Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
File:                     1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft (raw, json)
Hash identifier:          3clom0aRpUIDWk88g+52ZUtHnNbFLP2MEQFRDZ72I84=
Subject key identifier:   82:C6:75:8D:E4:A4:43:0D:C8:03:9A:01:F6:A0:75:AB:09:6C:55:C2
Authority key identifier: D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21
Certificate issuer:       /CN=d60ce3443860a7f70d43350776909a4810a48621
Certificate serial:       019CAD5999DFF5294226130073E74D5ADB7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
Manifest number:          0D8C
Signing time:             Mon 02 Mar 2026 07:00:56 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:56 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:56 +0000
Files and hashes:         1: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl (hash: k0qNapVYe92jUBuXMOwpccTJhed4xIdjWe76HwMsPqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:99:df:f5:29:42:26:13:00:73:e7:4d:5a:db:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60ce3443860a7f70d43350776909a4810a48621
        Validity
            Not Before: Mar  2 07:00:56 2026 GMT
            Not After : Mar  3 07:00:56 2026 GMT
        Subject: CN=82c6758de4a4430dc8039a01f6a075ab096c55c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:b2:46:c9:24:99:e7:30:98:78:0a:2c:53:89:
                    21:b8:6c:98:6b:e8:9c:88:48:01:d4:9c:0a:7d:72:
                    20:7b:ea:2a:cd:37:f6:1e:b8:56:81:d6:6e:a5:b0:
                    59:c8:3e:ac:a8:40:f6:aa:03:04:35:64:a0:8a:84:
                    ab:bc:c8:47:9c:db:f7:a0:25:99:15:b9:3d:d7:cb:
                    47:62:d3:ea:19:13:02:64:4b:83:43:04:f9:2d:40:
                    23:03:eb:21:17:94:68:57:2b:01:f9:93:23:db:19:
                    55:11:dd:6e:7a:7d:1e:93:83:ba:89:b4:ac:5a:e1:
                    b1:c5:2a:4f:8c:f0:f2:39:85:db:c2:4d:ce:45:59:
                    d4:e9:b8:b4:fa:12:8d:a2:a4:1b:35:b3:23:0f:b0:
                    29:9c:f6:67:33:09:7a:9c:c9:c3:d6:0f:6b:37:0f:
                    82:0c:a4:23:0f:9d:21:14:d6:95:15:3d:bd:05:2e:
                    53:e2:81:6a:ee:35:91:fe:00:26:71:a9:03:98:f3:
                    d5:f2:79:37:93:60:cd:05:59:bb:fb:d4:2e:95:d8:
                    22:6f:38:dc:03:4e:05:34:59:be:c7:69:72:cc:91:
                    4b:e6:a3:c4:be:53:5d:61:c7:3e:33:89:1d:09:b2:
                    58:29:7f:62:13:7c:2a:9e:71:ca:bd:59:b3:99:00:
                    25:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:C6:75:8D:E4:A4:43:0D:C8:03:9A:01:F6:A0:75:AB:09:6C:55:C2
            X509v3 Authority Key Identifier:
                keyid:D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:59:94:a5:db:13:fc:8c:e5:d4:6a:9b:c1:8c:87:3a:98:b9:
         b1:7f:36:61:af:45:c8:0f:7d:6d:53:14:c8:62:66:e0:f9:b9:
         6f:e7:5f:ab:4d:5d:78:70:80:2e:47:4e:bf:3b:76:7a:a0:d4:
         8e:ea:e4:44:ce:4d:b1:47:da:5d:28:9a:9c:db:87:77:6c:61:
         f1:83:0f:fa:12:0f:ba:07:48:17:9f:a8:35:f8:0b:ba:52:3a:
         97:c6:af:70:47:04:bc:ca:94:50:4b:83:10:ff:b9:7d:01:79:
         15:77:f6:74:a9:8c:d5:68:f7:a1:85:8f:43:92:ee:b5:d2:f1:
         1d:db:f8:5c:43:fb:a2:36:7e:bb:33:e5:0f:02:0e:52:33:92:
         a2:f7:14:45:5e:c0:b8:48:22:3a:76:0d:95:5c:d2:12:9f:6b:
         0c:3d:29:22:71:ed:a9:72:a9:6d:b9:70:d8:04:a6:92:29:31:
         1c:0b:47:67:10:2b:6f:f5:64:56:08:40:f1:24:f2:76:9c:10:
         61:01:e5:65:d7:91:0f:77:83:04:25:00:32:9a:fc:b6:7d:b2:
         9f:69:38:fb:5b:c4:97:22:36:f0:16:a8:9c:cb:20:6c:60:31:
         e2:9a:5a:9b:68:d1:52:1c:13:48:f7:f8:b9:41:80:5d:9f:68:
         ef:a3:53:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWZnf9SlCJhMAc+dNWtt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGNlMzQ0Mzg2MGE3ZjcwZDQzMzUwNzc2OTA5YTQ4MTBh
NDg2MjEwHhcNMjYwMzAyMDcwMDU2WhcNMjYwMzAzMDcwMDU2WjAzMTEwLwYDVQQD
Eyg4MmM2NzU4ZGU0YTQ0MzBkYzgwMzlhMDFmNmEwNzVhYjA5NmM1NWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA87JGySSZ5zCYeAosU4khuGyYa+ic
iEgB1JwKfXIge+oqzTf2HrhWgdZupbBZyD6sqED2qgMENWSgioSrvMhHnNv3oCWZ
Fbk918tHYtPqGRMCZEuDQwT5LUAjA+shF5RoVysB+ZMj2xlVEd1uen0ek4O6ibSs
WuGxxSpPjPDyOYXbwk3ORVnU6bi0+hKNoqQbNbMjD7ApnPZnMwl6nMnD1g9rNw+C
DKQjD50hFNaVFT29BS5T4oFq7jWR/gAmcakDmPPV8nk3k2DNBVm7+9Quldgibzjc
A04FNFm+x2lyzJFL5qPEvlNdYcc+M4kdCbJYKX9iE3wqnnHKvVmzmQAllwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFILGdY3kpEMNyAOaAfagdasJbFXCMB8GA1UdIwQY
MBaAFNYM40Q4YKf3DUM1B3aQmkgQpIYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTct
ZGFmZmU1MmI5ZjBkLzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTctZGFmZmU1MmI5ZjBk
LzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb1mUpdsT
/Izl1GqbwYyHOpi5sX82Ya9FyA99bVMUyGJm4Pm5b+dfq01deHCALkdOvzt2eqDU
jurkRM5NsUfaXSianNuHd2xh8YMP+hIPugdIF5+oNfgLulI6l8avcEcEvMqUUEuD
EP+5fQF5FXf2dKmM1Wj3oYWPQ5LutdLxHdv4XEP7ojZ+uzPlDwIOUjOSovcURV7A
uEgiOnYNlVzSEp9rDD0pInHtqXKpbblw2ASmkikxHAtHZxArb/VkVghA8STydpwQ
YQHlZdeRD3eDBCUAMpr8tn2yn2k4+1vElyI28BaonMsgbGAx4ppam2jRUhwTSPf4
uUGAXZ9o76NTew==
-----END CERTIFICATE-----