Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.mft
File:                     g8t2BW38QWNCZu0C0GkCA6dUoXs.mft (raw, json)
Hash identifier:          HjPsFbwugCELk2V9+6PCyxGzuviMZ0GYJIJ4ccyBXDM=
Subject key identifier:   68:29:DC:28:8E:BC:23:A6:7D:B5:15:A5:FD:A8:2F:FB:B1:94:D6:45
Authority key identifier: 83:CB:76:05:6D:FC:41:63:42:66:ED:02:D0:69:02:03:A7:54:A1:7B
Certificate issuer:       /CN=83cb76056dfc41634266ed02d0690203a754a17b
Certificate serial:       019D3865B6979CB47ABC4B0C970494D95233
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g8t2BW38QWNCZu0C0GkCA6dUoXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.mft
Manifest number:          0343
Signing time:             Sun 29 Mar 2026 07:01:23 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:23 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:23 +0000
Files and hashes:         1: g8t2BW38QWNCZu0C0GkCA6dUoXs.crl (hash: DNf2iFTOxSGVIZVTgzaaZiFvgjDFSUTG/78EPc3Vo0c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g8t2BW38QWNCZu0C0GkCA6dUoXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:b6:97:9c:b4:7a:bc:4b:0c:97:04:94:d9:52:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83cb76056dfc41634266ed02d0690203a754a17b
        Validity
            Not Before: Mar 29 07:01:23 2026 GMT
            Not After : Mar 30 07:01:23 2026 GMT
        Subject: CN=6829dc288ebc23a67db515a5fda82ffbb194d645
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7e:1a:8f:f2:34:18:8b:c1:fe:96:44:7e:21:
                    4c:02:76:3b:e9:75:93:f6:b3:19:c7:3f:fa:7c:ae:
                    79:cb:48:d7:b5:1d:b6:11:14:0c:d3:21:5d:04:56:
                    66:8c:96:69:e2:1f:d1:73:a4:3e:ba:b0:51:87:11:
                    fa:81:e7:e2:cb:c4:22:a0:52:4a:aa:79:74:ad:35:
                    56:22:5c:fa:13:a2:46:45:64:03:f4:e0:2e:29:3b:
                    3d:43:f0:79:2d:5c:4d:bc:92:ab:2e:31:c4:7e:21:
                    c0:75:40:c8:3d:41:dc:3c:48:c0:c6:3d:c1:1a:6e:
                    11:21:c6:32:70:1a:cd:39:96:09:fa:ae:fc:c5:ec:
                    d3:c3:c5:31:cc:4e:06:94:c2:5e:e4:a1:df:d8:fd:
                    0f:94:53:29:57:9b:81:3b:82:d4:74:6f:87:05:ec:
                    9b:c2:96:ff:55:44:81:3c:63:35:31:45:4f:ee:f1:
                    2a:e1:ca:86:d2:8c:61:6c:7f:e8:8e:e5:94:45:69:
                    1f:4d:0d:ad:de:c8:fb:5f:b0:02:0a:d5:2c:09:73:
                    b7:6e:db:ae:da:16:0f:96:d7:83:da:36:8f:70:cd:
                    5c:52:df:26:ab:b4:1b:5c:a9:de:15:8f:df:98:6b:
                    3f:46:8c:db:51:f5:e3:e4:ca:51:79:3a:ba:cb:82:
                    91:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:29:DC:28:8E:BC:23:A6:7D:B5:15:A5:FD:A8:2F:FB:B1:94:D6:45
            X509v3 Authority Key Identifier:
                keyid:83:CB:76:05:6D:FC:41:63:42:66:ED:02:D0:69:02:03:A7:54:A1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8t2BW38QWNCZu0C0GkCA6dUoXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:28:30:79:b7:62:ae:7c:c7:89:c2:26:22:54:4a:44:bf:6c:
         d8:19:59:05:75:78:f5:9c:95:e6:5e:dd:9b:cd:93:91:fe:86:
         7b:92:54:99:71:e7:ed:ca:fa:b6:1b:45:49:d4:2d:a8:da:3c:
         cc:21:2e:c4:a0:a6:90:3d:ed:17:34:8a:be:f1:a0:3d:67:2b:
         75:64:c6:e5:cb:03:e2:1c:1d:38:f3:24:72:93:49:72:ac:d4:
         30:1d:50:ce:86:e2:54:2d:ef:79:41:4c:71:6c:23:09:86:62:
         26:1a:9e:aa:b3:b8:03:f8:b6:69:65:48:09:d9:b1:84:86:b4:
         2e:96:76:35:33:7d:9c:22:06:6e:d4:88:35:37:26:0f:77:49:
         38:d0:b8:b1:7d:20:b3:7e:de:ac:e3:6a:34:79:7e:08:b0:d6:
         31:ef:6d:e9:49:b8:4c:9b:ea:c4:93:fd:bc:a8:24:10:1a:82:
         67:ab:3d:67:9b:51:56:2b:7f:86:8c:5c:7e:0a:fa:86:97:9e:
         95:dd:93:4b:aa:84:d0:a4:fe:3e:90:fb:ee:ac:90:35:88:56:
         9a:71:10:20:5d:13:73:17:a5:db:7e:f9:7d:4b:5a:4c:ed:d2:
         4b:af:08:a4:c9:e0:dc:32:3b:8b:4e:23:2f:a3:b4:47:a4:26:
         83:9b:a4:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZbaXnLR6vEsMlwSU2VIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzY2I3NjA1NmRmYzQxNjM0MjY2ZWQwMmQwNjkwMjAzYTc1
NGExN2IwHhcNMjYwMzI5MDcwMTIzWhcNMjYwMzMwMDcwMTIzWjAzMTEwLwYDVQQD
Eyg2ODI5ZGMyODhlYmMyM2E2N2RiNTE1YTVmZGE4MmZmYmIxOTRkNjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy34aj/I0GIvB/pZEfiFMAnY76XWT
9rMZxz/6fK55y0jXtR22ERQM0yFdBFZmjJZp4h/Rc6Q+urBRhxH6gefiy8QioFJK
qnl0rTVWIlz6E6JGRWQD9OAuKTs9Q/B5LVxNvJKrLjHEfiHAdUDIPUHcPEjAxj3B
Gm4RIcYycBrNOZYJ+q78xezTw8UxzE4GlMJe5KHf2P0PlFMpV5uBO4LUdG+HBeyb
wpb/VUSBPGM1MUVP7vEq4cqG0oxhbH/ojuWURWkfTQ2t3sj7X7ACCtUsCXO3btuu
2hYPlteD2jaPcM1cUt8mq7QbXKneFY/fmGs/RozbUfXj5MpReTq6y4KRgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgp3CiOvCOmfbUVpf2oL/uxlNZFMB8GA1UdIwQY
MBaAFIPLdgVt/EFjQmbtAtBpAgOnVKF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzh0MkJXMzhRV05DWnUwQzBHa0NBNmRVb1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81ZWJmNTAtZGVhMy00Nzc4LTg5MjMt
ZGZlZjFkMmI2NjljLzEvZzh0MkJXMzhRV05DWnUwQzBHa0NBNmRVb1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81ZWJmNTAtZGVhMy00Nzc4LTg5MjMtZGZlZjFkMmI2Njlj
LzEvZzh0MkJXMzhRV05DWnUwQzBHa0NBNmRVb1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALygwebdi
rnzHicImIlRKRL9s2BlZBXV49ZyV5l7dm82Tkf6Ge5JUmXHn7cr6thtFSdQtqNo8
zCEuxKCmkD3tFzSKvvGgPWcrdWTG5csD4hwdOPMkcpNJcqzUMB1QzobiVC3veUFM
cWwjCYZiJhqeqrO4A/i2aWVICdmxhIa0LpZ2NTN9nCIGbtSINTcmD3dJONC4sX0g
s37erONqNHl+CLDWMe9t6Um4TJvqxJP9vKgkEBqCZ6s9Z5tRVit/hoxcfgr6hpee
ld2TS6qE0KT+PpD77qyQNYhWmnEQIF0Tcxel2375fUtaTO3SS68IpMng3DI7i04j
L6O0R6Qmg5ukEQ==
-----END CERTIFICATE-----