Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
File:                     GyceKuYih3VSuJ28R016EwWEpI4.mft (raw, json)
Hash identifier:          0wGwMzA1Ht45C4P17IbZEEJfh/jr0mBVaZmPiWYJF6U=
Subject key identifier:   91:36:9C:28:CC:86:73:A5:EA:EC:03:4D:B2:B8:BF:AC:27:85:F1:82
Authority key identifier: 1B:27:1E:2A:E6:22:87:75:52:B8:9D:BC:47:4D:7A:13:05:84:A4:8E
Certificate issuer:       /CN=1b271e2ae622877552b89dbc474d7a130584a48e
Certificate serial:       019CAA58FEAFE2EA4FF9CB8CFA7557F1B6C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
Manifest number:          0C52
Signing time:             Sun 01 Mar 2026 17:01:24 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:24 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:24 +0000
Files and hashes:         1: GyceKuYih3VSuJ28R016EwWEpI4.crl (hash: xwpidBZhLuTZnR1ZWVEy8yFQvxOMkf56DF0BzeBoeC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:fe:af:e2:ea:4f:f9:cb:8c:fa:75:57:f1:b6:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b271e2ae622877552b89dbc474d7a130584a48e
        Validity
            Not Before: Mar  1 17:01:24 2026 GMT
            Not After : Mar  2 17:01:24 2026 GMT
        Subject: CN=91369c28cc8673a5eaec034db2b8bfac2785f182
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f3:0c:a4:4c:da:86:56:ff:fd:34:b7:c7:36:
                    e6:4a:b4:90:f9:22:15:06:2c:6a:5f:e4:45:3a:5b:
                    e7:69:a6:d0:c8:65:ab:ed:68:28:cf:55:92:72:95:
                    ee:0f:0e:09:d9:78:43:69:34:3e:b4:22:bf:42:9e:
                    e9:97:0d:af:1d:e1:7f:56:53:84:87:91:83:a0:c9:
                    f0:5c:db:62:d9:83:51:2a:04:79:c6:b1:b7:2f:73:
                    ee:03:a2:8e:f7:30:67:56:e5:c4:a4:69:73:76:da:
                    b3:03:66:c7:8f:43:7c:63:47:ad:64:d6:32:c8:d7:
                    bd:d4:56:a5:09:69:1e:c9:dd:05:dc:a1:28:35:31:
                    89:e2:09:e3:73:5d:61:40:2f:b4:72:3b:a0:0a:2c:
                    75:fb:2d:08:52:de:8d:77:89:cb:8f:b2:c3:05:69:
                    14:ad:a8:1f:e2:ce:63:d8:20:3a:0f:c8:38:fb:5a:
                    93:e5:0f:79:a8:37:80:94:24:ed:27:0c:ee:36:e9:
                    12:0c:9a:19:e4:03:a5:f9:ae:c4:52:d1:2d:34:78:
                    15:aa:a6:50:52:b6:1a:ba:46:4a:dc:be:4b:0c:54:
                    39:1f:d6:4c:ad:37:25:09:2e:2f:cc:6d:4e:48:bd:
                    0d:71:74:3e:92:2e:b5:51:5f:f2:ac:f4:60:ca:b6:
                    57:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:36:9C:28:CC:86:73:A5:EA:EC:03:4D:B2:B8:BF:AC:27:85:F1:82
            X509v3 Authority Key Identifier:
                keyid:1B:27:1E:2A:E6:22:87:75:52:B8:9D:BC:47:4D:7A:13:05:84:A4:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:02:a3:fa:36:40:1f:4e:eb:b6:97:2b:fd:8a:bf:a5:d3:51:
         f9:a5:40:80:ee:90:29:55:35:c3:b7:f5:7f:26:b2:66:5b:55:
         f6:26:06:85:6f:5c:b1:b6:bb:6a:bf:1d:6c:bb:34:ff:f4:d7:
         b1:4e:9d:a2:88:c6:eb:63:9f:b4:e1:d8:36:6c:e1:0c:8e:0b:
         14:02:bc:78:ca:bd:22:80:23:bf:36:f3:9e:5a:b5:5f:6a:13:
         bd:7b:c9:95:27:d8:55:f2:87:0a:46:b8:f0:b6:30:7d:55:32:
         23:d3:7d:8b:0d:b8:75:ca:34:6b:68:f8:5f:bf:63:da:7c:6b:
         1c:39:07:4a:d2:57:d8:b6:e3:18:c2:41:e4:41:2f:8f:de:71:
         9d:56:8b:23:17:1a:ac:d0:bc:0b:69:84:14:fc:b6:6b:79:70:
         97:dd:36:4e:f1:03:4b:5c:84:10:a3:77:52:b7:e0:2f:9e:f2:
         96:8f:64:74:74:1b:88:52:b5:f9:98:b7:d8:13:37:b2:c3:4e:
         6e:ce:99:de:19:b9:2a:3c:2d:26:57:14:6a:f4:d5:13:31:15:
         0b:54:53:bc:da:ad:86:a5:84:5f:a3:48:69:40:5d:91:e1:1e:
         b4:f7:91:aa:6e:78:36:46:5b:2f:f9:4f:a3:e2:a6:90:51:00:
         5f:a2:40:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWP6v4upP+cuM+nVX8bbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjcxZTJhZTYyMjg3NzU1MmI4OWRiYzQ3NGQ3YTEzMDU4
NGE0OGUwHhcNMjYwMzAxMTcwMTI0WhcNMjYwMzAyMTcwMTI0WjAzMTEwLwYDVQQD
Eyg5MTM2OWMyOGNjODY3M2E1ZWFlYzAzNGRiMmI4YmZhYzI3ODVmMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofMMpEzahlb//TS3xzbmSrSQ+SIV
BixqX+RFOlvnaabQyGWr7Wgoz1WScpXuDw4J2XhDaTQ+tCK/Qp7plw2vHeF/VlOE
h5GDoMnwXNti2YNRKgR5xrG3L3PuA6KO9zBnVuXEpGlzdtqzA2bHj0N8Y0etZNYy
yNe91FalCWkeyd0F3KEoNTGJ4gnjc11hQC+0cjugCix1+y0IUt6Nd4nLj7LDBWkU
ragf4s5j2CA6D8g4+1qT5Q95qDeAlCTtJwzuNukSDJoZ5AOl+a7EUtEtNHgVqqZQ
UrYaukZK3L5LDFQ5H9ZMrTclCS4vzG1OSL0NcXQ+ki61UV/yrPRgyrZXtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJE2nCjMhnOl6uwDTbK4v6wnhfGCMB8GA1UdIwQY
MBaAFBsnHirmIod1UridvEdNehMFhKSOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yMGQ2YTgtYzRlMi00N2UzLTkwZGYt
MWM4ZWQzNmQyNTY2LzEvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yMGQ2YTgtYzRlMi00N2UzLTkwZGYtMWM4ZWQzNmQyNTY2
LzEvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfQKj+jZA
H07rtpcr/Yq/pdNR+aVAgO6QKVU1w7f1fyayZltV9iYGhW9csba7ar8dbLs0//TX
sU6doojG62OftOHYNmzhDI4LFAK8eMq9IoAjvzbznlq1X2oTvXvJlSfYVfKHCka4
8LYwfVUyI9N9iw24dco0a2j4X79j2nxrHDkHStJX2LbjGMJB5EEvj95xnVaLIxca
rNC8C2mEFPy2a3lwl902TvEDS1yEEKN3UrfgL57ylo9kdHQbiFK1+Zi32BM3ssNO
bs6Z3hm5KjwtJlcUavTVEzEVC1RTvNqthqWEX6NIaUBdkeEetPeRqm54NkZbL/lP
o+KmkFEAX6JA/w==
-----END CERTIFICATE-----