Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
File:                     G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json)
Hash identifier:          VpYTXLPruuP6WEMeC5CXAjy8LsQwP0WDWQ3k1X1dxVE=
Subject key identifier:   76:16:23:A5:AC:D2:94:E2:E8:F1:C3:99:D4:6F:24:3B:7B:A5:2B:7D
Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD
Certificate issuer:       /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
Certificate serial:       019CAD5990EB1A6B7FCBA625812DD4847E1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
Manifest number:          0FDF
Signing time:             Mon 02 Mar 2026 07:00:54 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:54 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:54 +0000
Files and hashes:         1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: Qg5rWI1Ezz1aU+LRaFiAlwJw5Kc8P8eRjSMXgcs2cfU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:90:eb:1a:6b:7f:cb:a6:25:81:2d:d4:84:7e:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
        Validity
            Not Before: Mar  2 07:00:54 2026 GMT
            Not After : Mar  3 07:00:54 2026 GMT
        Subject: CN=761623a5acd294e2e8f1c399d46f243b7ba52b7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1e:00:46:65:a9:71:55:8e:c4:25:fa:28:d9:
                    57:80:45:d6:0d:16:f5:ea:7e:60:c2:89:ff:53:ef:
                    b6:1e:e9:77:db:c0:e1:f5:b5:f2:cd:5a:a1:69:7c:
                    ce:e5:d2:4d:1f:a2:05:9d:f2:32:8d:d2:4d:d0:b0:
                    b2:d8:65:de:a4:78:80:1c:f1:fa:32:a6:0a:47:fe:
                    1c:70:9d:b4:56:7d:9e:77:d1:27:09:3a:ff:8e:e2:
                    bb:9b:8b:0e:56:cf:bb:8b:bc:47:ab:3c:4e:16:53:
                    61:04:f4:f6:11:c5:c1:62:59:4c:e6:23:39:28:c5:
                    33:56:ac:d3:b3:b5:cc:c2:7e:6e:3f:6f:05:bc:10:
                    15:13:46:ad:b7:79:7f:34:9d:95:2c:48:7f:3c:a4:
                    fa:30:3c:c6:29:49:5e:39:89:70:c6:a7:bc:94:71:
                    cf:11:de:44:15:e0:fa:ad:65:7e:66:4f:3d:b7:5d:
                    cc:06:c9:41:36:c9:ae:46:41:0b:9c:84:1e:95:7a:
                    eb:49:1d:40:6d:a0:ad:29:38:05:a7:01:d0:67:d5:
                    a2:9b:eb:27:ac:3d:5d:e7:aa:03:68:ad:54:37:7f:
                    bd:a3:14:f0:b4:64:64:56:61:f3:96:52:2c:65:e0:
                    17:57:95:25:6f:c5:3c:cd:d3:21:8d:50:44:3a:7a:
                    ee:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:16:23:A5:AC:D2:94:E2:E8:F1:C3:99:D4:6F:24:3B:7B:A5:2B:7D
            X509v3 Authority Key Identifier:
                keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:05:c2:f1:63:d7:8c:cd:c5:9a:c5:22:00:c5:60:89:a5:e7:
         35:69:25:d2:71:67:2f:6b:36:bb:7a:65:47:82:a9:6b:44:b8:
         50:20:e8:8b:b9:6f:88:42:cf:91:1e:43:a9:26:14:1a:35:d2:
         22:da:ed:8f:5c:23:c4:a8:e6:0d:b2:8f:df:ee:ef:9c:a9:af:
         6a:72:d6:14:d7:9e:c6:dc:35:8a:a8:3a:26:7f:0f:b6:a7:43:
         37:32:4e:b6:26:61:5f:a1:42:34:17:75:2f:77:7e:51:d4:3c:
         9a:48:55:f9:db:c4:ed:4a:92:e7:30:78:96:8e:8f:c8:af:ab:
         aa:72:3f:66:94:ce:ff:00:9c:47:29:4a:2d:29:06:fa:f0:27:
         94:9b:64:16:d9:64:94:01:a6:da:eb:28:74:66:e1:b2:2a:b7:
         87:b1:30:48:2a:f8:91:fe:23:52:54:14:29:8d:2d:04:35:ab:
         64:48:c6:0d:61:05:96:49:52:92:ab:bf:fd:56:a9:d4:98:2d:
         bc:17:e6:af:6a:ab:16:c1:d2:e0:c5:98:a5:a1:37:c9:58:a6:
         45:e3:f9:e8:9b:a0:f3:d2:a6:ef:4b:17:51:68:4f:1c:3f:ba:
         fe:8c:f8:7c:95:cd:e2:35:fe:c6:ef:cc:7b:75:25:23:e4:f1:
         61:68:7f:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWZDrGmt/y6YlgS3UhH4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh
NTZjYmQwHhcNMjYwMzAyMDcwMDU0WhcNMjYwMzAzMDcwMDU0WjAzMTEwLwYDVQQD
Eyg3NjE2MjNhNWFjZDI5NGUyZThmMWMzOTlkNDZmMjQzYjdiYTUyYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx4ARmWpcVWOxCX6KNlXgEXWDRb1
6n5gwon/U++2Hul328Dh9bXyzVqhaXzO5dJNH6IFnfIyjdJN0LCy2GXepHiAHPH6
MqYKR/4ccJ20Vn2ed9EnCTr/juK7m4sOVs+7i7xHqzxOFlNhBPT2EcXBYllM5iM5
KMUzVqzTs7XMwn5uP28FvBAVE0att3l/NJ2VLEh/PKT6MDzGKUleOYlwxqe8lHHP
Ed5EFeD6rWV+Zk89t13MBslBNsmuRkELnIQelXrrSR1AbaCtKTgFpwHQZ9Wim+sn
rD1d56oDaK1UN3+9oxTwtGRkVmHzllIsZeAXV5Ulb8U8zdMhjVBEOnrueQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYWI6Ws0pTi6PHDmdRvJDt7pSt9MB8GA1UdIwQY
MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt
MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx
LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARQXC8WPX
jM3FmsUiAMVgiaXnNWkl0nFnL2s2u3plR4Kpa0S4UCDoi7lviELPkR5DqSYUGjXS
Itrtj1wjxKjmDbKP3+7vnKmvanLWFNeextw1iqg6Jn8PtqdDNzJOtiZhX6FCNBd1
L3d+UdQ8mkhV+dvE7UqS5zB4lo6PyK+rqnI/ZpTO/wCcRylKLSkG+vAnlJtkFtlk
lAGm2usodGbhsiq3h7EwSCr4kf4jUlQUKY0tBDWrZEjGDWEFlklSkqu//Vap1Jgt
vBfmr2qrFsHS4MWYpaE3yVimReP56Jug89Km70sXUWhPHD+6/oz4fJXN4jX+xu/M
e3UlI+TxYWh/tA==
-----END CERTIFICATE-----