Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
File:                     GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json)
Hash identifier:          ZNa7LwjuetAvy2BGLRowHPRBBYQU8lmqy2K+HI9gNRQ=
Subject key identifier:   0D:93:37:F6:8A:09:E3:FD:86:59:9A:1E:5A:C7:03:E1:5E:D4:06:F6
Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA
Certificate issuer:       /CN=18021459300d15fac550705cf6e258999d3d86ba
Certificate serial:       019CAAC60C248481E2F6C02EAF81D43A6781
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
Manifest number:          0D28
Signing time:             Sun 01 Mar 2026 19:00:31 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:31 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:31 +0000
Files and hashes:         1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: 6EEUzR17EhJ9ASFgs2Xri6cACs6q0zS6raNDr9VMmDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:0c:24:84:81:e2:f6:c0:2e:af:81:d4:3a:67:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba
        Validity
            Not Before: Mar  1 19:00:31 2026 GMT
            Not After : Mar  2 19:00:31 2026 GMT
        Subject: CN=0d9337f68a09e3fd86599a1e5ac703e15ed406f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:d4:6b:9e:a3:60:38:20:65:ac:bc:2e:9e:52:
                    17:40:9c:7d:96:4b:ab:e7:2b:47:eb:30:d3:b3:36:
                    25:fc:d3:d6:c5:3f:05:f0:6c:9a:df:56:19:15:93:
                    fe:e8:73:fa:63:94:44:0a:d0:75:e9:f7:e3:b9:b5:
                    8f:c2:11:b7:db:2c:fe:2a:31:03:ae:83:fd:f7:18:
                    57:9b:9f:55:d6:0b:2c:a4:6c:79:e2:ce:0d:db:f4:
                    69:13:ce:ad:d0:cb:02:37:7b:ed:52:3c:73:7b:39:
                    7a:3d:8f:77:25:96:15:9a:55:04:4e:bf:db:85:d1:
                    c6:6d:4a:10:13:20:83:19:71:bb:19:87:27:3e:0a:
                    fd:e2:54:d5:a3:9a:b3:9e:fe:b3:48:98:c0:95:3d:
                    8c:81:3f:69:d9:cd:e2:a9:d9:fc:f1:c2:1d:d0:36:
                    c9:50:6a:7f:b9:e0:00:d4:af:56:3f:a3:06:a9:d9:
                    9c:1b:1d:ad:62:e1:a4:f0:8f:4d:81:fc:57:36:b2:
                    be:fd:62:3c:c1:c8:5d:ac:cb:f3:bc:5f:cb:ed:40:
                    f5:fb:31:ad:5c:01:46:45:25:e1:ac:a8:58:fa:fb:
                    2e:e1:bc:6e:e7:a9:7b:63:0e:51:13:2a:40:b3:da:
                    ed:1c:8d:1e:64:0a:bb:c5:63:76:e3:69:9a:39:0a:
                    39:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:93:37:F6:8A:09:E3:FD:86:59:9A:1E:5A:C7:03:E1:5E:D4:06:F6
            X509v3 Authority Key Identifier:
                keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:28:57:f3:6b:20:6d:25:18:f0:8a:63:12:b7:77:8b:ee:91:
         bb:93:97:ff:47:c1:9d:ef:3f:01:a4:3a:3b:75:7b:2a:13:83:
         18:55:9d:bf:d2:a9:4a:93:51:3a:4f:e4:d7:a9:b5:bd:6a:1e:
         b6:f3:37:ab:28:53:01:1a:69:a1:97:82:d5:ce:f5:58:ff:d8:
         a6:33:ac:62:1b:e5:75:f1:5b:95:36:ee:01:e2:a3:33:25:84:
         c4:6e:b1:8f:08:b4:60:0d:dc:6c:9c:13:d9:a9:82:0e:b8:51:
         e3:cc:aa:a2:37:05:59:41:b8:34:c5:0d:bb:ef:d8:ff:c0:ee:
         fb:e8:85:0c:f0:7d:e5:5b:1b:28:48:89:fc:c4:30:04:7f:94:
         5d:88:9b:78:e7:b7:bb:5a:fc:2b:c4:44:ad:e8:fd:75:3f:05:
         19:94:67:82:a1:4c:36:9a:2f:eb:9e:4b:f7:13:d7:d8:31:21:
         e4:1c:69:e7:53:72:7e:3e:24:86:04:55:f9:9f:81:f5:20:4c:
         f0:e2:4b:bb:53:fe:8d:af:c5:cb:6b:dc:f3:f1:df:04:05:ce:
         81:d4:01:b1:c0:41:eb:27:e6:8d:c4:23:23:7d:48:be:20:eb:
         23:e3:27:66:d8:d8:08:b8:fc:84:b5:6c:ba:17:3f:34:65:7c:
         b0:61:8a:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxgwkhIHi9sAur4HUOmeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz
ZDg2YmEwHhcNMjYwMzAxMTkwMDMxWhcNMjYwMzAyMTkwMDMxWjAzMTEwLwYDVQQD
EygwZDkzMzdmNjhhMDllM2ZkODY1OTlhMWU1YWM3MDNlMTVlZDQwNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dRrnqNgOCBlrLwunlIXQJx9lkur
5ytH6zDTszYl/NPWxT8F8Gya31YZFZP+6HP6Y5RECtB16ffjubWPwhG32yz+KjED
roP99xhXm59V1gsspGx54s4N2/RpE86t0MsCN3vtUjxzezl6PY93JZYVmlUETr/b
hdHGbUoQEyCDGXG7GYcnPgr94lTVo5qznv6zSJjAlT2MgT9p2c3iqdn88cId0DbJ
UGp/ueAA1K9WP6MGqdmcGx2tYuGk8I9NgfxXNrK+/WI8wchdrMvzvF/L7UD1+zGt
XAFGRSXhrKhY+vsu4bxu56l7Yw5REypAs9rtHI0eZAq7xWN242maOQo5TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2TN/aKCeP9hlmaHlrHA+Fe1Ab2MB8GA1UdIwQY
MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct
OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh
LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPChX82sg
bSUY8IpjErd3i+6Ru5OX/0fBne8/AaQ6O3V7KhODGFWdv9KpSpNROk/k16m1vWoe
tvM3qyhTARppoZeC1c71WP/YpjOsYhvldfFblTbuAeKjMyWExG6xjwi0YA3cbJwT
2amCDrhR48yqojcFWUG4NMUNu+/Y/8Du++iFDPB95VsbKEiJ/MQwBH+UXYibeOe3
u1r8K8RErej9dT8FGZRngqFMNpov655L9xPX2DEh5Bxp51Nyfj4khgRV+Z+B9SBM
8OJLu1P+ja/Fy2vc8/HfBAXOgdQBscBB6yfmjcQjI31IviDrI+MnZtjYCLj8hLVs
uhc/NGV8sGGKLQ==
-----END CERTIFICATE-----