Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
File:                     gAVnqlixEmbTjGRvpkc_VEk3fE0.mft (raw, json)
Hash identifier:          ZH2u3tj7r1HuhUMMpRZaoO5rHgYZCq4MlrMKHEhDzGQ=
Subject key identifier:   12:81:2C:BC:AE:26:EF:33:A4:EB:7E:2D:68:1D:EF:0C:64:28:64:7B
Authority key identifier: 80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D
Certificate issuer:       /CN=800567aa58b11266d38c646fa6473f5449377c4d
Certificate serial:       019D3789B2EC6AD83D4F1E1DA62D260C8DF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
Manifest number:          0346
Signing time:             Sun 29 Mar 2026 03:01:04 +0000
Manifest this update:     Sun 29 Mar 2026 03:01:04 +0000
Manifest next update:     Mon 30 Mar 2026 03:01:04 +0000
Files and hashes:         1: gAVnqlixEmbTjGRvpkc_VEk3fE0.crl (hash: Do+AMWK/5AwsjrOnS0+Cz5Hc0ArpJnqtV3ftUe7mJak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:b2:ec:6a:d8:3d:4f:1e:1d:a6:2d:26:0c:8d:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=800567aa58b11266d38c646fa6473f5449377c4d
        Validity
            Not Before: Mar 29 03:01:04 2026 GMT
            Not After : Mar 30 03:01:04 2026 GMT
        Subject: CN=12812cbcae26ef33a4eb7e2d681def0c6428647b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9a:7a:e1:fc:11:d5:75:62:79:22:63:76:ba:
                    bc:70:53:eb:57:54:56:fa:33:a3:61:3d:e2:6a:71:
                    3e:74:54:5b:5f:26:be:65:9d:63:9a:71:f1:3f:71:
                    19:c9:7d:3f:3f:42:bb:ac:eb:57:62:23:48:99:48:
                    a8:03:be:c8:ec:e6:1c:8e:88:8f:df:40:18:0c:b4:
                    c2:aa:2a:f8:f8:a8:c8:9a:f0:c7:5c:e0:83:98:85:
                    4f:c2:33:5b:1b:65:a4:cc:1b:d4:5d:fa:b0:48:1e:
                    35:7b:27:4a:ee:13:c6:49:c7:55:c2:38:9b:60:a1:
                    1c:55:bc:24:24:d5:b3:6d:c0:56:a0:82:bb:2c:bc:
                    00:d8:ee:ae:74:06:23:d8:3c:65:e0:b4:39:95:bd:
                    85:23:a0:8b:6b:1a:62:1d:e6:c3:5c:fb:34:8f:a5:
                    36:e5:6f:34:a3:85:18:9b:7e:ec:5e:7f:2a:6b:c1:
                    b4:95:9a:b8:f6:3d:ff:19:10:9f:23:0e:85:f9:28:
                    c4:c0:09:f4:52:35:aa:2d:01:0e:0e:16:77:f4:af:
                    e3:aa:7d:f3:78:54:12:2c:c2:5c:8f:7d:d0:89:00:
                    fa:a8:72:7b:41:5f:90:7a:fd:bc:12:a4:e4:01:33:
                    c3:8b:9b:d1:bc:be:02:70:f4:e6:be:a0:9f:94:fe:
                    e7:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:81:2C:BC:AE:26:EF:33:A4:EB:7E:2D:68:1D:EF:0C:64:28:64:7B
            X509v3 Authority Key Identifier:
                keyid:80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:a4:b6:93:d2:ca:04:93:90:ab:cd:53:24:2b:56:f1:9b:7b:
         60:4e:ad:20:fc:51:d7:6f:dd:ab:0d:de:70:3f:b4:a1:ab:a3:
         ec:4a:6d:2f:ea:f9:b6:e7:fe:6c:de:2a:10:ce:ee:f9:82:9f:
         87:23:49:2d:3f:42:a8:8e:d1:17:2e:ef:2f:eb:8e:ba:17:bf:
         97:fa:9a:67:45:69:27:29:da:81:47:dc:6a:58:87:2e:75:c0:
         23:79:b1:23:c5:f2:76:62:c0:1a:d3:5e:05:c5:41:cc:ff:14:
         e4:11:e6:b3:02:36:25:6a:d7:9b:17:f7:aa:f2:2b:db:f7:71:
         e9:bf:36:48:0b:1b:a2:a4:e6:39:30:b6:99:79:4f:ee:e2:c5:
         71:2d:ab:4d:ac:50:a0:0d:2b:f7:b4:b6:f0:fd:17:c7:4c:81:
         fb:69:75:d5:03:3f:ad:8c:93:4c:fd:58:84:7c:36:87:08:cf:
         5e:05:c4:3c:9c:89:e1:1f:4e:58:7c:c3:9c:d5:6d:53:e9:cc:
         85:57:12:40:b2:99:7e:aa:65:0a:e4:ae:ad:72:5a:04:eb:c6:
         42:67:12:d3:f7:0b:d9:99:a0:ae:ad:f0:35:a9:dd:c0:04:0a:
         db:c6:3b:72:da:b5:a0:04:1a:62:34:3b:cc:81:ca:69:86:37:
         b5:38:a5:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03ibLsatg9Tx4dpi0mDI30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMDU2N2FhNThiMTEyNjZkMzhjNjQ2ZmE2NDczZjU0NDkz
NzdjNGQwHhcNMjYwMzI5MDMwMTA0WhcNMjYwMzMwMDMwMTA0WjAzMTEwLwYDVQQD
EygxMjgxMmNiY2FlMjZlZjMzYTRlYjdlMmQ2ODFkZWYwYzY0Mjg2NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpp64fwR1XVieSJjdrq8cFPrV1RW
+jOjYT3ianE+dFRbXya+ZZ1jmnHxP3EZyX0/P0K7rOtXYiNImUioA77I7OYcjoiP
30AYDLTCqir4+KjImvDHXOCDmIVPwjNbG2WkzBvUXfqwSB41eydK7hPGScdVwjib
YKEcVbwkJNWzbcBWoIK7LLwA2O6udAYj2Dxl4LQ5lb2FI6CLaxpiHebDXPs0j6U2
5W80o4UYm37sXn8qa8G0lZq49j3/GRCfIw6F+SjEwAn0UjWqLQEODhZ39K/jqn3z
eFQSLMJcj33QiQD6qHJ7QV+Qev28EqTkATPDi5vRvL4CcPTmvqCflP7nkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKBLLyuJu8zpOt+LWgd7wxkKGR7MB8GA1UdIwQY
MBaAFIAFZ6pYsRJm04xkb6ZHP1RJN3xNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUt
OGRkNDVkMmJjYTdhLzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUtOGRkNDVkMmJjYTdh
LzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd6S2k9LK
BJOQq81TJCtW8Zt7YE6tIPxR12/dqw3ecD+0oauj7EptL+r5tuf+bN4qEM7u+YKf
hyNJLT9CqI7RFy7vL+uOuhe/l/qaZ0VpJynagUfcaliHLnXAI3mxI8XydmLAGtNe
BcVBzP8U5BHmswI2JWrXmxf3qvIr2/dx6b82SAsboqTmOTC2mXlP7uLFcS2rTaxQ
oA0r97S28P0Xx0yB+2l11QM/rYyTTP1YhHw2hwjPXgXEPJyJ4R9OWHzDnNVtU+nM
hVcSQLKZfqplCuSurXJaBOvGQmcS0/cL2Zmgrq3wNandwAQK28Y7ctq1oAQaYjQ7
zIHKaYY3tTilaA==
-----END CERTIFICATE-----