Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
File:                     gU3w5sDcpazuCDqMcwTUXz0z1W0.mft (raw, json)
Hash identifier:          jbfRMIkO2UccMB7Yv/LLjqPj4Eo75+0qMAkkqfkZDec=
Subject key identifier:   02:D7:78:80:F0:A2:62:77:C2:54:43:8D:2B:8F:CA:BF:D6:3E:0F:06
Authority key identifier: 81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D
Certificate issuer:       /CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
Certificate serial:       019D98F44F4ED10B2FE9E5F6E5690007160A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
Manifest number:          0FA1
Signing time:             Fri 17 Apr 2026 01:00:40 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:40 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:40 +0000
Files and hashes:         1: gU3w5sDcpazuCDqMcwTUXz0z1W0.crl (hash: prz8uZQKmpTQWaKVfKGjUKQFU8QKP6AQirX5GsmB62s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:4f:4e:d1:0b:2f:e9:e5:f6:e5:69:00:07:16:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
        Validity
            Not Before: Apr 17 01:00:40 2026 GMT
            Not After : Apr 18 01:00:40 2026 GMT
        Subject: CN=02d77880f0a26277c254438d2b8fcabfd63e0f06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:13:4f:d7:00:ff:3c:1c:e6:4a:31:bf:5c:e9:
                    b8:bb:34:57:b1:b8:1d:72:2b:97:e0:53:07:d7:ed:
                    74:28:39:5c:ef:02:3f:61:d9:31:76:14:3e:7e:22:
                    1d:36:0c:29:de:fe:81:e3:fb:d5:42:d5:ed:62:0b:
                    db:8c:fe:97:23:49:47:bf:0b:c1:78:e3:0f:35:b8:
                    45:d6:b1:af:64:39:71:11:a9:89:25:33:0c:b2:33:
                    1c:d0:f4:20:5b:56:02:5c:6e:db:73:07:de:8f:98:
                    b5:fb:56:76:45:70:44:92:31:1d:ce:05:be:f8:66:
                    fe:f9:01:fb:30:cf:d9:73:ee:f4:21:fe:ad:2c:3e:
                    c3:91:38:bf:b6:b4:77:0b:3a:24:8a:49:45:7d:37:
                    74:d9:89:ac:ca:b2:61:78:d5:28:3a:f4:9f:38:73:
                    e4:8e:c5:a4:d5:2e:05:5b:a6:da:b3:60:e1:c3:f7:
                    f8:48:5e:6b:7b:5a:3b:eb:3e:e8:d0:a0:66:13:37:
                    b3:26:24:ed:dd:eb:30:70:14:04:9d:ea:71:61:70:
                    33:08:1a:0b:ac:07:ba:a9:c0:47:d2:b0:7c:f3:2d:
                    e0:fe:b0:df:6e:8c:be:cc:4b:ed:01:fc:29:dd:f5:
                    89:7c:fb:0d:d6:f3:b4:a0:c6:f9:3f:17:33:f5:bf:
                    12:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:D7:78:80:F0:A2:62:77:C2:54:43:8D:2B:8F:CA:BF:D6:3E:0F:06
            X509v3 Authority Key Identifier:
                keyid:81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:ff:59:04:80:e8:d6:da:b9:8c:13:4c:2b:23:38:9c:9f:52:
         ed:60:f6:ac:55:25:f3:a3:a4:a6:dd:59:3c:52:cb:2e:d2:db:
         62:6f:44:d7:54:2f:73:85:e4:db:83:8a:e7:66:d8:be:3d:f4:
         78:83:9c:23:1c:2d:60:20:c3:a2:fc:15:05:be:f7:d9:99:e9:
         a7:ce:29:23:a1:65:34:a7:6d:4a:cd:6d:ee:96:1e:c6:a1:11:
         17:e4:36:56:55:3e:20:0b:c0:2b:ed:67:c4:e8:0d:9b:9b:fa:
         b0:41:ac:bc:c2:4c:3b:61:49:ba:c1:7c:51:7e:0e:9a:88:e0:
         69:a8:0c:95:0f:6a:25:8a:93:5f:5f:dd:f4:5c:13:cd:32:9d:
         78:f7:24:45:e0:5a:64:be:bb:99:69:d5:fe:cc:a5:57:6b:46:
         08:d8:00:8f:b4:8d:da:ab:28:26:57:cb:d5:3b:2b:1b:92:15:
         9e:94:c8:07:bd:d4:e9:b3:9c:fb:89:da:14:04:d2:12:df:bb:
         16:c2:d7:50:91:11:77:bd:73:e1:64:55:80:44:0b:51:4d:c7:
         34:4a:64:d4:ea:68:04:af:de:48:b2:80:89:ae:60:78:f0:76:
         9d:f8:b9:5a:48:1f:a1:50:df:16:e1:03:6a:0d:1c:1c:18:12:
         e9:57:10:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9E9O0Qsv6eX25WkABxYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGRmMGU2YzBkY2E1YWNlZTA4M2E4YzczMDRkNDVmM2Qz
M2Q1NmQwHhcNMjYwNDE3MDEwMDQwWhcNMjYwNDE4MDEwMDQwWjAzMTEwLwYDVQQD
EygwMmQ3Nzg4MGYwYTI2Mjc3YzI1NDQzOGQyYjhmY2FiZmQ2M2UwZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRNP1wD/PBzmSjG/XOm4uzRXsbgd
ciuX4FMH1+10KDlc7wI/YdkxdhQ+fiIdNgwp3v6B4/vVQtXtYgvbjP6XI0lHvwvB
eOMPNbhF1rGvZDlxEamJJTMMsjMc0PQgW1YCXG7bcwfej5i1+1Z2RXBEkjEdzgW+
+Gb++QH7MM/Zc+70If6tLD7DkTi/trR3CzokiklFfTd02YmsyrJheNUoOvSfOHPk
jsWk1S4FW6bas2Dhw/f4SF5re1o76z7o0KBmEzezJiTt3eswcBQEnepxYXAzCBoL
rAe6qcBH0rB88y3g/rDfboy+zEvtAfwp3fWJfPsN1vO0oMb5Pxcz9b8S+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALXeIDwomJ3wlRDjSuPyr/WPg8GMB8GA1UdIwQY
MBaAFIFN8ObA3KWs7gg6jHME1F89M9VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzIt
ZDBkMmYyY2E4Y2JjLzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzItZDBkMmYyY2E4Y2Jj
LzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaf9ZBIDo
1tq5jBNMKyM4nJ9S7WD2rFUl86Okpt1ZPFLLLtLbYm9E11Qvc4Xk24OK52bYvj30
eIOcIxwtYCDDovwVBb732Znpp84pI6FlNKdtSs1t7pYexqERF+Q2VlU+IAvAK+1n
xOgNm5v6sEGsvMJMO2FJusF8UX4OmojgaagMlQ9qJYqTX1/d9FwTzTKdePckReBa
ZL67mWnV/sylV2tGCNgAj7SN2qsoJlfL1TsrG5IVnpTIB73U6bOc+4naFATSEt+7
FsLXUJERd71z4WRVgEQLUU3HNEpk1OpoBK/eSLKAia5gePB2nfi5WkgfoVDfFuED
ag0cHBgS6VcQIA==
-----END CERTIFICATE-----