Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft
File:                     gSdW6ySj41K9bonR9aoISIlhpnQ.mft (raw, json)
Hash identifier:          rX2qUHWNEzCThcsF0t23UK6YsOIOv/0VyhYipWvQRm4=
Subject key identifier:   CE:4D:7B:24:B1:F1:F0:1A:0F:8E:36:81:9E:7E:C7:6B:C6:E2:5A:6B
Authority key identifier: 81:27:56:EB:24:A3:E3:52:BD:6E:89:D1:F5:AA:08:48:89:61:A6:74
Certificate issuer:       /CN=812756eb24a3e352bd6e89d1f5aa08488961a674
Certificate serial:       019D386639F1FF638D6BEC77DC125C81FE13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gSdW6ySj41K9bonR9aoISIlhpnQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft
Manifest number:          0BA6
Signing time:             Sun 29 Mar 2026 07:01:56 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:56 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:56 +0000
Files and hashes:         1: gSdW6ySj41K9bonR9aoISIlhpnQ.crl (hash: 0wS70orX+298wTC0eDybixcDeFFR/j8eRD9vhDSU4sE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gSdW6ySj41K9bonR9aoISIlhpnQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:39:f1:ff:63:8d:6b:ec:77:dc:12:5c:81:fe:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=812756eb24a3e352bd6e89d1f5aa08488961a674
        Validity
            Not Before: Mar 29 07:01:56 2026 GMT
            Not After : Mar 30 07:01:56 2026 GMT
        Subject: CN=ce4d7b24b1f1f01a0f8e36819e7ec76bc6e25a6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c0:8f:1f:89:19:86:5f:33:72:3d:5c:52:be:
                    17:01:08:06:e0:6e:a2:74:27:50:b0:da:b9:d7:e7:
                    6e:ab:33:b4:07:77:8c:b3:6e:a9:75:d1:2d:b1:eb:
                    88:6e:81:1f:bb:ad:92:b7:9b:80:9a:ad:53:60:8b:
                    06:5a:5e:24:83:e3:c9:e0:b4:b3:0e:a0:ef:a5:61:
                    50:63:bc:2f:e9:dc:ff:54:6b:0e:05:d8:25:d5:2f:
                    e2:48:ef:c9:7a:c6:50:3b:82:ed:8a:d1:b4:5b:ef:
                    a9:0b:5a:2d:e6:13:a2:5f:6b:c3:f7:5a:04:4c:21:
                    df:7d:19:ea:5d:aa:75:d5:e2:50:90:1e:e4:6b:6d:
                    33:fc:b2:f4:bc:2a:e2:96:12:b4:c3:b4:c2:8a:20:
                    67:c0:85:0f:b0:79:8e:e2:f8:9f:38:6d:b0:76:47:
                    2f:79:58:6a:55:fb:d1:11:2b:44:6d:b0:39:65:cc:
                    41:4a:ab:a0:70:db:d4:cd:a8:46:b1:36:42:d8:e2:
                    3e:41:52:62:29:11:ef:3d:45:d0:69:f9:7b:52:bc:
                    37:dc:c1:ab:a1:6f:70:42:b3:66:db:7c:08:a8:7e:
                    4d:25:b4:77:01:1c:4b:77:36:ed:a0:ef:41:c4:50:
                    a2:69:97:2c:e7:8c:42:f3:f1:ab:3f:1e:72:66:4c:
                    12:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:4D:7B:24:B1:F1:F0:1A:0F:8E:36:81:9E:7E:C7:6B:C6:E2:5A:6B
            X509v3 Authority Key Identifier:
                keyid:81:27:56:EB:24:A3:E3:52:BD:6E:89:D1:F5:AA:08:48:89:61:A6:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gSdW6ySj41K9bonR9aoISIlhpnQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:85:0c:43:17:fd:3d:7f:eb:43:a4:65:58:90:72:d7:bc:9a:
         cb:38:04:24:b5:26:28:cf:b6:c2:af:c6:c7:37:16:0d:dc:81:
         a8:dd:96:66:b9:2c:9d:f3:0c:67:15:2e:e9:52:ba:c8:be:01:
         3a:eb:ed:8d:ef:0d:2e:4b:2e:2c:5d:2e:64:33:65:e3:a6:c5:
         e1:ec:5c:2b:f3:9a:fd:af:d6:56:9d:3c:82:1c:3d:7d:1a:8b:
         5c:f1:d8:94:bd:22:f8:9d:ee:24:64:63:ef:12:88:78:3b:8a:
         49:88:84:2e:d2:75:45:74:31:31:a6:db:4a:fe:90:cd:f4:7f:
         49:cc:ad:09:61:27:53:ef:18:46:22:01:e9:db:f7:2b:ae:64:
         fb:70:f8:39:d1:06:e4:6c:15:fd:e0:72:ac:b9:fe:88:65:18:
         95:ac:a6:32:4a:58:b7:a8:3a:72:49:3f:d6:c4:8b:ed:00:15:
         04:8f:bb:a2:e9:8d:63:0e:93:f2:3c:e5:51:73:de:2b:79:ff:
         35:22:58:7f:30:d3:95:ac:46:df:2e:ea:4a:7a:b7:2e:9d:96:
         1d:1e:51:21:0f:57:8e:4d:bb:59:44:1b:e0:2f:08:25:85:0c:
         3b:13:98:0c:c9:cb:97:37:06:18:26:6b:ea:a1:be:9a:4d:44:
         b6:9c:d3:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zjnx/2ONa+x33BJcgf4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMjc1NmViMjRhM2UzNTJiZDZlODlkMWY1YWEwODQ4ODk2
MWE2NzQwHhcNMjYwMzI5MDcwMTU2WhcNMjYwMzMwMDcwMTU2WjAzMTEwLwYDVQQD
EyhjZTRkN2IyNGIxZjFmMDFhMGY4ZTM2ODE5ZTdlYzc2YmM2ZTI1YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8CPH4kZhl8zcj1cUr4XAQgG4G6i
dCdQsNq51+duqzO0B3eMs26pddEtseuIboEfu62St5uAmq1TYIsGWl4kg+PJ4LSz
DqDvpWFQY7wv6dz/VGsOBdgl1S/iSO/JesZQO4LtitG0W++pC1ot5hOiX2vD91oE
TCHffRnqXap11eJQkB7ka20z/LL0vCrilhK0w7TCiiBnwIUPsHmO4vifOG2wdkcv
eVhqVfvREStEbbA5ZcxBSqugcNvUzahGsTZC2OI+QVJiKRHvPUXQafl7Urw33MGr
oW9wQrNm23wIqH5NJbR3ARxLdzbtoO9BxFCiaZcs54xC8/GrPx5yZkwSPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5NeySx8fAaD442gZ5+x2vG4lprMB8GA1UdIwQY
MBaAFIEnVusko+NSvW6J0fWqCEiJYaZ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1NkVzZ5U2o0MUs5Ym9uUjlhb0lTSWxocG5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iYTY2MzQtZTkxNS00MDM2LWE5OTct
NmQ1MjFiYzQ3NGY0LzEvZ1NkVzZ5U2o0MUs5Ym9uUjlhb0lTSWxocG5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iYTY2MzQtZTkxNS00MDM2LWE5OTctNmQ1MjFiYzQ3NGY0
LzEvZ1NkVzZ5U2o0MUs5Ym9uUjlhb0lTSWxocG5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgYUMQxf9
PX/rQ6RlWJBy17yayzgEJLUmKM+2wq/GxzcWDdyBqN2WZrksnfMMZxUu6VK6yL4B
Ouvtje8NLksuLF0uZDNl46bF4excK/Oa/a/WVp08ghw9fRqLXPHYlL0i+J3uJGRj
7xKIeDuKSYiELtJ1RXQxMabbSv6QzfR/ScytCWEnU+8YRiIB6dv3K65k+3D4OdEG
5GwV/eByrLn+iGUYlaymMkpYt6g6ckk/1sSL7QAVBI+7oumNYw6T8jzlUXPeK3n/
NSJYfzDTlaxG3y7qSnq3Lp2WHR5RIQ9Xjk27WUQb4C8IJYUMOxOYDMnLlzcGGCZr
6qG+mk1EtpzTdw==
-----END CERTIFICATE-----