Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
File:                     gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json)
Hash identifier:          VQBz/zFVT+SgCedD1oEOByc/IvbRSFlOyKFfobHtSRM=
Subject key identifier:   29:72:30:77:40:86:46:81:DB:06:84:83:D2:FC:40:9E:DD:C4:8B:8B
Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66
Certificate issuer:       /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
Certificate serial:       019CAB6BE4A87C52624618B217F24A371763
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:01:40 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:40 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:40 +0000
Files and hashes:         1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: N2rgHWxjro1NBgUhqxTTAweEAgU+p6CnVd3pKhKzocM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:e4:a8:7c:52:62:46:18:b2:17:f2:4a:37:17:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
        Validity
            Not Before: Mar  1 22:01:40 2026 GMT
            Not After : Mar  2 22:01:40 2026 GMT
        Subject: CN=2972307740864681db068483d2fc409eddc48b8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:9b:cd:45:3f:42:3d:9a:c1:b1:48:de:47:57:
                    64:9e:b8:86:87:7d:cb:30:91:33:63:dc:e3:34:43:
                    00:55:77:12:bf:99:83:19:a4:e4:ca:60:f5:6c:76:
                    dc:5f:90:4f:da:ad:38:95:1a:91:de:8a:d7:a1:a2:
                    e5:c7:45:e6:87:6b:43:e5:01:be:d2:13:a5:c2:8a:
                    a6:41:f5:97:1a:53:0f:3b:8f:20:9d:31:ec:90:db:
                    23:f2:ad:b8:e8:95:a8:78:54:7e:a2:fb:0b:b1:94:
                    70:de:33:ec:50:a9:b5:93:ae:a5:04:b8:0e:06:3c:
                    f1:2f:2a:bc:74:18:01:be:58:40:95:36:62:5a:13:
                    ed:22:f6:8a:e2:e9:d0:89:f4:d1:fb:4e:90:49:e1:
                    9e:33:5e:54:5f:e5:07:dc:86:ac:07:34:0f:7e:ff:
                    f2:f6:b1:1b:18:1a:1e:03:7f:64:88:59:78:a6:64:
                    72:82:84:b9:c5:b0:6c:f0:61:f4:53:71:e2:13:00:
                    ee:3e:e3:d1:64:62:6d:84:43:44:b0:3b:9f:ba:1e:
                    8d:0c:29:7e:64:ea:4f:1f:90:9a:30:1e:70:17:80:
                    d1:f8:5f:93:38:d7:95:02:2d:1f:23:8f:86:82:53:
                    5e:99:a3:1a:64:87:dd:81:02:ec:98:8e:e3:6c:ce:
                    ae:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:72:30:77:40:86:46:81:DB:06:84:83:D2:FC:40:9E:DD:C4:8B:8B
            X509v3 Authority Key Identifier:
                keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:c9:d6:91:ac:af:2f:ca:87:43:26:1e:47:6f:4a:29:91:6b:
         0c:b8:76:18:0c:2c:b5:4e:ac:f2:3a:46:a3:30:40:67:7c:aa:
         65:0f:16:91:38:22:a4:84:e0:1a:ac:0b:0c:16:41:41:7b:76:
         b7:9a:7f:80:06:d5:81:15:24:a7:f2:4f:f4:4c:49:ad:a1:ed:
         27:cd:e2:20:2d:b5:61:1a:11:ed:b2:33:9f:52:36:96:b7:bb:
         4a:32:7c:4a:63:a0:71:2b:a0:94:9f:0f:47:2e:23:64:37:a5:
         2b:7a:bf:a7:2f:74:ff:14:a5:a5:09:dd:bc:26:25:24:f8:53:
         80:f8:4f:d5:0c:b3:2e:c2:2a:84:cc:57:85:ab:0f:8c:a6:a0:
         d9:1e:ba:6a:51:24:57:32:e0:16:18:7e:b3:2d:28:e6:da:25:
         71:eb:a8:b5:06:2d:9a:50:62:8b:92:b3:f8:22:5f:a6:eb:4b:
         7c:c1:ca:5e:ec:d6:69:ad:af:1f:ad:1e:7b:0b:2c:5c:20:c9:
         ae:2e:6f:c3:f4:74:4c:ae:88:45:13:75:8d:82:37:89:22:f5:
         24:ec:f7:75:e4:93:82:7d:f9:bc:b4:6c:91:18:83:59:17:33:
         59:a0:a3:6a:bb:20:46:ed:4c:0f:80:20:1d:b6:42:03:5e:4c:
         b2:02:d5:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra+SofFJiRhiyF/JKNxdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi
NWZhNjYwHhcNMjYwMzAxMjIwMTQwWhcNMjYwMzAyMjIwMTQwWjAzMTEwLwYDVQQD
EygyOTcyMzA3NzQwODY0NjgxZGIwNjg0ODNkMmZjNDA5ZWRkYzQ4YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJvNRT9CPZrBsUjeR1dknriGh33L
MJEzY9zjNEMAVXcSv5mDGaTkymD1bHbcX5BP2q04lRqR3orXoaLlx0Xmh2tD5QG+
0hOlwoqmQfWXGlMPO48gnTHskNsj8q246JWoeFR+ovsLsZRw3jPsUKm1k66lBLgO
BjzxLyq8dBgBvlhAlTZiWhPtIvaK4unQifTR+06QSeGeM15UX+UH3IasBzQPfv/y
9rEbGBoeA39kiFl4pmRygoS5xbBs8GH0U3HiEwDuPuPRZGJthENEsDufuh6NDCl+
ZOpPH5CaMB5wF4DR+F+TONeVAi0fI4+GglNemaMaZIfdgQLsmI7jbM6u3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClyMHdAhkaB2waEg9L8QJ7dxIuLMB8GA1UdIwQY
MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt
NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz
LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu8nWkayv
L8qHQyYeR29KKZFrDLh2GAwstU6s8jpGozBAZ3yqZQ8WkTgipITgGqwLDBZBQXt2
t5p/gAbVgRUkp/JP9ExJraHtJ83iIC21YRoR7bIzn1I2lre7SjJ8SmOgcSuglJ8P
Ry4jZDelK3q/py90/xSlpQndvCYlJPhTgPhP1QyzLsIqhMxXhasPjKag2R66alEk
VzLgFhh+sy0o5tolceuotQYtmlBii5Kz+CJfputLfMHKXuzWaa2vH60eewssXCDJ
ri5vw/R0TK6IRRN1jYI3iSL1JOz3deSTgn35vLRskRiDWRczWaCjarsgRu1MD4Ag
HbZCA15MsgLVPg==
-----END CERTIFICATE-----