Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/740813-9180-406f-af6a-fdd0962ceaab/1/gc0CYqIhw1pnzxc6YNHs2a-r3bU.mft
File:                     gc0CYqIhw1pnzxc6YNHs2a-r3bU.mft (raw, json)
Hash identifier:          7leB0tR+Dq8kdqxNNfaTOe+VSg4E2YpuUmOF/3lbVFs=
Subject key identifier:   9B:E8:2B:0E:5F:A5:5B:DF:C8:8D:A2:F2:49:9E:BF:D0:83:EE:A6:08
Authority key identifier: 81:CD:02:62:A2:21:C3:5A:67:CF:17:3A:60:D1:EC:D9:AF:AB:DD:B5
Certificate issuer:       /CN=81cd0262a221c35a67cf173a60d1ecd9afabddb5
Certificate serial:       019D3866295880C94AC98721F3CDE5496713
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gc0CYqIhw1pnzxc6YNHs2a-r3bU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/740813-9180-406f-af6a-fdd0962ceaab/1/gc0CYqIhw1pnzxc6YNHs2a-r3bU.mft
Manifest number:          11FD
Signing time:             Sun 29 Mar 2026 07:01:52 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:52 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:52 +0000
Files and hashes:         1: gc0CYqIhw1pnzxc6YNHs2a-r3bU.crl (hash: 7w+2l2Ud5oHd3wzOchdwLAj23CATs+ByDG4BCHbkixE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/740813-9180-406f-af6a-fdd0962ceaab/1/gc0CYqIhw1pnzxc6YNHs2a-r3bU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/740813-9180-406f-af6a-fdd0962ceaab/1/gc0CYqIhw1pnzxc6YNHs2a-r3bU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gc0CYqIhw1pnzxc6YNHs2a-r3bU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:29:58:80:c9:4a:c9:87:21:f3:cd:e5:49:67:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cd0262a221c35a67cf173a60d1ecd9afabddb5
        Validity
            Not Before: Mar 29 07:01:52 2026 GMT
            Not After : Mar 30 07:01:52 2026 GMT
        Subject: CN=9be82b0e5fa55bdfc88da2f2499ebfd083eea608
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ee:6d:98:36:5e:dd:43:a9:ce:e5:73:59:3b:
                    3c:d4:39:1f:ed:b9:7e:fc:de:7f:3f:9d:59:c6:49:
                    43:10:a4:87:b0:62:8a:6c:0f:47:b6:f5:d1:86:a2:
                    e0:2b:07:04:74:53:97:75:dd:7f:d5:6c:11:ed:d9:
                    fd:23:d1:d4:5f:e7:da:33:c5:68:00:a2:03:0b:ff:
                    05:66:29:06:da:0c:2d:af:ec:61:d5:00:bc:c1:64:
                    d2:f6:4b:93:c8:84:b6:38:ba:2c:d3:1a:0b:b4:fe:
                    7b:82:74:57:1c:9a:44:27:c3:5c:05:22:89:b6:af:
                    9d:dc:c1:dc:c4:a1:9f:e3:20:c4:66:45:35:c1:20:
                    74:f1:db:c8:67:37:f9:cf:2e:fc:db:4c:f3:06:c5:
                    47:01:df:47:28:33:da:ea:19:01:1b:a5:a6:3f:33:
                    12:24:fd:4c:23:7c:b0:09:6e:70:3d:fc:e0:66:40:
                    67:48:85:94:df:a6:83:e2:3a:31:6b:8f:4a:b8:c2:
                    4a:bd:8d:15:e5:77:4a:67:26:65:c2:ea:d6:cc:32:
                    ff:b7:a7:50:19:d6:f8:0b:16:c3:cd:d0:1e:3a:11:
                    18:0b:cb:1c:37:c5:5b:9a:27:b4:fe:cb:69:a4:15:
                    1a:61:96:03:a8:a2:b6:d3:52:ce:e9:94:34:84:c5:
                    f7:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:E8:2B:0E:5F:A5:5B:DF:C8:8D:A2:F2:49:9E:BF:D0:83:EE:A6:08
            X509v3 Authority Key Identifier:
                keyid:81:CD:02:62:A2:21:C3:5A:67:CF:17:3A:60:D1:EC:D9:AF:AB:DD:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gc0CYqIhw1pnzxc6YNHs2a-r3bU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/740813-9180-406f-af6a-fdd0962ceaab/1/gc0CYqIhw1pnzxc6YNHs2a-r3bU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/740813-9180-406f-af6a-fdd0962ceaab/1/gc0CYqIhw1pnzxc6YNHs2a-r3bU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:35:7c:41:1d:43:81:50:6f:81:a8:5e:07:3f:61:f0:61:30:
         f0:79:f9:58:3f:13:94:48:13:6b:db:83:59:fd:e0:12:fd:66:
         39:50:6e:a5:6c:a8:6a:cf:9f:92:cf:25:87:07:4c:c8:7c:00:
         6f:ff:ba:c1:b2:91:a5:3e:b9:8d:ab:9d:c7:42:61:42:c3:fd:
         44:0e:23:39:33:ec:a5:ac:72:84:33:60:cf:01:fe:8d:1c:e5:
         c8:9f:0c:c3:45:3a:5f:8e:11:47:e3:43:f9:32:10:50:c2:0c:
         aa:f8:d0:f8:48:4c:aa:5d:12:a7:3f:19:66:98:4a:4c:fb:73:
         3e:02:86:81:db:cd:da:56:a4:95:ea:bc:97:9f:9e:4e:00:b5:
         27:90:13:d9:25:07:4e:98:70:c8:12:50:ca:c7:40:e6:7c:84:
         a5:52:4c:25:5d:21:6c:02:56:9d:73:4d:51:74:cf:3f:89:35:
         7b:14:3e:8a:23:4e:6b:c5:96:69:c8:b4:6c:90:fa:4b:87:f9:
         98:1d:d5:64:55:21:6b:c6:ad:bb:a9:72:dd:a3:2f:33:81:98:
         ea:ba:9f:06:b3:c9:d3:86:16:a3:f0:dd:24:6a:ef:0d:f7:64:
         46:19:92:73:b2:b7:35:f4:25:44:5f:3f:14:5a:ed:bc:6f:f7:
         08:07:27:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZilYgMlKyYch883lSWcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2QwMjYyYTIyMWMzNWE2N2NmMTczYTYwZDFlY2Q5YWZh
YmRkYjUwHhcNMjYwMzI5MDcwMTUyWhcNMjYwMzMwMDcwMTUyWjAzMTEwLwYDVQQD
Eyg5YmU4MmIwZTVmYTU1YmRmYzg4ZGEyZjI0OTllYmZkMDgzZWVhNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO5tmDZe3UOpzuVzWTs81Dkf7bl+
/N5/P51ZxklDEKSHsGKKbA9HtvXRhqLgKwcEdFOXdd1/1WwR7dn9I9HUX+faM8Vo
AKIDC/8FZikG2gwtr+xh1QC8wWTS9kuTyIS2OLos0xoLtP57gnRXHJpEJ8NcBSKJ
tq+d3MHcxKGf4yDEZkU1wSB08dvIZzf5zy7820zzBsVHAd9HKDPa6hkBG6WmPzMS
JP1MI3ywCW5wPfzgZkBnSIWU36aD4joxa49KuMJKvY0V5XdKZyZlwurWzDL/t6dQ
Gdb4CxbDzdAeOhEYC8scN8Vbmie0/stppBUaYZYDqKK201LO6ZQ0hMX36QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJvoKw5fpVvfyI2i8kmev9CD7qYIMB8GA1UdIwQY
MBaAFIHNAmKiIcNaZ88XOmDR7Nmvq921MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2MwQ1lxSWh3MXBuenhjNllOSHMyYS1yM2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NDA4MTMtOTE4MC00MDZmLWFmNmEt
ZmRkMDk2MmNlYWFiLzEvZ2MwQ1lxSWh3MXBuenhjNllOSHMyYS1yM2JVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NDA4MTMtOTE4MC00MDZmLWFmNmEtZmRkMDk2MmNlYWFi
LzEvZ2MwQ1lxSWh3MXBuenhjNllOSHMyYS1yM2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkTV8QR1D
gVBvgaheBz9h8GEw8Hn5WD8TlEgTa9uDWf3gEv1mOVBupWyoas+fks8lhwdMyHwA
b/+6wbKRpT65jaudx0JhQsP9RA4jOTPspaxyhDNgzwH+jRzlyJ8Mw0U6X44RR+ND
+TIQUMIMqvjQ+EhMql0Spz8ZZphKTPtzPgKGgdvN2lakleq8l5+eTgC1J5AT2SUH
TphwyBJQysdA5nyEpVJMJV0hbAJWnXNNUXTPP4k1exQ+iiNOa8WWaci0bJD6S4f5
mB3VZFUha8atu6ly3aMvM4GY6rqfBrPJ04YWo/DdJGrvDfdkRhmSc7K3NfQlRF8/
FFrtvG/3CAcngg==
-----END CERTIFICATE-----