Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
File:                     G2t-l-0j1mqR-4qRv9nGdxEpsas.mft (raw, json)
Hash identifier:          /6r7+lDG/RCFsp5Dh1PUMVj/EnREqZrIyojn6SjMebM=
Subject key identifier:   2B:3D:C0:62:EC:E1:56:48:BC:5F:98:C8:0B:C5:C1:FB:08:6B:39:1D
Authority key identifier: 1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB
Certificate issuer:       /CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
Certificate serial:       019D9B50AF7EB061E0EEAA28BFF5AB09EEF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
Manifest number:          11BB
Signing time:             Fri 17 Apr 2026 12:00:49 +0000
Manifest this update:     Fri 17 Apr 2026 12:00:49 +0000
Manifest next update:     Sat 18 Apr 2026 12:00:49 +0000
Files and hashes:         1: G2t-l-0j1mqR-4qRv9nGdxEpsas.crl (hash: IpRKynBNIQcSYDZN2q9rnSBiRhJJbn8y7vGOutVQN2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 12:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:af:7e:b0:61:e0:ee:aa:28:bf:f5:ab:09:ee:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
        Validity
            Not Before: Apr 17 12:00:49 2026 GMT
            Not After : Apr 18 12:00:49 2026 GMT
        Subject: CN=2b3dc062ece15648bc5f98c80bc5c1fb086b391d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ac:ba:03:ff:a0:6a:e0:29:54:bf:87:c7:cc:
                    d2:fd:95:c2:a2:ff:5f:42:a0:f7:d7:fd:46:d9:53:
                    32:9b:eb:38:76:ab:6f:d4:e0:7c:5d:89:72:13:41:
                    e9:63:04:2b:05:db:84:21:65:bd:79:fe:9d:00:75:
                    e4:8c:c1:09:6d:05:7f:58:a0:48:4d:09:bb:70:ac:
                    b9:42:18:d7:fe:95:1a:2a:0d:4b:76:9e:05:93:80:
                    8b:e3:02:93:6b:db:fa:f6:17:2c:61:e7:44:f0:0f:
                    d9:01:29:65:0b:04:1d:ac:5d:cc:78:80:0e:0e:1e:
                    c2:23:ed:21:d2:61:d4:b4:65:1d:4c:70:d2:4b:a4:
                    3a:23:52:7c:70:84:5b:75:f3:0e:99:54:58:30:f7:
                    fd:8a:bd:f8:44:03:64:95:ed:82:b1:5e:30:b1:ac:
                    81:4b:81:5a:8e:24:2f:6f:da:4d:6a:1c:c5:a6:66:
                    27:78:c7:6a:b0:74:98:41:50:85:ac:d6:e1:c5:41:
                    ae:ee:25:1d:2a:5b:fe:7a:0d:14:50:ee:c6:79:6c:
                    8e:61:19:3d:05:92:ee:85:37:4c:c5:f9:f9:1d:41:
                    03:ab:b9:b3:fc:d9:ad:26:cb:4e:28:5c:a4:9e:42:
                    1c:7c:ae:e2:d6:c7:fe:58:9f:39:c8:4c:3b:98:51:
                    c6:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:3D:C0:62:EC:E1:56:48:BC:5F:98:C8:0B:C5:C1:FB:08:6B:39:1D
            X509v3 Authority Key Identifier:
                keyid:1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:6d:43:fa:c4:8e:26:ab:62:fa:6e:3a:8c:88:f0:1b:1c:95:
         83:a2:84:d7:7f:af:cb:e4:ed:c3:6e:8e:1f:a8:9b:83:ea:08:
         df:5c:28:75:88:5e:e9:28:1c:17:5d:60:36:e6:87:16:68:7e:
         df:5c:36:2c:90:e3:e6:65:8d:7f:08:21:60:9b:65:10:cb:ff:
         3e:6a:85:a5:67:9a:bd:a9:6d:d1:de:e5:be:99:58:a3:b8:7b:
         bb:39:f3:aa:2b:94:db:ef:99:bd:da:87:f0:05:4f:05:a6:d9:
         03:40:f8:f2:ca:f3:20:32:cd:ae:f4:78:15:d2:23:18:50:06:
         00:ab:02:3c:92:d5:b3:2b:0e:51:c9:fa:e2:09:9f:fa:54:d4:
         db:52:8e:54:ee:1c:b4:1f:52:d0:56:94:8d:c6:b4:56:e9:bb:
         20:00:05:6b:37:21:e8:3a:51:62:a0:cd:3a:86:e0:00:30:2d:
         39:7d:65:45:9f:6d:65:1d:42:23:5f:c0:d0:2a:17:43:15:bb:
         9c:f9:07:0e:a8:ed:e8:e4:a7:84:bb:a5:32:4b:0a:fe:7f:c7:
         ba:e8:35:ee:1c:e1:51:98:b2:8a:61:5c:a6:c6:fc:85:26:5b:
         30:3f:d1:51:72:82:9a:20:14:69:c4:44:8c:77:a8:2f:79:da:
         80:8f:80:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUK9+sGHg7qoov/WrCe72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmI3ZTk3ZWQyM2Q2NmE5MWZiOGE5MWJmZDljNjc3MTEy
OWIxYWIwHhcNMjYwNDE3MTIwMDQ5WhcNMjYwNDE4MTIwMDQ5WjAzMTEwLwYDVQQD
EygyYjNkYzA2MmVjZTE1NjQ4YmM1Zjk4YzgwYmM1YzFmYjA4NmIzOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqy6A/+gauApVL+Hx8zS/ZXCov9f
QqD31/1G2VMym+s4dqtv1OB8XYlyE0HpYwQrBduEIWW9ef6dAHXkjMEJbQV/WKBI
TQm7cKy5QhjX/pUaKg1Ldp4Fk4CL4wKTa9v69hcsYedE8A/ZASllCwQdrF3MeIAO
Dh7CI+0h0mHUtGUdTHDSS6Q6I1J8cIRbdfMOmVRYMPf9ir34RANkle2CsV4wsayB
S4FajiQvb9pNahzFpmYneMdqsHSYQVCFrNbhxUGu7iUdKlv+eg0UUO7GeWyOYRk9
BZLuhTdMxfn5HUEDq7mz/NmtJstOKFyknkIcfK7i1sf+WJ85yEw7mFHGFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCs9wGLs4VZIvF+YyAvFwfsIazkdMB8GA1UdIwQY
MBaAFBtrfpftI9ZqkfuKkb/ZxncRKbGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDct
MTM2MTU1MGNiM2Q1LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDctMTM2MTU1MGNiM2Q1
LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAom1D+sSO
Jqti+m46jIjwGxyVg6KE13+vy+Ttw26OH6ibg+oI31wodYhe6SgcF11gNuaHFmh+
31w2LJDj5mWNfwghYJtlEMv/PmqFpWeavalt0d7lvplYo7h7uznzqiuU2++ZvdqH
8AVPBabZA0D48srzIDLNrvR4FdIjGFAGAKsCPJLVsysOUcn64gmf+lTU21KOVO4c
tB9S0FaUjca0Vum7IAAFazch6DpRYqDNOobgADAtOX1lRZ9tZR1CI1/A0CoXQxW7
nPkHDqjt6OSnhLulMksK/n/Huug17hzhUZiyimFcpsb8hSZbMD/RUXKCmiAUacRE
jHeoL3nagI+APw==
-----END CERTIFICATE-----