Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          D4lWYBqCHU13i55aFUjqibp0f/Yi5ETObCz9RhWwSe8=
Subject key identifier:   E1:A4:16:13:A2:14:7C:11:2F:9C:6F:9D:31:6A:79:8A:BF:D9:0C:96
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       019CABD9B8F7BD44D297BBE1005A124F42DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0CD4
Signing time:             Mon 02 Mar 2026 00:01:38 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:38 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:38 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: aL7ZiH87TNdI3kQh94dMHl+KgGbx9LvbkCNJZ8iQDm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:b8:f7:bd:44:d2:97:bb:e1:00:5a:12:4f:42:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Mar  2 00:01:38 2026 GMT
            Not After : Mar  3 00:01:38 2026 GMT
        Subject: CN=e1a41613a2147c112f9c6f9d316a798abfd90c96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:52:bc:23:0c:09:0d:99:9a:05:c5:d3:f7:d4:
                    aa:11:9b:cf:54:c5:59:be:50:a8:4a:9f:2b:71:09:
                    f0:84:34:dc:47:e2:92:a9:21:ea:5b:5f:bd:c0:c9:
                    3b:ad:ca:bc:4c:40:15:df:ff:7b:db:f6:1f:6b:ef:
                    e3:d9:4d:cf:e4:f4:82:0d:7d:6c:70:3d:d0:cc:10:
                    e9:c3:cc:2e:c3:a0:3a:f9:dd:30:2a:99:1d:21:3c:
                    c0:2f:04:53:bf:6c:ae:c2:f8:04:b8:04:65:54:42:
                    fe:02:aa:71:cf:88:79:ba:d7:3b:31:d2:72:17:61:
                    f5:c3:8b:f5:60:78:8b:9b:bb:a6:2c:3e:e2:1f:aa:
                    75:ca:c2:06:43:27:dd:ea:b3:96:ef:4d:a0:c9:0c:
                    ed:35:8d:de:b9:49:76:b2:37:e5:aa:b9:21:66:1d:
                    b5:54:d2:ed:b4:d5:26:94:79:bd:1d:52:7d:8a:4a:
                    a0:44:d0:99:0d:3b:62:99:07:c1:99:48:5a:09:7e:
                    73:7e:e5:85:32:c3:1b:b8:29:4b:5b:a4:14:a7:b5:
                    ac:84:0b:2b:ba:bd:b8:b4:0f:af:36:f1:dd:23:68:
                    e5:3c:b8:63:41:b8:f4:47:85:d5:d4:d0:90:4d:df:
                    bd:03:db:c5:8b:37:1c:21:d2:78:05:89:3d:03:0c:
                    68:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:A4:16:13:A2:14:7C:11:2F:9C:6F:9D:31:6A:79:8A:BF:D9:0C:96
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:17:dd:81:88:22:70:aa:0a:0a:49:b4:1a:90:7e:24:55:64:
         df:48:ec:bb:91:98:8f:7b:f9:47:25:7d:0a:99:30:af:7e:57:
         a7:ee:02:87:59:fa:86:04:c6:71:aa:63:65:39:89:37:c0:b4:
         69:dd:53:79:76:22:a9:41:66:c7:3e:11:0d:ee:35:70:2d:0c:
         d4:87:59:36:32:dd:50:ae:c4:5f:e7:02:f8:66:9c:25:3e:fb:
         98:79:27:8c:44:51:33:b9:00:aa:ab:f1:ea:57:a7:98:21:1e:
         a7:5a:3d:e2:70:28:38:95:00:91:dc:43:1c:67:19:84:31:e8:
         83:06:cf:6b:84:dd:c1:67:26:02:c1:ba:7a:2f:25:de:36:f1:
         ee:6a:77:96:80:7d:ec:1f:5a:34:07:5e:f9:1e:3b:12:b1:36:
         b3:8f:49:c9:9e:38:86:36:db:c6:05:85:e8:5d:0f:02:64:62:
         f2:05:86:1c:f5:51:33:9a:12:05:1d:79:41:30:44:83:a5:03:
         8e:1e:2f:04:c2:57:c9:a8:e3:c7:59:17:1a:c7:27:74:06:87:
         e5:71:f6:2b:75:04:59:ac:fd:b0:28:43:90:cc:62:cc:36:03:
         f5:9e:78:71:00:35:20:9f:fd:50:e7:0a:f1:e8:a8:5b:64:d6:
         01:49:5f:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2bj3vUTSl7vhAFoST0LeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjYwMzAyMDAwMTM4WhcNMjYwMzAzMDAwMTM4WjAzMTEwLwYDVQQD
EyhlMWE0MTYxM2EyMTQ3YzExMmY5YzZmOWQzMTZhNzk4YWJmZDkwYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVK8IwwJDZmaBcXT99SqEZvPVMVZ
vlCoSp8rcQnwhDTcR+KSqSHqW1+9wMk7rcq8TEAV3/972/Yfa+/j2U3P5PSCDX1s
cD3QzBDpw8wuw6A6+d0wKpkdITzALwRTv2yuwvgEuARlVEL+Aqpxz4h5utc7MdJy
F2H1w4v1YHiLm7umLD7iH6p1ysIGQyfd6rOW702gyQztNY3euUl2sjflqrkhZh21
VNLttNUmlHm9HVJ9ikqgRNCZDTtimQfBmUhaCX5zfuWFMsMbuClLW6QUp7WshAsr
ur24tA+vNvHdI2jlPLhjQbj0R4XV1NCQTd+9A9vFizccIdJ4BYk9Awxo8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOGkFhOiFHwRL5xvnTFqeYq/2QyWMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbxfdgYgi
cKoKCkm0GpB+JFVk30jsu5GYj3v5RyV9Cpkwr35Xp+4Ch1n6hgTGcapjZTmJN8C0
ad1TeXYiqUFmxz4RDe41cC0M1IdZNjLdUK7EX+cC+GacJT77mHknjERRM7kAqqvx
6lenmCEep1o94nAoOJUAkdxDHGcZhDHogwbPa4TdwWcmAsG6ei8l3jbx7mp3loB9
7B9aNAde+R47ErE2s49JyZ44hjbbxgWF6F0PAmRi8gWGHPVRM5oSBR15QTBEg6UD
jh4vBMJXyajjx1kXGscndAaH5XH2K3UEWaz9sChDkMxizDYD9Z54cQA1IJ/9UOcK
8eioW2TWAUlfFg==
-----END CERTIFICATE-----