Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          A0sgwlfFzNbtycBwSYTe2JAUg62YR4hONKQnWn2jpTE=
Subject key identifier:   28:C8:B7:FE:A4:C7:82:F9:17:58:12:F7:91:6F:5B:8F:A0:A2:06:1D
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       019CAD59DBB3386A4B18C30A4D71A43E18F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          1844
Signing time:             Mon 02 Mar 2026 07:01:13 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:13 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:13 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: T6j4G5LZExNVr1jzmjxLZfEQlQR1DZGT1jJqkc/rs0w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:db:b3:38:6a:4b:18:c3:0a:4d:71:a4:3e:18:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Mar  2 07:01:13 2026 GMT
            Not After : Mar  3 07:01:13 2026 GMT
        Subject: CN=28c8b7fea4c782f9175812f7916f5b8fa0a2061d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:3a:09:0d:76:2c:43:9e:4c:6c:60:78:39:f7:
                    00:92:68:3e:94:08:1b:ce:70:64:98:52:bb:bf:69:
                    fc:f5:6b:85:1a:97:71:6d:60:89:78:a1:b8:ff:0f:
                    d7:fe:77:ab:7e:2d:83:96:01:65:e0:ec:cd:47:c1:
                    5e:37:6e:b7:11:6b:dd:d4:5a:d3:41:e2:99:a0:a1:
                    c2:b7:f2:e4:ae:90:9d:d6:3e:59:c1:c3:4c:b7:03:
                    72:29:1f:89:9d:58:4f:cd:38:04:87:cd:f6:86:22:
                    10:73:f0:55:72:be:f9:b1:25:e2:1f:0c:90:be:9b:
                    0a:b9:8b:cc:6b:78:62:f9:4b:3c:a8:c0:b5:aa:7e:
                    4d:2a:26:91:ae:1f:ec:1d:f0:0d:84:8b:fb:b8:b0:
                    80:d7:ac:cb:9f:0f:f1:f2:50:bc:59:5e:f3:06:0d:
                    b8:23:9a:90:a3:44:f9:65:0e:d7:eb:f5:88:58:9d:
                    c7:39:a3:c0:31:22:66:bc:fc:3d:80:b0:7c:e2:97:
                    75:c7:03:cf:12:ad:6f:f7:a2:38:01:5e:65:ed:b9:
                    a0:40:71:ab:ad:44:df:b7:18:ba:c7:dc:58:a9:79:
                    2f:51:84:d4:47:d9:5d:52:13:01:8b:e5:41:52:1b:
                    51:d4:33:c1:24:63:08:4a:0b:e9:db:24:31:cc:66:
                    8e:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:C8:B7:FE:A4:C7:82:F9:17:58:12:F7:91:6F:5B:8F:A0:A2:06:1D
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:bc:fc:38:df:6c:6c:a4:98:ef:80:2b:09:33:49:77:87:a7:
         34:1f:31:c5:01:b9:4a:a7:61:c2:36:34:30:95:87:6c:14:b7:
         12:fe:be:06:c9:e3:76:e9:d6:4d:3d:10:19:07:3f:97:f7:37:
         73:61:dc:03:fa:28:51:2e:2a:a8:84:ef:27:50:9f:82:0a:b7:
         37:bc:ec:1d:b3:0d:4c:f8:1e:a4:17:71:bc:37:94:3d:7a:76:
         39:f7:74:67:53:80:80:67:d9:c8:22:07:fd:fa:01:da:66:15:
         93:a2:5f:3e:1d:d6:d2:1f:62:b0:73:8a:f8:81:47:6a:50:68:
         85:e7:c9:f9:50:bd:85:7f:2d:7a:21:08:9d:1e:2a:b8:64:e0:
         96:bb:ae:d6:57:47:cf:84:fa:cb:03:e6:37:e8:fd:4b:19:7f:
         59:47:34:9c:3c:81:5b:5a:69:6d:c8:4a:58:1c:08:45:3f:0e:
         7e:76:cb:4f:e2:89:8e:25:de:bd:9a:20:d0:9a:02:ac:90:5e:
         d6:10:65:d2:35:32:c4:54:c8:5f:c8:9e:2c:73:b1:c7:9f:7c:
         e1:8f:df:85:7b:69:e0:d8:81:f0:46:eb:f9:05:03:eb:ef:6c:
         91:c1:85:29:a6:4f:69:9b:40:ac:87:68:81:db:c1:e4:11:93:
         ca:69:75:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWduzOGpLGMMKTXGkPhj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjYwMzAyMDcwMTEzWhcNMjYwMzAzMDcwMTEzWjAzMTEwLwYDVQQD
EygyOGM4YjdmZWE0Yzc4MmY5MTc1ODEyZjc5MTZmNWI4ZmEwYTIwNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzoJDXYsQ55MbGB4OfcAkmg+lAgb
znBkmFK7v2n89WuFGpdxbWCJeKG4/w/X/nerfi2DlgFl4OzNR8FeN263EWvd1FrT
QeKZoKHCt/LkrpCd1j5ZwcNMtwNyKR+JnVhPzTgEh832hiIQc/BVcr75sSXiHwyQ
vpsKuYvMa3hi+Us8qMC1qn5NKiaRrh/sHfANhIv7uLCA16zLnw/x8lC8WV7zBg24
I5qQo0T5ZQ7X6/WIWJ3HOaPAMSJmvPw9gLB84pd1xwPPEq1v96I4AV5l7bmgQHGr
rUTftxi6x9xYqXkvUYTUR9ldUhMBi+VBUhtR1DPBJGMISgvp2yQxzGaO8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjIt/6kx4L5F1gS95FvW4+gogYdMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATrz8ON9s
bKSY74ArCTNJd4enNB8xxQG5SqdhwjY0MJWHbBS3Ev6+BsnjdunWTT0QGQc/l/c3
c2HcA/ooUS4qqITvJ1Cfggq3N7zsHbMNTPgepBdxvDeUPXp2Ofd0Z1OAgGfZyCIH
/foB2mYVk6JfPh3W0h9isHOK+IFHalBohefJ+VC9hX8teiEInR4quGTglruu1ldH
z4T6ywPmN+j9Sxl/WUc0nDyBW1ppbchKWBwIRT8OfnbLT+KJjiXevZog0JoCrJBe
1hBl0jUyxFTIX8ieLHOxx5984Y/fhXtp4NiB8Ebr+QUD6+9skcGFKaZPaZtArIdo
gdvB5BGTyml1aQ==
-----END CERTIFICATE-----