Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.mft
File:                     gkjHU9Rs3J6YAJ7k24EHIywC6vQ.mft (raw, json)
Hash identifier:          Bydj6qHkESnmMdC4MMReVlD9TfpVb/nOhI7cxw4SxoU=
Subject key identifier:   16:FC:74:1D:A3:4F:E8:7E:D3:4B:79:2F:BE:83:C4:08:B3:DE:6B:1D
Authority key identifier: 82:48:C7:53:D4:6C:DC:9E:98:00:9E:E4:DB:81:07:23:2C:02:EA:F4
Certificate issuer:       /CN=8248c753d46cdc9e98009ee4db8107232c02eaf4
Certificate serial:       019CAEA36485254B49AB69DCA48CD97ACEA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.mft
Manifest number:          12CF
Signing time:             Mon 02 Mar 2026 13:01:09 +0000
Manifest this update:     Mon 02 Mar 2026 13:01:09 +0000
Manifest next update:     Tue 03 Mar 2026 13:01:09 +0000
Files and hashes:         1: gkjHU9Rs3J6YAJ7k24EHIywC6vQ.crl (hash: BTb2UoI8znpYfh3DMxleKlG8+IdyGq/AuBT9maLijD8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:a3:64:85:25:4b:49:ab:69:dc:a4:8c:d9:7a:ce:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8248c753d46cdc9e98009ee4db8107232c02eaf4
        Validity
            Not Before: Mar  2 13:01:09 2026 GMT
            Not After : Mar  3 13:01:09 2026 GMT
        Subject: CN=16fc741da34fe87ed34b792fbe83c408b3de6b1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c0:a5:6a:0d:1a:28:2b:7a:30:27:2e:7a:56:
                    29:0c:3e:87:54:c6:6e:4f:c9:9c:70:4e:f3:c6:24:
                    90:a8:96:80:22:fd:6a:f4:3d:68:c1:c5:45:f8:ec:
                    38:90:03:6d:3f:7c:4f:ef:88:14:c1:1b:55:8a:e7:
                    b5:11:a5:38:b1:20:9e:3a:8f:8f:de:c4:90:fa:08:
                    2a:68:5d:05:32:34:60:e7:88:bf:9d:f4:cd:03:c3:
                    9e:bc:c2:52:52:82:39:ae:6d:05:b9:ae:4f:21:96:
                    e1:47:ee:27:43:14:fc:4a:6f:d1:f0:de:1a:dd:85:
                    81:36:d8:58:a8:f2:b4:70:a8:5e:7c:72:8f:22:c5:
                    78:c6:b0:e4:83:81:bb:1c:48:48:2e:47:fc:a5:a7:
                    6d:eb:a4:49:b7:39:8b:ed:f2:59:33:30:07:e7:4a:
                    20:14:4b:0f:17:7c:ae:78:ac:be:f9:f8:68:bd:f6:
                    95:49:a5:be:d0:94:61:15:fc:79:0e:f0:ed:00:e3:
                    ee:73:fc:84:0f:30:41:51:49:cc:b8:36:eb:3e:c0:
                    63:ef:f0:9b:0e:10:a2:4e:9b:a7:2c:69:2b:a0:29:
                    73:ec:a8:94:22:04:4d:68:b5:bc:60:19:6d:4b:d1:
                    ca:5c:22:32:ea:ac:79:be:1f:15:f9:5e:27:4a:1d:
                    c6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:FC:74:1D:A3:4F:E8:7E:D3:4B:79:2F:BE:83:C4:08:B3:DE:6B:1D
            X509v3 Authority Key Identifier:
                keyid:82:48:C7:53:D4:6C:DC:9E:98:00:9E:E4:DB:81:07:23:2C:02:EA:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:84:d9:e9:f8:67:49:30:9d:04:8b:fc:7b:9d:48:d8:5a:93:
         92:7f:ff:79:0c:5e:7e:b3:c7:25:fe:98:70:1e:c5:6c:bc:c7:
         9c:c0:8f:cf:16:06:28:06:a0:06:fd:de:e1:c7:ca:8d:df:9b:
         e5:9b:c1:ce:fe:cd:de:fc:25:b5:35:6c:3e:c6:66:f5:23:8d:
         c4:b3:2b:21:c8:6f:1c:8b:97:96:07:01:03:ff:12:e1:3f:e2:
         b6:90:1a:a6:73:dc:4f:77:09:c7:41:38:73:66:11:99:07:ff:
         e0:23:b9:c5:ea:b0:a4:85:19:fe:ba:0d:99:57:b2:d3:45:c9:
         e9:bf:75:d6:f0:b5:2f:9a:d5:24:19:7f:e9:cc:ae:e7:f0:a5:
         c7:37:43:b9:2e:19:a0:0a:9f:25:05:aa:6a:60:7a:a7:11:6b:
         1c:df:59:19:f6:9d:c7:0e:d9:f2:5a:08:8a:c0:24:73:a0:f5:
         23:36:8e:47:57:2a:06:82:47:d9:7a:3e:65:a4:0e:ca:2f:c1:
         21:fc:98:d9:69:23:2d:77:46:cc:e9:d2:c1:af:ba:34:3a:57:
         34:01:c6:d1:a1:d9:8f:54:5a:43:d5:8c:f0:51:10:f8:fd:c3:
         ff:34:8b:7b:05:eb:2f:da:2b:43:91:8e:f4:bd:84:16:e7:bc:
         c8:a3:8f:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo2SFJUtJq2ncpIzZes6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNDhjNzUzZDQ2Y2RjOWU5ODAwOWVlNGRiODEwNzIzMmMw
MmVhZjQwHhcNMjYwMzAyMTMwMTA5WhcNMjYwMzAzMTMwMTA5WjAzMTEwLwYDVQQD
EygxNmZjNzQxZGEzNGZlODdlZDM0Yjc5MmZiZTgzYzQwOGIzZGU2YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycClag0aKCt6MCcuelYpDD6HVMZu
T8mccE7zxiSQqJaAIv1q9D1owcVF+Ow4kANtP3xP74gUwRtViue1EaU4sSCeOo+P
3sSQ+ggqaF0FMjRg54i/nfTNA8OevMJSUoI5rm0Fua5PIZbhR+4nQxT8Sm/R8N4a
3YWBNthYqPK0cKhefHKPIsV4xrDkg4G7HEhILkf8padt66RJtzmL7fJZMzAH50og
FEsPF3yueKy++fhovfaVSaW+0JRhFfx5DvDtAOPuc/yEDzBBUUnMuDbrPsBj7/Cb
DhCiTpunLGkroClz7KiUIgRNaLW8YBltS9HKXCIy6qx5vh8V+V4nSh3GBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBb8dB2jT+h+00t5L76DxAiz3msdMB8GA1UdIwQY
MBaAFIJIx1PUbNyemACe5NuBByMsAur0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2tqSFU5UnMzSjZZQUo3azI0RUhJeXdDNnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8xZmE0MjYtNDBkNi00ZWVhLWJiYWMt
OTEzMzIyNWM5NDI1LzEvZ2tqSFU5UnMzSjZZQUo3azI0RUhJeXdDNnZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8xZmE0MjYtNDBkNi00ZWVhLWJiYWMtOTEzMzIyNWM5NDI1
LzEvZ2tqSFU5UnMzSjZZQUo3azI0RUhJeXdDNnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADITZ6fhn
STCdBIv8e51I2FqTkn//eQxefrPHJf6YcB7FbLzHnMCPzxYGKAagBv3e4cfKjd+b
5ZvBzv7N3vwltTVsPsZm9SONxLMrIchvHIuXlgcBA/8S4T/itpAapnPcT3cJx0E4
c2YRmQf/4CO5xeqwpIUZ/roNmVey00XJ6b911vC1L5rVJBl/6cyu5/ClxzdDuS4Z
oAqfJQWqamB6pxFrHN9ZGfadxw7Z8loIisAkc6D1IzaOR1cqBoJH2Xo+ZaQOyi/B
IfyY2WkjLXdGzOnSwa+6NDpXNAHG0aHZj1RaQ9WM8FEQ+P3D/zSLewXrL9orQ5GO
9L2EFue8yKOPcQ==
-----END CERTIFICATE-----