Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
File:                     GWa02kiR-4CQGCvDO0m1liT8nZs.mft (raw, json)
Hash identifier:          DYfOa9TIoCxkFG/h+KA/n4kXEzIKF1Zqg64sT1SZv/I=
Subject key identifier:   9D:B5:DC:C1:AC:5D:EE:63:96:B1:29:B9:F7:70:8F:6B:2E:77:1D:71
Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
Certificate issuer:       /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Certificate serial:       019CAB6B78B6D2A83CFF5B31148B85519688
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
Manifest number:          1732
Signing time:             Sun 01 Mar 2026 22:01:13 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:13 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:13 +0000
Files and hashes:         1: GWa02kiR-4CQGCvDO0m1liT8nZs.crl (hash: 0VJlCQ25ATxEL563uOZNNgwCrnDouppbvFbZvKva+qo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:78:b6:d2:a8:3c:ff:5b:31:14:8b:85:51:96:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
        Validity
            Not Before: Mar  1 22:01:13 2026 GMT
            Not After : Mar  2 22:01:13 2026 GMT
        Subject: CN=9db5dcc1ac5dee6396b129b9f7708f6b2e771d71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:14:52:f8:ef:99:11:1d:c6:7a:7c:26:10:64:
                    35:a8:b7:be:76:ef:a6:ee:6e:ee:e9:52:31:47:69:
                    73:44:42:ce:9a:9c:2e:b8:6f:a0:b8:bd:2b:9b:23:
                    05:c4:bd:0b:4a:e4:92:4b:3a:2d:40:e5:c0:8e:35:
                    44:c0:f1:b0:13:51:9b:05:cd:8c:63:e3:5b:f5:1f:
                    a0:ec:c9:50:2a:55:b2:41:f3:4a:3a:05:df:39:24:
                    ab:78:e8:8f:62:bf:e4:66:b5:ec:05:8b:4d:17:85:
                    53:07:23:75:40:05:b1:45:5b:21:10:4c:2c:10:ba:
                    bb:fd:64:25:42:44:f0:57:db:de:87:b0:6a:51:8f:
                    5d:9f:24:b2:29:1b:76:02:40:d0:b4:91:47:d1:72:
                    8e:c7:61:13:a8:b1:17:08:9b:ac:4f:80:51:4d:3a:
                    58:d5:ab:2d:ca:26:57:5b:76:db:fe:97:7c:8b:e3:
                    15:c4:7b:bc:83:cd:84:33:0c:fe:59:38:8a:fa:9e:
                    2b:92:9f:60:19:28:14:69:74:30:6a:37:6b:b4:fc:
                    12:35:8b:5d:1a:73:8b:20:d9:87:db:8a:dd:e7:a8:
                    ca:39:3b:60:f4:7a:3c:f8:89:13:b8:92:e2:47:50:
                    e6:ae:f2:2f:6d:55:e3:bc:d1:db:4b:d8:d6:78:af:
                    c5:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:B5:DC:C1:AC:5D:EE:63:96:B1:29:B9:F7:70:8F:6B:2E:77:1D:71
            X509v3 Authority Key Identifier:
                keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:4e:9e:7c:ef:0b:48:a4:1e:de:cb:aa:01:d5:36:ce:43:56:
         75:e4:a5:6b:1b:a9:10:64:68:d8:0b:e5:36:d4:04:df:25:7b:
         52:41:55:e1:64:16:66:9c:2b:55:85:13:a7:49:a2:f2:56:3f:
         4c:50:d6:27:4e:25:c8:98:08:72:1c:58:f7:fe:87:4b:60:5c:
         18:4b:af:74:6d:8d:ef:45:77:fb:20:f6:7a:2b:c4:5e:92:70:
         40:41:bd:0a:9d:c0:89:da:e6:d3:ea:49:e7:0a:dd:eb:c1:0e:
         7d:e3:5f:ab:43:4c:01:2a:0e:55:ef:80:2a:f3:42:c3:f3:15:
         2a:c9:80:04:70:50:21:16:df:e7:11:c7:59:55:f2:32:5e:90:
         fb:87:c1:07:9e:14:61:db:ca:78:85:1b:0a:12:df:95:ed:17:
         f1:c9:3f:c3:a9:71:dc:32:f5:21:5a:3c:98:a9:23:5f:84:01:
         66:4d:55:74:79:89:0b:ad:4e:1c:af:09:28:e1:09:a4:6e:cc:
         e5:41:5b:97:4e:ec:74:79:ce:af:82:95:87:45:9f:a1:04:0b:
         88:73:e0:a1:0f:af:4a:af:16:01:03:59:2a:9e:6b:13:40:90:
         9f:5f:c4:4e:d3:e2:cc:a8:f7:e9:46:cc:6b:40:41:34:a6:86:
         ba:5f:5c:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra3i20qg8/1sxFIuFUZaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjZiNGRhNDg5MWZiODA5MDE4MmJjMzNiNDliNTk2MjRm
YzlkOWIwHhcNMjYwMzAxMjIwMTEzWhcNMjYwMzAyMjIwMTEzWjAzMTEwLwYDVQQD
Eyg5ZGI1ZGNjMWFjNWRlZTYzOTZiMTI5YjlmNzcwOGY2YjJlNzcxZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BRS+O+ZER3GenwmEGQ1qLe+du+m
7m7u6VIxR2lzRELOmpwuuG+guL0rmyMFxL0LSuSSSzotQOXAjjVEwPGwE1GbBc2M
Y+Nb9R+g7MlQKlWyQfNKOgXfOSSreOiPYr/kZrXsBYtNF4VTByN1QAWxRVshEEws
ELq7/WQlQkTwV9veh7BqUY9dnySyKRt2AkDQtJFH0XKOx2ETqLEXCJusT4BRTTpY
1astyiZXW3bb/pd8i+MVxHu8g82EMwz+WTiK+p4rkp9gGSgUaXQwajdrtPwSNYtd
GnOLINmH24rd56jKOTtg9Ho8+IkTuJLiR1DmrvIvbVXjvNHbS9jWeK/FFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ213MGsXe5jlrEpufdwj2sudx1xMB8GA1UdIwQY
MBaAFBlmtNpIkfuAkBgrwztJtZYk/J2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDIt
NzlkNWI0NmQ5YzBlLzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDItNzlkNWI0NmQ5YzBl
LzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOE6efO8L
SKQe3suqAdU2zkNWdeSlaxupEGRo2AvlNtQE3yV7UkFV4WQWZpwrVYUTp0mi8lY/
TFDWJ04lyJgIchxY9/6HS2BcGEuvdG2N70V3+yD2eivEXpJwQEG9Cp3Aidrm0+pJ
5wrd68EOfeNfq0NMASoOVe+AKvNCw/MVKsmABHBQIRbf5xHHWVXyMl6Q+4fBB54U
YdvKeIUbChLfle0X8ck/w6lx3DL1IVo8mKkjX4QBZk1VdHmJC61OHK8JKOEJpG7M
5UFbl07sdHnOr4KVh0WfoQQLiHPgoQ+vSq8WAQNZKp5rE0CQn1/ETtPizKj36UbM
a0BBNKaGul9cgg==
-----END CERTIFICATE-----