:03:a4:8b:55:6c:92:7a:
                    df:7a:2b:ea:1c:49:bc:fa:e3:c5:5a:68:a2:7c:94:
                    3b:3f:e0:60:9a:6d:25:2a:9d:ba:e4:03:17:db:94:
                    d9:b5:d9:7b:5a:24:30:e7:31:16:3d:82:27:0c:9d:
                    a9:e3:97:b9:07:1d:73:31:9e:34:27:50:25:2f:af:
                    64:7c:8f:e2:09:61:24:07:5c:22:8b:0d:ae:14:f3:
                    5d:cd:30:a8:e9:2d:76:8f:ae:c4:3f:19:fd:16:4b:
                    8e:f4:7c:af:13:1d:6f:5a:bf:b7:bb:52:f7:ea:4a:
                    c5:af:e2:c4:4f:a7:17:37:1b:13:ab:38:8f:9b:cd:
                    58:88:8b:78:54:bc:59:1a:f5:de:7c:c3:01:51:f1:
                    53:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:77:C0:6C:F8:2D:88:CC:06:0E:D6:71:D5:B0:28:5C:F5:2C:C0:08
            X509v3 Authority Key Identifier:
                keyid:81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:78:de:9e:59:7d:94:63:7a:d0:9c:9c:94:16:76:ee:6b:b7:
         73:07:f0:3b:2b:ee:e2:0e:76:5a:ed:18:c6:bb:dc:55:8f:b8:
         d5:c4:af:d2:52:ce:0e:04:48:f7:01:49:97:72:84:63:00:c8:
         f9:7d:88:0b:43:0c:ba:04:31:20:98:fb:6a:9c:90:18:00:11:
         6f:16:f0:37:51:3f:46:67:ec:e9:0b:3e:6b:06:9d:45:0b:53:
         b0:59:47:0c:f0:84:2d:50:3e:66:18:c8:57:28:25:82:d9:a5:
         03:10:a5:6a:bd:f4:1e:84:88:93:f1:d5:8d:dd:b3:6b:9d:27:
         30:f0:91:9e:83:92:80:21:1c:61:14:0b:ce:aa:2d:df:03:fc:
         3c:60:71:68:53:a9:99:3f:14:4b:d5:21:c7:b9:28:f4:a8:e8:
         9c:49:03:9c:a2:c0:61:23:b6:cf:64:4f:0d:fb:44:92:01:c8:
         ce:56:0e:81:4b:52:e4:e9:22:ba:8d:6b:a1:44:03:a1:ed:a7:
         e1:81:13:5b:73:bb:14:97:03:ce:51:9f:9b:c8:04:5b:53:af:
         c1:28:52:65:36:39:38:40:ff:ba:3a:98:14:f1:2c:72:36:2f:
         b3:38:57:50:e9:a8:69:a9:66:7a:37:ad:df:27:85:67:a0:fd:
         ab:f9:8a:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040uKVrStuOdPgolQVnMZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzM2N2I0ZjJiZjhlYjMxZjZlMTYyNGVkNTZlZGFiYTlm
MDIxM2IwHhcNMjYwMzI5MDkwMDM3WhcNMjYwMzMwMDkwMDM3WjAzMTEwLwYDVQQD
Eyg3NTc3YzA2Y2Y4MmQ4OGNjMDYwZWQ2NzFkNWIwMjg1Y2Y1MmNjMDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwaurW4bLHiCI/g962cLePYBTXMT
xGsn8M06McSP2vza+Eg4Vpvl00Vf9egKyobl21y1NsYF1a0WgSPs6EwmBCzUPzj6
qTf/M/beECq0oH1jJE7DxhtLqNy0GP8uakdRjxlyekIWzy8COanrBrzQsQOki1Vs
knrfeivqHEm8+uPFWmiifJQ7P+Bgmm0lKp265AMX25TZtdl7WiQw5zEWPYInDJ2p
45e5Bx1zMZ40J1AlL69kfI/iCWEkB1wiiw2uFPNdzTCo6S12j67EPxn9FkuO9Hyv
Ex1vWr+3u1L36krFr+LET6cXNxsTqziPm81YiIt4VLxZGvXefMMBUfFT/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHV3wGz4LYjMBg7WcdWwKFz1LMAIMB8GA1UdIwQY
MBaAFIFzZ7Tyv46zH24WJO1W7aup8CE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2Et
NTU1MTMwYTU3MDQxLzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2EtNTU1MTMwYTU3MDQx
LzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnjenll9
lGN60JyclBZ27mu3cwfwOyvu4g52Wu0YxrvcVY+41cSv0lLODgRI9wFJl3KEYwDI
+X2IC0MMugQxIJj7apyQGAARbxbwN1E/Rmfs6Qs+awadRQtTsFlHDPCELVA+ZhjI
VyglgtmlAxClar30HoSIk/HVjd2za50nMPCRnoOSgCEcYRQLzqot3wP8PGBxaFOp
mT8US9Uhx7ko9KjonEkDnKLAYSO2z2RPDftEkgHIzlYOgUtS5Okiuo1roUQDoe2n
4YETW3O7FJcDzlGfm8gEW1OvwShSZTY5OED/ujqYFPEscjYvszhXUOmoaalmejet
3yeFZ6D9q/mKtQ==
-----END CERTIFICATE-----