Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/c301fb-3174-45c3-a447-a7fcfb529dc7/1/gMez3pa5HtxunIXZ1aZoQZIDtfU.mft
File:                     gMez3pa5HtxunIXZ1aZoQZIDtfU.mft (raw, json)
Hash identifier:          fIramCskSowxewf5SxK8g4D0YP0+HO1nKJk3uLoHto0=
Subject key identifier:   21:BD:C6:C9:D1:75:65:B1:FA:81:C2:FC:6F:77:8A:82:58:32:FE:C1
Authority key identifier: 80:C7:B3:DE:96:B9:1E:DC:6E:9C:85:D9:D5:A6:68:41:92:03:B5:F5
Certificate issuer:       /CN=80c7b3de96b91edc6e9c85d9d5a668419203b5f5
Certificate serial:       019D37C0D4A2E4E4384F35C01CA97086B7C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gMez3pa5HtxunIXZ1aZoQZIDtfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/c301fb-3174-45c3-a447-a7fcfb529dc7/1/gMez3pa5HtxunIXZ1aZoQZIDtfU.mft
Manifest number:          066A
Signing time:             Sun 29 Mar 2026 04:01:17 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:17 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:17 +0000
Files and hashes:         1: gMez3pa5HtxunIXZ1aZoQZIDtfU.crl (hash: E4AGNtSYDYcu096zUQ24ofuS/YCUQcatB2vcnHjEZOA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/c301fb-3174-45c3-a447-a7fcfb529dc7/1/gMez3pa5HtxunIXZ1aZoQZIDtfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/c301fb-3174-45c3-a447-a7fcfb529dc7/1/gMez3pa5HtxunIXZ1aZoQZIDtfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gMez3pa5HtxunIXZ1aZoQZIDtfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:d4:a2:e4:e4:38:4f:35:c0:1c:a9:70:86:b7:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80c7b3de96b91edc6e9c85d9d5a668419203b5f5
        Validity
            Not Before: Mar 29 04:01:17 2026 GMT
            Not After : Mar 30 04:01:17 2026 GMT
        Subject: CN=21bdc6c9d17565b1fa81c2fc6f778a825832fec1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:2e:e7:82:80:7c:a8:a2:0a:96:a5:9a:37:4b:
                    c1:30:ec:ba:e5:81:86:cd:16:91:3f:bc:cf:4b:1a:
                    76:ce:5c:61:4a:04:cf:bd:b4:45:1d:5e:a5:3e:f0:
                    da:0a:b4:7a:c6:65:3b:7b:f3:d1:ce:68:67:73:fa:
                    7f:21:b0:99:9d:b6:3b:e5:92:30:44:4b:c4:5f:6a:
                    b9:ae:5b:4b:90:b4:bf:cf:38:06:ba:65:f5:34:43:
                    c2:ce:05:5b:0d:34:ba:dc:59:eb:cc:74:bf:8b:86:
                    a2:7f:29:48:40:69:7b:01:66:c8:00:8f:7a:47:0a:
                    e9:76:79:c8:f3:d1:ab:85:6f:7e:03:81:56:93:77:
                    3e:d9:26:a4:4d:b6:be:22:c8:a5:53:96:d7:d5:62:
                    48:39:32:38:ff:9f:e9:eb:10:56:ea:35:4e:0d:9a:
                    7d:fe:10:9a:e1:8d:29:3c:52:be:04:df:7b:ea:e5:
                    80:49:1c:51:ef:4e:7a:b9:13:19:82:1b:a5:e0:35:
                    c9:3d:c3:e8:a2:4f:16:58:7c:06:75:89:b6:7e:13:
                    30:26:77:e2:ba:e0:64:bb:b8:4d:89:e5:7e:08:26:
                    c5:3e:92:75:9d:23:49:c8:26:c7:a7:6e:92:fa:fb:
                    2e:a3:05:9a:be:90:21:08:a0:69:7a:6e:cf:a3:9d:
                    f5:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:BD:C6:C9:D1:75:65:B1:FA:81:C2:FC:6F:77:8A:82:58:32:FE:C1
            X509v3 Authority Key Identifier:
                keyid:80:C7:B3:DE:96:B9:1E:DC:6E:9C:85:D9:D5:A6:68:41:92:03:B5:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gMez3pa5HtxunIXZ1aZoQZIDtfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c301fb-3174-45c3-a447-a7fcfb529dc7/1/gMez3pa5HtxunIXZ1aZoQZIDtfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c301fb-3174-45c3-a447-a7fcfb529dc7/1/gMez3pa5HtxunIXZ1aZoQZIDtfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:44:c4:cd:a8:5d:f3:8e:27:91:18:73:72:08:51:4f:e0:48:
         b8:92:0c:82:83:cd:3c:de:d2:bf:47:aa:44:48:f0:03:00:04:
         36:4c:96:62:97:6b:a1:82:a1:eb:17:40:ed:13:91:93:bc:f2:
         9b:25:5b:9c:22:b9:a1:87:d0:51:fe:e2:39:7b:7d:ef:05:fe:
         ec:f0:2e:21:4b:88:50:fb:fa:1e:ff:11:a6:4c:c1:6a:18:5d:
         33:35:30:e2:5f:85:4a:4b:c4:29:88:80:2f:ab:86:7f:3a:d1:
         01:5d:15:ea:31:69:25:de:ad:4c:22:40:2b:cd:ea:b5:d0:b9:
         ab:d2:d5:35:ee:c0:68:34:21:24:c7:69:ba:b4:98:f7:2b:ec:
         d3:d8:d0:7c:ee:47:ba:3e:66:d8:f1:7b:6e:89:90:ab:d4:84:
         b7:a6:6c:17:90:72:bc:40:42:a2:bf:dd:59:02:cf:30:88:f4:
         22:c2:e7:16:69:8e:46:3f:92:9a:71:ac:4c:f3:ed:b0:0b:fc:
         ae:af:47:40:5f:ac:ef:bd:d0:f3:1c:08:12:86:26:06:56:0b:
         f0:41:aa:2b:39:15:d0:a1:58:b0:85:53:b1:f7:97:6b:a1:74:
         0a:bf:02:a6:30:d0:2d:27:0b:bc:0a:2a:58:a9:e9:68:04:cd:
         90:06:aa:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wNSi5OQ4TzXAHKlwhrfEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYzdiM2RlOTZiOTFlZGM2ZTljODVkOWQ1YTY2ODQxOTIw
M2I1ZjUwHhcNMjYwMzI5MDQwMTE3WhcNMjYwMzMwMDQwMTE3WjAzMTEwLwYDVQQD
EygyMWJkYzZjOWQxNzU2NWIxZmE4MWMyZmM2Zjc3OGE4MjU4MzJmZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3S7ngoB8qKIKlqWaN0vBMOy65YGG
zRaRP7zPSxp2zlxhSgTPvbRFHV6lPvDaCrR6xmU7e/PRzmhnc/p/IbCZnbY75ZIw
REvEX2q5rltLkLS/zzgGumX1NEPCzgVbDTS63FnrzHS/i4aifylIQGl7AWbIAI96
RwrpdnnI89GrhW9+A4FWk3c+2SakTba+IsilU5bX1WJIOTI4/5/p6xBW6jVODZp9
/hCa4Y0pPFK+BN976uWASRxR7056uRMZghul4DXJPcPook8WWHwGdYm2fhMwJnfi
uuBku7hNieV+CCbFPpJ1nSNJyCbHp26S+vsuowWavpAhCKBpem7Po531/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCG9xsnRdWWx+oHC/G93ioJYMv7BMB8GA1UdIwQY
MBaAFIDHs96WuR7cbpyF2dWmaEGSA7X1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ01lejNwYTVIdHh1bklYWjFhWm9RWklEdGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jMzAxZmItMzE3NC00NWMzLWE0NDct
YTdmY2ZiNTI5ZGM3LzEvZ01lejNwYTVIdHh1bklYWjFhWm9RWklEdGZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jMzAxZmItMzE3NC00NWMzLWE0NDctYTdmY2ZiNTI5ZGM3
LzEvZ01lejNwYTVIdHh1bklYWjFhWm9RWklEdGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU0TEzahd
844nkRhzcghRT+BIuJIMgoPNPN7Sv0eqREjwAwAENkyWYpdroYKh6xdA7RORk7zy
myVbnCK5oYfQUf7iOXt97wX+7PAuIUuIUPv6Hv8RpkzBahhdMzUw4l+FSkvEKYiA
L6uGfzrRAV0V6jFpJd6tTCJAK83qtdC5q9LVNe7AaDQhJMdpurSY9yvs09jQfO5H
uj5m2PF7bomQq9SEt6ZsF5ByvEBCor/dWQLPMIj0IsLnFmmORj+SmnGsTPPtsAv8
rq9HQF+s773Q8xwIEoYmBlYL8EGqKzkV0KFYsIVTsfeXa6F0Cr8CpjDQLScLvAoq
WKnpaATNkAaqng==
-----END CERTIFICATE-----