Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
File:                     geY5cEKnqWRfwS91nQJhldfL_Vg.mft (raw, json)
Hash identifier:          2YYWtcSyUgS8tLCDaSYhx9ESJRkchy5pDYKZkp7j3FA=
Subject key identifier:   F3:F0:58:FF:4F:E4:C2:AA:DE:D3:B5:4A:2D:73:A4:1F:43:44:74:77
Authority key identifier: 81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
Certificate issuer:       /CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Certificate serial:       019D3AC21576F0D7FF9503D965A72898D6A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
Manifest number:          0F9B
Signing time:             Sun 29 Mar 2026 18:01:31 +0000
Manifest this update:     Sun 29 Mar 2026 18:01:31 +0000
Manifest next update:     Mon 30 Mar 2026 18:01:31 +0000
Files and hashes:         1: geY5cEKnqWRfwS91nQJhldfL_Vg.crl (hash: MmZFagy3uRwiAJOlqMOR+ES0wrc7fE0xWFyOJYoH30o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:c2:15:76:f0:d7:ff:95:03:d9:65:a7:28:98:d6:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81e6397042a7a9645fc12f759d026195d7cbfd58
        Validity
            Not Before: Mar 29 18:01:31 2026 GMT
            Not After : Mar 30 18:01:31 2026 GMT
        Subject: CN=f3f058ff4fe4c2aaded3b54a2d73a41f43447477
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:fa:3d:4d:4e:f6:64:a7:f4:b6:44:10:e5:da:
                    b8:80:c8:9c:45:98:5b:50:fa:37:e8:16:fe:9e:fc:
                    46:12:8e:0b:cc:31:1d:dd:d8:36:25:19:73:03:b1:
                    42:fa:ca:8e:e3:6e:7c:23:41:b5:51:bc:64:f6:ed:
                    c0:3b:b8:b1:87:99:1d:6c:07:37:91:53:47:d3:64:
                    2d:b6:ec:d0:1e:ec:70:58:6e:e0:65:62:c6:03:a6:
                    42:35:19:6f:29:c3:7e:6d:42:44:65:ed:e1:6c:89:
                    16:33:fa:6c:42:a0:da:a5:15:d4:99:18:bd:5b:9e:
                    43:88:f2:7b:12:92:45:dd:c0:15:f4:52:24:b5:cd:
                    3b:a4:dd:92:2c:9c:20:3f:a2:8b:e8:41:3b:60:3d:
                    b1:b3:30:e3:64:e9:d5:e9:bd:0a:72:40:68:47:99:
                    db:71:2d:e6:d1:f7:df:48:3b:e0:68:58:34:dd:03:
                    cc:f0:36:01:9c:7c:55:6e:af:72:70:41:a5:c3:7d:
                    6f:38:0b:79:49:72:45:97:46:84:61:aa:ed:cd:e1:
                    1b:70:59:30:a3:e0:14:43:53:c9:7e:cc:2b:0f:30:
                    77:99:f4:95:1d:f0:71:8f:cd:14:1f:aa:9f:fe:f4:
                    20:cc:8d:72:d5:95:b5:5a:93:82:c7:7e:d1:28:d0:
                    1b:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:F0:58:FF:4F:E4:C2:AA:DE:D3:B5:4A:2D:73:A4:1F:43:44:74:77
            X509v3 Authority Key Identifier:
                keyid:81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:15:81:06:8e:c7:f5:94:8d:27:a7:74:58:2d:5a:69:4e:a6:
         c8:04:df:ef:a4:ac:10:43:71:33:df:0c:93:ec:98:bf:b6:54:
         a9:6f:46:d4:da:f8:c0:ba:e8:0b:62:b3:37:b4:fa:b3:63:a0:
         f6:03:95:36:c8:70:2f:a7:09:2a:e4:3f:ac:27:5c:b1:ec:23:
         b6:f4:f3:7d:47:7e:9d:9a:07:90:27:b1:71:f5:6c:a0:1e:40:
         76:0e:f8:53:7d:bf:e2:ed:9c:4c:a6:9d:71:2a:58:5e:ae:cc:
         6d:94:73:a0:56:37:29:ae:de:1c:11:de:3f:7f:95:8c:95:bb:
         7f:d5:08:83:62:24:77:f5:8f:85:6a:a3:a8:1c:55:59:a5:23:
         c5:91:77:a4:f5:4f:10:b6:76:53:5c:b3:fc:c3:b3:19:30:53:
         e5:ee:27:7d:23:de:0a:53:3c:de:2e:16:ed:d1:b8:61:f7:8f:
         2e:da:41:66:31:e2:e8:48:22:8f:77:d5:dc:22:37:d7:c7:e1:
         e7:d3:04:12:30:e7:11:e9:d0:27:b8:9b:76:da:62:ce:e9:84:
         5a:84:0b:7b:31:3f:4f:2d:fc:71:01:bb:dd:01:4d:ee:06:a4:
         12:a6:30:e1:9a:83:f6:ad:95:b0:db:f0:af:c0:4e:47:17:06:
         ff:f1:8e:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06whV28Nf/lQPZZacomNagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTYzOTcwNDJhN2E5NjQ1ZmMxMmY3NTlkMDI2MTk1ZDdj
YmZkNTgwHhcNMjYwMzI5MTgwMTMxWhcNMjYwMzMwMTgwMTMxWjAzMTEwLwYDVQQD
EyhmM2YwNThmZjRmZTRjMmFhZGVkM2I1NGEyZDczYTQxZjQzNDQ3NDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPo9TU72ZKf0tkQQ5dq4gMicRZhb
UPo36Bb+nvxGEo4LzDEd3dg2JRlzA7FC+sqO4258I0G1Ubxk9u3AO7ixh5kdbAc3
kVNH02QttuzQHuxwWG7gZWLGA6ZCNRlvKcN+bUJEZe3hbIkWM/psQqDapRXUmRi9
W55DiPJ7EpJF3cAV9FIktc07pN2SLJwgP6KL6EE7YD2xszDjZOnV6b0KckBoR5nb
cS3m0fffSDvgaFg03QPM8DYBnHxVbq9ycEGlw31vOAt5SXJFl0aEYartzeEbcFkw
o+AUQ1PJfswrDzB3mfSVHfBxj80UH6qf/vQgzI1y1ZW1WpOCx37RKNAbPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPwWP9P5MKq3tO1Si1zpB9DRHR3MB8GA1UdIwQY
MBaAFIHmOXBCp6lkX8EvdZ0CYZXXy/1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQt
NWNhNmE3YWQwNWZhLzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQtNWNhNmE3YWQwNWZh
LzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdhWBBo7H
9ZSNJ6d0WC1aaU6myATf76SsEENxM98Mk+yYv7ZUqW9G1Nr4wLroC2KzN7T6s2Og
9gOVNshwL6cJKuQ/rCdcsewjtvTzfUd+nZoHkCexcfVsoB5Adg74U32/4u2cTKad
cSpYXq7MbZRzoFY3Ka7eHBHeP3+VjJW7f9UIg2Ikd/WPhWqjqBxVWaUjxZF3pPVP
ELZ2U1yz/MOzGTBT5e4nfSPeClM83i4W7dG4YfePLtpBZjHi6Egij3fV3CI318fh
59MEEjDnEenQJ7ibdtpizumEWoQLezE/Ty38cQG73QFN7gakEqYw4ZqD9q2VsNvw
r8BORxcG//GOvw==
-----END CERTIFICATE-----