Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft
File:                     G8qoP8mkEL2z4P0thIcgE0dxvs8.mft (raw, json)
Hash identifier:          dkWjB/gHSiEMJLCsNI9FEMid27pHHq5xTRfy/VZ54eY=
Subject key identifier:   ED:74:D1:AA:55:B4:43:0D:C2:E1:93:14:4D:11:34:69:64:4A:41:CF
Authority key identifier: 1B:CA:A8:3F:C9:A4:10:BD:B3:E0:FD:2D:84:87:20:13:47:71:BE:CF
Certificate issuer:       /CN=1bcaa83fc9a410bdb3e0fd2d848720134771becf
Certificate serial:       019CAA5916FB69ED3B48D5FB839F7AE15F31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G8qoP8mkEL2z4P0thIcgE0dxvs8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft
Manifest number:          17D3
Signing time:             Sun 01 Mar 2026 17:01:31 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:31 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:31 +0000
Files and hashes:         1: G8qoP8mkEL2z4P0thIcgE0dxvs8.crl (hash: FZUdeF9OWaE+PBeyxg2AfK5gnbXkKDRGrqo/O8KVEjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G8qoP8mkEL2z4P0thIcgE0dxvs8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:59:16:fb:69:ed:3b:48:d5:fb:83:9f:7a:e1:5f:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bcaa83fc9a410bdb3e0fd2d848720134771becf
        Validity
            Not Before: Mar  1 17:01:31 2026 GMT
            Not After : Mar  2 17:01:31 2026 GMT
        Subject: CN=ed74d1aa55b4430dc2e193144d113469644a41cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ad:19:56:e8:4e:9b:e8:83:cb:81:16:ad:ac:
                    40:de:71:46:4e:15:64:81:b6:22:77:7f:a0:17:3a:
                    01:18:f0:dd:dc:7b:c2:14:fd:4e:d3:80:d8:ad:08:
                    6e:12:45:03:8f:87:80:95:2a:2a:bb:33:70:83:f8:
                    aa:04:b0:37:cf:1b:88:bb:f0:d0:ce:02:78:fb:c8:
                    f6:20:6d:aa:62:14:28:f1:56:d3:e6:c2:d7:dc:b0:
                    91:0c:31:ac:f1:16:a3:3a:ba:79:77:f1:69:fa:49:
                    3d:20:b3:dd:88:7a:7c:ee:ee:00:1d:89:75:31:48:
                    c7:3e:93:13:d0:a6:89:d0:22:de:24:a1:38:9f:37:
                    98:84:ac:68:a8:72:ea:18:88:16:b5:f8:57:0f:7f:
                    33:92:4d:fa:7b:93:10:95:e2:99:e8:dd:09:7e:ce:
                    52:9f:f8:05:35:04:3a:d1:54:12:70:97:0a:03:9d:
                    1c:b5:24:7b:94:e5:6e:39:01:56:98:b6:20:51:3d:
                    ea:04:18:d9:70:87:c0:72:a6:65:2d:0b:3b:28:94:
                    2e:b1:bc:55:98:de:96:0a:0f:1f:2b:02:d0:ae:5d:
                    90:5b:2b:54:9f:7f:03:ac:9b:2b:54:85:11:86:90:
                    0e:69:65:b7:e2:1d:a2:cb:95:a4:ed:2e:ac:81:85:
                    db:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:74:D1:AA:55:B4:43:0D:C2:E1:93:14:4D:11:34:69:64:4A:41:CF
            X509v3 Authority Key Identifier:
                keyid:1B:CA:A8:3F:C9:A4:10:BD:B3:E0:FD:2D:84:87:20:13:47:71:BE:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G8qoP8mkEL2z4P0thIcgE0dxvs8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:77:0f:08:86:15:a3:90:81:bf:c8:8d:8c:b4:be:fc:ad:45:
         5d:cb:4d:f3:41:43:7a:3b:d2:4c:60:96:6c:a4:a8:d7:dc:9f:
         9d:b4:7c:5f:4b:65:b2:a2:7c:46:01:18:3e:1f:e2:09:d7:5d:
         48:43:79:da:7b:51:0a:ea:3a:c8:4a:de:7c:17:19:b1:e5:25:
         c2:22:58:22:b2:5d:8a:73:95:a3:96:40:c2:11:d4:e4:86:29:
         90:3c:35:04:2b:76:a8:28:05:23:01:1e:67:a9:f0:e9:ac:11:
         81:05:80:ae:3f:c8:12:47:49:94:6e:01:6f:98:a8:a2:73:55:
         cc:fd:26:d4:8b:48:a6:64:b0:97:ac:0b:74:8c:9c:1a:3a:d5:
         0c:70:4e:5b:a1:44:00:fc:c9:21:c1:56:bb:34:09:d5:98:e6:
         28:e7:19:4a:a2:a6:62:d3:4e:32:93:5a:71:58:10:32:58:54:
         d3:c3:8d:e1:e9:54:e3:4f:37:59:a6:66:c8:45:6a:c6:34:33:
         ab:40:dd:11:16:e6:18:3c:f8:3b:60:8c:3c:73:cb:37:ad:1b:
         0a:27:79:64:c2:6c:9a:b1:fd:74:0e:26:74:ad:86:6e:f0:2a:
         24:47:88:1a:4b:0d:d2:42:fd:e3:39:d1:15:e5:4a:89:fd:c0:
         0e:58:5b:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWRb7ae07SNX7g5964V8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiY2FhODNmYzlhNDEwYmRiM2UwZmQyZDg0ODcyMDEzNDc3
MWJlY2YwHhcNMjYwMzAxMTcwMTMxWhcNMjYwMzAyMTcwMTMxWjAzMTEwLwYDVQQD
EyhlZDc0ZDFhYTU1YjQ0MzBkYzJlMTkzMTQ0ZDExMzQ2OTY0NGE0MWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa0ZVuhOm+iDy4EWraxA3nFGThVk
gbYid3+gFzoBGPDd3HvCFP1O04DYrQhuEkUDj4eAlSoquzNwg/iqBLA3zxuIu/DQ
zgJ4+8j2IG2qYhQo8VbT5sLX3LCRDDGs8RajOrp5d/Fp+kk9ILPdiHp87u4AHYl1
MUjHPpMT0KaJ0CLeJKE4nzeYhKxoqHLqGIgWtfhXD38zkk36e5MQleKZ6N0Jfs5S
n/gFNQQ60VQScJcKA50ctSR7lOVuOQFWmLYgUT3qBBjZcIfAcqZlLQs7KJQusbxV
mN6WCg8fKwLQrl2QWytUn38DrJsrVIURhpAOaWW34h2iy5Wk7S6sgYXbhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO100apVtEMNwuGTFE0RNGlkSkHPMB8GA1UdIwQY
MBaAFBvKqD/JpBC9s+D9LYSHIBNHcb7PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzhxb1A4bWtFTDJ6NFAwdGhJY2dFMGR4dnM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNTZmYmMtMThjZi00NzY1LThhNGMt
Y2Q3MDEzOGU2MzgzLzEvRzhxb1A4bWtFTDJ6NFAwdGhJY2dFMGR4dnM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNTZmYmMtMThjZi00NzY1LThhNGMtY2Q3MDEzOGU2Mzgz
LzEvRzhxb1A4bWtFTDJ6NFAwdGhJY2dFMGR4dnM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiHcPCIYV
o5CBv8iNjLS+/K1FXctN80FDejvSTGCWbKSo19yfnbR8X0tlsqJ8RgEYPh/iCddd
SEN52ntRCuo6yErefBcZseUlwiJYIrJdinOVo5ZAwhHU5IYpkDw1BCt2qCgFIwEe
Z6nw6awRgQWArj/IEkdJlG4Bb5ioonNVzP0m1ItIpmSwl6wLdIycGjrVDHBOW6FE
APzJIcFWuzQJ1ZjmKOcZSqKmYtNOMpNacVgQMlhU08ON4elU4083WaZmyEVqxjQz
q0DdERbmGDz4O2CMPHPLN60bCid5ZMJsmrH9dA4mdK2GbvAqJEeIGksN0kL94znR
FeVKif3ADlhbvA==
-----END CERTIFICATE-----