Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
File:                     1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft (raw, json)
Hash identifier:          T64qsq5RiWYChEWrJItzMDBRlRcvZUXlHFOBZEQNPgE=
Subject key identifier:   BF:5D:84:C9:04:86:17:A3:D6:C4:9D:39:02:73:96:7C:E9:EC:FE:4A
Authority key identifier: D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21
Certificate issuer:       /CN=d60ce3443860a7f70d43350776909a4810a48621
Certificate serial:       019E2F96707E8B0E72C6D9736F38A0A87D1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
Manifest number:          0E54
Signing time:             Sat 16 May 2026 07:00:48 +0000
Manifest this update:     Sat 16 May 2026 07:00:48 +0000
Manifest next update:     Sun 17 May 2026 07:00:48 +0000
Files and hashes:         1: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl (hash: EwFx50C3aTANQ9elpNBxS42R4DcF2fTqROoZMMPDJNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:70:7e:8b:0e:72:c6:d9:73:6f:38:a0:a8:7d:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60ce3443860a7f70d43350776909a4810a48621
        Validity
            Not Before: May 16 07:00:48 2026 GMT
            Not After : May 17 07:00:48 2026 GMT
        Subject: CN=bf5d84c9048617a3d6c49d390273967ce9ecfe4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:51:7b:9a:df:24:16:ec:88:5b:a2:ca:b6:58:
                    a1:f1:03:44:35:cb:b7:29:6e:ee:29:e6:a5:a8:88:
                    a5:85:bf:7b:9c:bf:ec:5f:b6:59:b3:e0:78:86:69:
                    b4:b4:bc:5a:51:6e:08:21:bb:ee:1b:9d:42:75:77:
                    3b:31:cf:35:e0:45:42:ce:46:d0:2e:d9:60:96:48:
                    13:26:ee:56:cc:07:28:f2:e6:04:fe:1e:45:b9:0c:
                    b4:61:39:c6:92:a5:5f:58:ba:9e:a7:3f:21:d4:ac:
                    74:6b:e3:b7:10:34:20:4a:72:b6:47:a7:2d:f1:22:
                    ae:7a:4f:eb:cf:b9:97:23:36:a7:da:54:5d:52:80:
                    9d:81:9e:ee:77:ea:fa:90:fb:23:5d:be:61:5a:85:
                    45:88:ed:6b:a6:c8:72:dc:f3:7c:a1:b1:5c:9b:03:
                    1b:96:0d:8e:91:67:f4:8b:f5:4d:f5:b9:fb:fc:bc:
                    5a:e3:f4:b7:a7:24:68:78:17:9f:42:62:0e:64:f8:
                    55:a1:c2:89:56:d1:3d:77:fe:7d:08:ca:94:3c:1a:
                    c7:3f:a8:fd:f2:64:47:f5:e3:f3:d7:43:26:f0:9f:
                    e2:ed:3b:5b:5c:aa:27:ac:57:f4:e9:47:14:fa:c3:
                    03:5d:f3:b6:90:42:7f:f3:75:e4:a1:29:b6:c7:2b:
                    40:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:5D:84:C9:04:86:17:A3:D6:C4:9D:39:02:73:96:7C:E9:EC:FE:4A
            X509v3 Authority Key Identifier:
                keyid:D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:6d:a5:b7:ac:c7:1d:a4:61:d6:7b:57:76:44:f3:6d:8e:07:
         69:1b:6b:43:74:5c:5a:e8:68:b4:0b:4d:b9:0f:11:6e:ec:94:
         30:fc:73:4a:51:50:1d:18:40:8a:24:3c:06:c4:c6:d1:49:57:
         5f:5f:27:a0:da:61:29:ff:35:9a:c2:27:c1:f1:66:79:9f:5f:
         4c:95:be:ad:05:f7:49:71:78:62:fb:ce:2e:f3:0d:bb:e3:de:
         18:5f:d0:3a:c8:f4:d9:45:12:f7:e0:b8:30:f8:a7:ee:87:47:
         f2:8e:b2:28:77:80:3d:8f:fe:93:88:be:7d:e1:0a:23:7c:cc:
         3a:41:93:49:48:de:9a:52:20:71:86:d2:85:19:c0:35:ed:c6:
         96:ed:30:d2:62:b7:f3:c2:93:2f:b0:15:ba:be:de:a8:cc:a4:
         4a:6e:72:25:a8:05:40:21:ce:cd:9d:52:de:18:1b:86:b4:d5:
         4b:3f:57:45:f9:f0:9a:70:82:71:26:d5:ea:8f:30:67:99:38:
         19:37:6e:b8:db:10:75:c5:0e:96:ac:fb:a6:38:7b:b5:56:43:
         8f:2c:86:e9:4f:00:4d:98:19:fe:6c:7e:6b:3b:15:2d:23:3a:
         38:ce:35:d0:79:36:c2:0c:86:5b:2f:bf:f2:8b:27:33:00:82:
         43:56:48:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlnB+iw5yxtlzbzigqH0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGNlMzQ0Mzg2MGE3ZjcwZDQzMzUwNzc2OTA5YTQ4MTBh
NDg2MjEwHhcNMjYwNTE2MDcwMDQ4WhcNMjYwNTE3MDcwMDQ4WjAzMTEwLwYDVQQD
EyhiZjVkODRjOTA0ODYxN2EzZDZjNDlkMzkwMjczOTY3Y2U5ZWNmZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1F7mt8kFuyIW6LKtlih8QNENcu3
KW7uKealqIilhb97nL/sX7ZZs+B4hmm0tLxaUW4IIbvuG51CdXc7Mc814EVCzkbQ
LtlglkgTJu5WzAco8uYE/h5FuQy0YTnGkqVfWLqepz8h1Kx0a+O3EDQgSnK2R6ct
8SKuek/rz7mXIzan2lRdUoCdgZ7ud+r6kPsjXb5hWoVFiO1rpshy3PN8obFcmwMb
lg2OkWf0i/VN9bn7/Lxa4/S3pyRoeBefQmIOZPhVocKJVtE9d/59CMqUPBrHP6j9
8mRH9ePz10Mm8J/i7TtbXKonrFf06UcU+sMDXfO2kEJ/83XkoSm2xytAiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9dhMkEhhej1sSdOQJzlnzp7P5KMB8GA1UdIwQY
MBaAFNYM40Q4YKf3DUM1B3aQmkgQpIYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTct
ZGFmZmU1MmI5ZjBkLzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTctZGFmZmU1MmI5ZjBk
LzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd22lt6zH
HaRh1ntXdkTzbY4HaRtrQ3RcWuhotAtNuQ8RbuyUMPxzSlFQHRhAiiQ8BsTG0UlX
X18noNphKf81msInwfFmeZ9fTJW+rQX3SXF4YvvOLvMNu+PeGF/QOsj02UUS9+C4
MPin7odH8o6yKHeAPY/+k4i+feEKI3zMOkGTSUjemlIgcYbShRnANe3Glu0w0mK3
88KTL7AVur7eqMykSm5yJagFQCHOzZ1S3hgbhrTVSz9XRfnwmnCCcSbV6o8wZ5k4
GTduuNsQdcUOlqz7pjh7tVZDjyyG6U8ATZgZ/mx+azsVLSM6OM410Hk2wgyGWy+/
8osnMwCCQ1ZIxg==
-----END CERTIFICATE-----