Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
File:                     gU3w5sDcpazuCDqMcwTUXz0z1W0.mft (raw, json)
Hash identifier:          cnSbh9M+vxP/fFehoRkNCho2NPTslwE+Kg1Bx0HCDgs=
Subject key identifier:   D1:E8:3B:D8:0C:2E:09:79:F7:0E:07:2B:D1:F6:4D:CD:51:EE:49:F1
Authority key identifier: 81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D
Certificate issuer:       /CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
Certificate serial:       019D3A5465E9FE49FCA5B5F56A62B6D44DE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
Manifest number:          0F70
Signing time:             Sun 29 Mar 2026 16:01:42 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:42 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:42 +0000
Files and hashes:         1: gU3w5sDcpazuCDqMcwTUXz0z1W0.crl (hash: KkYIV2b9Fd7sVaLzuDlLciQmPrt1bMs5gQ+e4XucJ/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:65:e9:fe:49:fc:a5:b5:f5:6a:62:b6:d4:4d:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
        Validity
            Not Before: Mar 29 16:01:42 2026 GMT
            Not After : Mar 30 16:01:42 2026 GMT
        Subject: CN=d1e83bd80c2e0979f70e072bd1f64dcd51ee49f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:21:0c:ec:c6:a4:46:a3:4c:e9:43:48:32:7d:
                    5b:36:a0:83:1f:4f:cc:dc:d1:33:04:40:41:c4:d8:
                    6f:2b:33:5c:08:06:0f:73:02:cb:ef:44:01:4d:be:
                    bc:4a:1f:8e:07:93:dc:00:5c:e6:a7:c8:a4:ba:ab:
                    5b:2c:26:13:1a:8a:a7:9e:fc:ec:df:6f:74:0f:10:
                    7f:86:9c:83:b1:a7:1f:ab:e2:9e:12:db:76:e1:41:
                    3e:06:fe:64:d0:7f:0a:10:c9:5f:e2:dc:9a:ed:d6:
                    25:0c:39:22:84:1c:90:c3:60:84:b9:a4:fe:9f:1f:
                    ed:03:fb:9e:36:e1:b1:00:36:e2:44:51:09:a5:14:
                    fb:01:72:bb:3e:af:20:02:61:09:f1:10:31:fd:97:
                    28:3d:64:7f:71:d6:51:5c:20:f0:3b:9f:23:ed:56:
                    56:45:91:35:3e:87:c6:cb:2a:6a:06:8e:6a:b2:0f:
                    cf:36:8d:8b:8b:02:5c:20:d6:72:e2:52:23:ec:95:
                    ea:7d:27:33:78:70:9f:b8:a8:a5:4b:7f:11:ca:cb:
                    ca:ec:63:bc:05:46:a7:b8:66:c1:24:37:84:19:6f:
                    0d:96:9c:dd:25:e3:7f:50:74:ea:4c:56:ad:8f:dc:
                    c8:fb:61:65:78:c6:62:ae:3b:2d:90:77:fa:60:82:
                    8a:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:E8:3B:D8:0C:2E:09:79:F7:0E:07:2B:D1:F6:4D:CD:51:EE:49:F1
            X509v3 Authority Key Identifier:
                keyid:81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:54:e5:40:ae:f2:e7:63:d1:43:06:bc:55:17:78:61:d0:cf:
         f2:21:b1:4b:8d:52:0b:20:65:f2:d8:e7:98:c6:ce:89:83:b2:
         68:b2:21:08:2e:a8:33:cf:db:c0:1a:0e:f3:56:7c:96:72:58:
         02:e3:49:26:8f:5d:17:20:25:2f:e9:5b:f3:b4:41:51:9a:86:
         be:09:78:ef:16:a6:ac:e7:b1:dc:76:8d:3b:a1:d7:17:cc:60:
         59:b9:45:96:d0:28:14:88:aa:c2:e8:10:14:2f:73:32:55:b2:
         a9:df:d7:98:0e:48:36:9a:a2:99:0d:a6:fa:1c:61:68:e8:c9:
         a7:d7:06:34:2e:b2:3f:99:1b:f7:20:79:d6:61:e5:de:54:f7:
         d6:09:88:56:ed:ba:7e:86:43:28:96:a2:d4:04:92:c2:7f:75:
         60:8c:a4:6e:67:8c:aa:95:2a:9c:ff:e1:58:ec:fc:ab:d0:28:
         ed:08:6b:40:ef:88:1f:cb:b2:0c:4a:dc:a0:12:d5:74:f3:e3:
         ef:ba:6c:8a:77:ef:38:3e:4d:1c:e9:69:e5:83:52:e9:63:92:
         0f:85:69:e4:14:9a:96:73:62:dd:8d:b0:3e:0d:b3:56:03:cb:
         cf:84:d0:f1:35:90:66:2f:d3:76:0b:c1:db:db:08:c9:23:f0:
         99:5a:00:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VGXp/kn8pbX1amK21E3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGRmMGU2YzBkY2E1YWNlZTA4M2E4YzczMDRkNDVmM2Qz
M2Q1NmQwHhcNMjYwMzI5MTYwMTQyWhcNMjYwMzMwMTYwMTQyWjAzMTEwLwYDVQQD
EyhkMWU4M2JkODBjMmUwOTc5ZjcwZTA3MmJkMWY2NGRjZDUxZWU0OWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySEM7MakRqNM6UNIMn1bNqCDH0/M
3NEzBEBBxNhvKzNcCAYPcwLL70QBTb68Sh+OB5PcAFzmp8ikuqtbLCYTGoqnnvzs
3290DxB/hpyDsacfq+KeEtt24UE+Bv5k0H8KEMlf4tya7dYlDDkihByQw2CEuaT+
nx/tA/ueNuGxADbiRFEJpRT7AXK7Pq8gAmEJ8RAx/ZcoPWR/cdZRXCDwO58j7VZW
RZE1PofGyypqBo5qsg/PNo2LiwJcINZy4lIj7JXqfSczeHCfuKilS38RysvK7GO8
BUanuGbBJDeEGW8NlpzdJeN/UHTqTFatj9zI+2FleMZirjstkHf6YIKKKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHoO9gMLgl59w4HK9H2Tc1R7knxMB8GA1UdIwQY
MBaAFIFN8ObA3KWs7gg6jHME1F89M9VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzIt
ZDBkMmYyY2E4Y2JjLzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzItZDBkMmYyY2E4Y2Jj
LzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOFTlQK7y
52PRQwa8VRd4YdDP8iGxS41SCyBl8tjnmMbOiYOyaLIhCC6oM8/bwBoO81Z8lnJY
AuNJJo9dFyAlL+lb87RBUZqGvgl47xamrOex3HaNO6HXF8xgWblFltAoFIiqwugQ
FC9zMlWyqd/XmA5INpqimQ2m+hxhaOjJp9cGNC6yP5kb9yB51mHl3lT31gmIVu26
foZDKJai1ASSwn91YIykbmeMqpUqnP/hWOz8q9Ao7QhrQO+IH8uyDErcoBLVdPPj
77psinfvOD5NHOlp5YNS6WOSD4Vp5BSalnNi3Y2wPg2zVgPLz4TQ8TWQZi/TdgvB
29sIySPwmVoAeA==
-----END CERTIFICATE-----