Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          nWxi6mpTocYIV94gGBiflHaNYzkLL9p5mrkf6SErDk8=
Subject key identifier:   2C:7C:CF:72:EE:EF:55:26:5E:F6:2C:59:2A:45:5F:FC:B9:B5:2F:AC
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       019D9962B8EDC1435EF1DC37B7CCE472D997
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0D4F
Signing time:             Fri 17 Apr 2026 03:01:16 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:16 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:16 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: NUGrgkBH2pLNyrzNTTD0t3Zcj45DdRA0cEXzdSM5Nzw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:b8:ed:c1:43:5e:f1:dc:37:b7:cc:e4:72:d9:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Apr 17 03:01:16 2026 GMT
            Not After : Apr 18 03:01:16 2026 GMT
        Subject: CN=2c7ccf72eeef55265ef62c592a455ffcb9b52fac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:2e:df:79:bb:0c:a7:03:d7:a6:4e:30:38:f3:
                    43:b9:af:db:4e:9e:9f:96:e7:3b:44:73:34:73:9d:
                    31:c4:23:c7:6a:91:79:93:6f:db:8b:8e:b1:8f:6c:
                    bd:fc:df:4e:57:13:21:3e:57:46:27:68:8e:fe:11:
                    32:e7:2a:91:80:c4:8a:7a:19:c6:f8:12:d2:86:22:
                    24:82:39:ea:e9:46:84:3e:fc:32:0c:82:4c:d8:ea:
                    f0:45:61:99:e3:01:ba:18:ab:6e:ac:f8:cf:a7:27:
                    90:2f:1c:eb:51:3c:83:cb:4f:d3:48:9f:e6:5d:63:
                    07:80:43:e9:b3:e0:34:26:d7:e9:17:c4:ae:78:ce:
                    77:d0:3b:10:ed:85:6f:17:bf:59:3e:0e:63:9f:42:
                    e2:4f:35:a7:2e:b6:6a:be:c3:9b:e2:28:83:01:b9:
                    d9:15:8f:fc:52:92:3e:3f:8c:64:e5:44:61:cd:f7:
                    4d:ad:20:3a:11:f4:87:2e:5a:35:10:bd:d5:73:c5:
                    67:ec:0b:6d:fa:17:03:2c:b0:dc:fa:a9:94:00:0c:
                    f4:ee:8a:7d:62:5c:56:3e:38:43:1f:67:37:6e:5f:
                    42:87:f2:87:82:14:4f:72:5d:d4:03:0a:b7:8a:2b:
                    39:d7:7d:e3:ec:9c:b2:a1:17:a8:e5:62:68:84:f0:
                    0e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:7C:CF:72:EE:EF:55:26:5E:F6:2C:59:2A:45:5F:FC:B9:B5:2F:AC
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:e1:08:58:f9:04:85:5d:e8:15:6f:75:c7:6b:0b:1f:c1:b7:
         85:95:c8:60:87:00:da:68:11:0f:6d:af:5b:8a:f5:76:4e:c2:
         6d:41:57:ef:21:d4:66:5a:f9:60:91:50:f1:2e:dd:f8:ac:1c:
         78:89:44:7e:11:56:4b:2e:b5:c0:ef:3c:41:e6:d8:ca:de:8e:
         e9:e8:e2:9e:e1:94:04:3f:e9:fc:30:62:99:3e:12:8b:6e:15:
         f6:1f:c2:a6:0e:53:30:96:4c:c0:4c:33:b9:d5:21:b4:ad:7e:
         03:9e:a2:67:ec:00:15:29:f1:64:4d:30:c3:7a:17:98:ae:97:
         50:ab:26:e1:52:5e:3c:67:1d:ac:c6:e3:65:4b:60:b4:2d:c5:
         c5:4c:7b:4a:91:3b:0d:76:72:e9:c6:82:e4:a9:d7:4f:05:59:
         15:8f:af:3a:be:b1:b1:01:ab:b0:e5:6b:06:1a:88:ba:3f:36:
         68:92:9b:d8:22:77:29:e3:1e:e6:de:04:73:e5:eb:95:81:53:
         5c:bd:1b:c6:53:a1:bc:6b:ae:9b:e5:c3:1b:20:10:01:bf:25:
         46:15:d3:4b:2c:5b:34:8d:cd:ac:c3:68:04:a1:72:65:80:e1:
         b0:42:ba:f3:59:f6:6c:41:23:58:d6:17:9f:2f:94:55:34:d0:
         a2:7a:8c:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYrjtwUNe8dw3t8zkctmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjYwNDE3MDMwMTE2WhcNMjYwNDE4MDMwMTE2WjAzMTEwLwYDVQQD
EygyYzdjY2Y3MmVlZWY1NTI2NWVmNjJjNTkyYTQ1NWZmY2I5YjUyZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy7febsMpwPXpk4wOPNDua/bTp6f
luc7RHM0c50xxCPHapF5k2/bi46xj2y9/N9OVxMhPldGJ2iO/hEy5yqRgMSKehnG
+BLShiIkgjnq6UaEPvwyDIJM2OrwRWGZ4wG6GKturPjPpyeQLxzrUTyDy0/TSJ/m
XWMHgEPps+A0JtfpF8SueM530DsQ7YVvF79ZPg5jn0LiTzWnLrZqvsOb4iiDAbnZ
FY/8UpI+P4xk5URhzfdNrSA6EfSHLlo1EL3Vc8Vn7Att+hcDLLDc+qmUAAz07op9
YlxWPjhDH2c3bl9Ch/KHghRPcl3UAwq3iis5133j7JyyoReo5WJohPAONQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCx8z3Lu71UmXvYsWSpFX/y5tS+sMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGuEIWPkE
hV3oFW91x2sLH8G3hZXIYIcA2mgRD22vW4r1dk7CbUFX7yHUZlr5YJFQ8S7d+Kwc
eIlEfhFWSy61wO88QebYyt6O6ejinuGUBD/p/DBimT4Si24V9h/Cpg5TMJZMwEwz
udUhtK1+A56iZ+wAFSnxZE0ww3oXmK6XUKsm4VJePGcdrMbjZUtgtC3FxUx7SpE7
DXZy6caC5KnXTwVZFY+vOr6xsQGrsOVrBhqIuj82aJKb2CJ3KeMe5t4Ec+XrlYFT
XL0bxlOhvGuum+XDGyAQAb8lRhXTSyxbNI3NrMNoBKFyZYDhsEK681n2bEEjWNYX
ny+UVTTQonqMhw==
-----END CERTIFICATE-----