Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
File:                     GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json)
Hash identifier:          mUfK2I02Lpr3KhpAQ8UT4Hr4NdKvGhOXFGgiWa28M48=
Subject key identifier:   4E:D8:7E:59:CD:3C:36:50:42:91:15:96:E5:8A:E5:E1:75:AD:7B:F2
Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA
Certificate issuer:       /CN=18021459300d15fac550705cf6e258999d3d86ba
Certificate serial:       019DA3E6AACE64C201AB17F0AB59FD377BFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
Manifest number:          0DA9
Signing time:             Sun 19 Apr 2026 04:01:36 +0000
Manifest this update:     Sun 19 Apr 2026 04:01:36 +0000
Manifest next update:     Mon 20 Apr 2026 04:01:36 +0000
Files and hashes:         1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: puBPLOKK8Q42fzLvO+LVY8Ck4YfOz2TSswqfVv7luHU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:e6:aa:ce:64:c2:01:ab:17:f0:ab:59:fd:37:7b:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba
        Validity
            Not Before: Apr 19 04:01:36 2026 GMT
            Not After : Apr 20 04:01:36 2026 GMT
        Subject: CN=4ed87e59cd3c365042911596e58ae5e175ad7bf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:13:ed:25:af:36:93:7a:a0:01:c9:a9:3d:89:
                    b0:69:ad:5d:29:50:94:f5:48:b2:64:e3:9e:73:0c:
                    d4:74:a9:76:8d:ed:dd:f8:c0:62:44:1e:ca:82:4a:
                    37:29:0e:d5:e6:c4:c6:51:5c:c2:fb:cc:40:85:9b:
                    b7:f9:11:3e:9c:da:87:82:c1:5d:cc:72:5e:4f:b6:
                    e5:61:0e:db:f0:11:14:f7:b4:96:22:d2:6b:87:94:
                    d2:fd:db:00:09:30:ca:05:8d:d1:07:44:b8:8c:19:
                    27:f0:27:e3:c1:e6:b3:d3:78:3f:2d:f4:7a:19:21:
                    46:64:67:b8:60:91:ba:7a:81:bd:fb:95:1e:82:a1:
                    af:68:ba:e9:13:7c:4d:76:f0:87:22:c6:6e:93:cd:
                    a3:6a:be:05:6d:98:43:77:8d:e4:08:a3:29:99:51:
                    9a:1f:2c:10:6b:1c:e6:91:4c:e3:d5:ce:0e:0a:6b:
                    59:64:aa:80:cb:95:3a:86:b5:66:55:d4:ad:d1:d5:
                    50:45:c6:61:b3:33:94:f8:2c:29:b7:5c:bb:2b:b4:
                    d0:54:f7:23:e7:9e:26:b9:96:33:e8:ed:21:84:ae:
                    b7:46:93:7e:42:28:63:c1:b8:51:e3:d0:76:f0:c1:
                    54:55:08:f0:65:0a:9e:9e:14:4d:69:68:f4:e2:1d:
                    86:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:D8:7E:59:CD:3C:36:50:42:91:15:96:E5:8A:E5:E1:75:AD:7B:F2
            X509v3 Authority Key Identifier:
                keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:e3:95:68:a0:ee:6d:dd:f6:b1:7b:28:93:eb:97:f9:28:73:
         e9:e3:9e:ac:13:f6:a5:21:99:25:9f:6c:d8:f5:1f:46:7d:1b:
         b5:b8:b5:e2:35:6a:e1:75:37:59:aa:5a:ee:94:0a:1a:31:ad:
         d4:2d:8d:73:6c:07:03:3d:46:0e:f3:1a:38:de:7e:a8:29:e3:
         c2:35:72:04:eb:5a:33:ab:f7:c7:c3:31:5e:3b:c8:29:ce:dd:
         ad:31:9a:6e:8d:6b:d2:3d:93:25:0c:f4:d9:d5:95:06:d6:01:
         e3:22:4c:06:47:fb:61:1f:bb:d5:25:ac:45:5a:e0:fb:7a:9f:
         ff:40:36:74:3d:b5:b8:9b:34:69:df:ca:c2:ed:7c:8e:e5:ae:
         12:6c:65:8f:e4:3c:4b:3e:a3:6f:b2:6d:d7:60:f6:90:e7:55:
         2c:9a:a3:db:9d:17:74:d2:55:7a:26:f8:da:f8:f6:ea:96:d1:
         3c:8a:e7:1b:2e:ab:18:15:7c:93:64:82:27:86:88:71:bb:fb:
         6c:8f:bb:50:78:e7:69:df:b4:3b:f9:77:c7:f1:1a:e8:be:27:
         25:ee:19:4d:ff:4c:09:33:1f:28:e9:e2:91:fa:c1:1f:41:a3:
         40:40:b1:d7:3f:80:32:9b:e2:29:75:02:55:84:83:e8:09:c0:
         31:64:65:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5qrOZMIBqxfwq1n9N3v+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz
ZDg2YmEwHhcNMjYwNDE5MDQwMTM2WhcNMjYwNDIwMDQwMTM2WjAzMTEwLwYDVQQD
Eyg0ZWQ4N2U1OWNkM2MzNjUwNDI5MTE1OTZlNThhZTVlMTc1YWQ3YmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BPtJa82k3qgAcmpPYmwaa1dKVCU
9UiyZOOecwzUdKl2je3d+MBiRB7Kgko3KQ7V5sTGUVzC+8xAhZu3+RE+nNqHgsFd
zHJeT7blYQ7b8BEU97SWItJrh5TS/dsACTDKBY3RB0S4jBkn8Cfjweaz03g/LfR6
GSFGZGe4YJG6eoG9+5UegqGvaLrpE3xNdvCHIsZuk82jar4FbZhDd43kCKMpmVGa
HywQaxzmkUzj1c4OCmtZZKqAy5U6hrVmVdSt0dVQRcZhszOU+Cwpt1y7K7TQVPcj
554muZYz6O0hhK63RpN+QihjwbhR49B28MFUVQjwZQqenhRNaWj04h2GjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE7YflnNPDZQQpEVluWK5eF1rXvyMB8GA1UdIwQY
MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct
OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh
LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApOOVaKDu
bd32sXsok+uX+Shz6eOerBP2pSGZJZ9s2PUfRn0btbi14jVq4XU3Wapa7pQKGjGt
1C2Nc2wHAz1GDvMaON5+qCnjwjVyBOtaM6v3x8MxXjvIKc7drTGabo1r0j2TJQz0
2dWVBtYB4yJMBkf7YR+71SWsRVrg+3qf/0A2dD21uJs0ad/Kwu18juWuEmxlj+Q8
Sz6jb7Jt12D2kOdVLJqj250XdNJVeib42vj26pbRPIrnGy6rGBV8k2SCJ4aIcbv7
bI+7UHjnad+0O/l3x/Ea6L4nJe4ZTf9MCTMfKOnikfrBH0GjQECx1z+AMpviKXUC
VYSD6AnAMWRlzA==
-----END CERTIFICATE-----