Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.mft
File:                     Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.mft (raw, json)
Hash identifier:          xqJftR/Kvd7BW/44JgTwtTXJciZZxel/5BwK4yPq8gw=
Subject key identifier:   56:F4:DD:CD:35:61:ED:72:38:92:DF:37:24:8F:A9:D0:A7:C0:D8:09
Authority key identifier: 19:A7:F2:DC:C2:B1:A9:F5:7C:1D:B0:09:E6:08:DA:4A:94:FC:65:78
Certificate issuer:       /CN=19a7f2dcc2b1a9f57c1db009e608da4a94fc6578
Certificate serial:       019D37898CE561CB55B27B8BC04580923F76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.mft
Manifest number:          011C
Signing time:             Sun 29 Mar 2026 03:00:54 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:54 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:54 +0000
Files and hashes:         1: Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.crl (hash: bOLWwStJFiCe7rTaX/1p/iEGJhHM1mli4nrL854mS74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:8c:e5:61:cb:55:b2:7b:8b:c0:45:80:92:3f:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19a7f2dcc2b1a9f57c1db009e608da4a94fc6578
        Validity
            Not Before: Mar 29 03:00:54 2026 GMT
            Not After : Mar 30 03:00:54 2026 GMT
        Subject: CN=56f4ddcd3561ed723892df37248fa9d0a7c0d809
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:6f:b8:0d:d6:6d:33:93:8a:16:25:96:ce:ac:
                    f0:cb:9d:55:51:a2:37:2d:67:a8:86:52:e6:96:dd:
                    97:52:db:34:fd:d0:dd:2f:31:9f:bc:1f:48:b4:95:
                    00:7b:32:51:ab:a6:99:81:5f:a0:56:c5:4d:18:4d:
                    63:fb:b2:a2:83:a2:41:25:c2:e7:b8:74:a8:8a:ed:
                    cd:4a:a1:99:7d:bd:34:bf:12:b9:9d:36:5c:c6:15:
                    53:ee:5a:53:4a:e1:11:78:fe:1f:31:6a:9a:43:e9:
                    22:46:e0:73:8e:7e:cc:b4:11:b9:61:2f:1b:e4:73:
                    b7:69:01:f7:1e:cf:d6:e0:29:7d:43:9f:4b:87:f8:
                    7a:ca:6a:16:15:51:6a:95:c7:7e:9f:1e:e5:6b:4d:
                    da:ce:9b:22:83:b7:44:f4:a3:ed:2a:df:1e:73:5d:
                    15:43:a9:04:19:1d:3c:3c:f4:cf:1e:32:3e:e9:cd:
                    52:92:7e:80:58:ea:ce:b2:54:a4:05:13:26:87:5f:
                    af:97:1a:2a:4a:07:c8:35:26:02:2a:b6:04:dd:3e:
                    0f:f9:d4:b9:f1:3e:58:d7:92:f3:b2:be:39:c1:50:
                    88:ae:69:6a:0b:d9:92:94:70:32:19:c5:41:04:55:
                    53:b9:72:98:6e:f6:10:03:68:78:94:d6:bd:d2:08:
                    93:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:F4:DD:CD:35:61:ED:72:38:92:DF:37:24:8F:A9:D0:A7:C0:D8:09
            X509v3 Authority Key Identifier:
                keyid:19:A7:F2:DC:C2:B1:A9:F5:7C:1D:B0:09:E6:08:DA:4A:94:FC:65:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:fd:d5:03:9c:56:ca:28:09:bf:2f:13:05:0e:d0:cb:5b:d6:
         c3:10:a2:ac:fb:df:99:1b:13:d3:87:85:1c:83:f1:21:b7:1a:
         c6:0b:22:e1:4d:f8:ec:90:3d:47:58:78:d0:f2:06:7d:9d:ba:
         a2:63:82:1c:46:7c:d3:65:70:be:6c:ef:8e:a9:65:13:64:44:
         d1:33:46:99:e7:a5:f0:a9:66:c5:6e:1c:46:7c:e3:15:12:34:
         2e:e2:9f:48:f8:a9:40:d3:a7:d0:cc:16:03:9a:9a:3a:d9:80:
         b7:cd:20:da:4c:ba:d1:80:96:64:ca:99:75:9f:31:d6:7e:bc:
         2b:53:54:78:7b:d1:37:61:c7:0f:3e:b0:8d:c2:32:1f:43:35:
         2d:13:e0:2d:7f:22:55:bd:2b:25:0d:5e:23:7b:99:d6:ff:7f:
         9c:b5:f0:26:cf:ea:7c:29:5d:f1:70:5c:67:0d:24:74:21:ad:
         47:b3:4a:33:fc:ee:83:76:be:54:45:6b:4e:db:60:5d:05:0e:
         63:ce:cf:93:5b:7c:d3:1e:47:94:4f:4f:fe:55:bf:59:9f:8f:
         ff:00:e8:d0:d1:9c:d9:4c:da:47:27:94:c2:00:97:51:36:bf:
         fd:97:37:46:ad:8f:ae:6a:f1:80:e5:fd:a5:40:b8:39:64:83:
         f0:b2:20:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iYzlYctVsnuLwEWAkj92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTdmMmRjYzJiMWE5ZjU3YzFkYjAwOWU2MDhkYTRhOTRm
YzY1NzgwHhcNMjYwMzI5MDMwMDU0WhcNMjYwMzMwMDMwMDU0WjAzMTEwLwYDVQQD
Eyg1NmY0ZGRjZDM1NjFlZDcyMzg5MmRmMzcyNDhmYTlkMGE3YzBkODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm+4DdZtM5OKFiWWzqzwy51VUaI3
LWeohlLmlt2XUts0/dDdLzGfvB9ItJUAezJRq6aZgV+gVsVNGE1j+7Kig6JBJcLn
uHSoiu3NSqGZfb00vxK5nTZcxhVT7lpTSuEReP4fMWqaQ+kiRuBzjn7MtBG5YS8b
5HO3aQH3Hs/W4Cl9Q59Lh/h6ymoWFVFqlcd+nx7la03azpsig7dE9KPtKt8ec10V
Q6kEGR08PPTPHjI+6c1Skn6AWOrOslSkBRMmh1+vlxoqSgfINSYCKrYE3T4P+dS5
8T5Y15Lzsr45wVCIrmlqC9mSlHAyGcVBBFVTuXKYbvYQA2h4lNa90giT8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFb03c01Ye1yOJLfNySPqdCnwNgJMB8GA1UdIwQY
MBaAFBmn8tzCsan1fB2wCeYI2kqU/GV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FmeTNNS3hxZlY4SGJBSjVnamFTcFQ4WlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zZjFkNTYtODAwNi00OTdkLWFmN2Mt
YjI3Yzg0NmUwZGM1LzEvR2FmeTNNS3hxZlY4SGJBSjVnamFTcFQ4WlhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zZjFkNTYtODAwNi00OTdkLWFmN2MtYjI3Yzg0NmUwZGM1
LzEvR2FmeTNNS3hxZlY4SGJBSjVnamFTcFQ4WlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAP3VA5xW
yigJvy8TBQ7Qy1vWwxCirPvfmRsT04eFHIPxIbcaxgsi4U347JA9R1h40PIGfZ26
omOCHEZ802VwvmzvjqllE2RE0TNGmeel8KlmxW4cRnzjFRI0LuKfSPipQNOn0MwW
A5qaOtmAt80g2ky60YCWZMqZdZ8x1n68K1NUeHvRN2HHDz6wjcIyH0M1LRPgLX8i
Vb0rJQ1eI3uZ1v9/nLXwJs/qfCld8XBcZw0kdCGtR7NKM/zug3a+VEVrTttgXQUO
Y87Pk1t80x5HlE9P/lW/WZ+P/wDo0NGc2UzaRyeUwgCXUTa//Zc3Rq2PrmrxgOX9
pUC4OWSD8LIgHg==
-----END CERTIFICATE-----