Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
File:                     GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json)
Hash identifier:          SNht2067n/JMVNUf+atNc+/JV8I2UkmcUVElwlRSUHc=
Subject key identifier:   6C:A8:9D:6D:6B:75:BC:97:E1:EE:27:01:58:F5:46:52:13:14:7F:85
Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D
Certificate issuer:       /CN=1a66819ed62a71090cf437e4263012d4c035067d
Certificate serial:       019CABD97F7BD3D5BDA75B8CC21200258CEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 00:01:23 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:23 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:23 +0000
Files and hashes:         1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: Y8XUmwsk3GMSYv7IUfizBCiT4JSuQgbRwZoDiMXLCQI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:7f:7b:d3:d5:bd:a7:5b:8c:c2:12:00:25:8c:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d
        Validity
            Not Before: Mar  2 00:01:23 2026 GMT
            Not After : Mar  3 00:01:23 2026 GMT
        Subject: CN=6ca89d6d6b75bc97e1ee270158f5465213147f85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ff:e9:30:f8:e9:c9:3b:83:b4:d6:91:5b:1c:
                    81:66:43:34:31:60:a5:f7:11:b1:e6:3c:9b:f4:b0:
                    8d:a4:7f:b7:38:67:ea:31:45:34:59:76:da:4e:1d:
                    60:c0:ff:b7:be:8e:53:3a:1a:13:72:d6:14:be:bd:
                    68:cb:ed:f4:5f:fe:9a:5e:69:a2:70:5d:52:77:a2:
                    1c:9a:61:fe:b1:1b:e1:ac:04:7a:35:fd:d5:34:74:
                    e3:cb:16:dd:e4:c2:eb:94:70:60:0c:b6:0a:54:ac:
                    a2:bf:2b:5a:56:51:2c:fe:16:19:64:0c:a3:1e:3c:
                    c7:95:49:f4:54:65:f8:e4:e4:0c:c2:09:a4:a7:71:
                    8d:c9:6e:c5:d3:78:03:6d:0f:6f:0b:53:fc:e5:fa:
                    27:de:77:7f:6e:aa:a2:f1:c5:f1:03:b8:d0:16:b8:
                    9b:21:6c:84:32:83:5a:ae:f5:5a:b8:ee:8e:b4:85:
                    76:c9:5c:fb:68:be:fb:85:38:c8:d7:d6:88:0a:da:
                    30:f1:7d:91:2b:91:ca:10:a3:3f:87:5a:22:33:0b:
                    ba:c4:e4:74:44:6f:a7:4e:b2:54:8a:f7:6f:48:d0:
                    9f:f0:1d:12:8d:a2:bc:df:0a:fa:f3:1b:82:aa:37:
                    3d:4f:22:5b:29:90:5c:e1:4d:48:a7:33:62:77:26:
                    93:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:A8:9D:6D:6B:75:BC:97:E1:EE:27:01:58:F5:46:52:13:14:7F:85
            X509v3 Authority Key Identifier:
                keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:f3:ec:ae:f0:06:68:d5:8f:91:57:b3:5c:e2:ec:80:2d:62:
         32:3d:2a:b4:65:2e:a9:c3:f9:0b:96:3c:29:87:30:78:15:da:
         9a:9f:c3:bd:5b:36:8a:f4:f1:82:3a:9a:7a:66:a3:98:dc:22:
         05:ac:81:cf:3f:d1:d3:12:52:f3:34:e9:75:9f:91:75:06:23:
         37:b9:01:51:1b:d2:1d:03:07:41:8c:6e:8b:4b:8a:0c:20:7f:
         83:15:aa:71:b1:19:ee:7c:ff:c1:fb:bc:2a:32:e1:b9:d8:e4:
         d2:c1:6e:41:55:31:80:51:a0:8c:27:70:45:ca:2d:60:e4:62:
         59:ce:12:65:f6:c6:a0:ac:29:f3:d0:cc:a2:1b:ac:9c:f3:ce:
         f1:da:87:7d:4d:d8:c6:33:fe:90:73:9f:7b:2f:96:37:33:ec:
         81:23:0b:40:1d:59:23:99:32:d9:98:97:23:87:c0:81:3c:e6:
         3c:e2:e9:06:06:c5:0e:3e:7b:19:a2:62:f9:c0:db:89:83:eb:
         4e:7e:37:1c:5b:07:d9:c4:a0:48:39:90:96:79:80:c3:1d:7e:
         23:be:99:9b:bf:d3:0e:24:9f:95:34:7f:3f:9a:ac:c4:94:59:
         87:76:2c:d1:af:c7:5f:bd:74:99:ee:ce:af:3d:9f:22:e6:02:
         f2:c0:fb:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2X9709W9p1uMwhIAJYzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz
NTA2N2QwHhcNMjYwMzAyMDAwMTIzWhcNMjYwMzAzMDAwMTIzWjAzMTEwLwYDVQQD
Eyg2Y2E4OWQ2ZDZiNzViYzk3ZTFlZTI3MDE1OGY1NDY1MjEzMTQ3Zjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP/pMPjpyTuDtNaRWxyBZkM0MWCl
9xGx5jyb9LCNpH+3OGfqMUU0WXbaTh1gwP+3vo5TOhoTctYUvr1oy+30X/6aXmmi
cF1Sd6IcmmH+sRvhrAR6Nf3VNHTjyxbd5MLrlHBgDLYKVKyivytaVlEs/hYZZAyj
HjzHlUn0VGX45OQMwgmkp3GNyW7F03gDbQ9vC1P85fon3nd/bqqi8cXxA7jQFrib
IWyEMoNarvVauO6OtIV2yVz7aL77hTjI19aICtow8X2RK5HKEKM/h1oiMwu6xOR0
RG+nTrJUivdvSNCf8B0SjaK83wr68xuCqjc9TyJbKZBc4U1IpzNidyaTGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyonW1rdbyX4e4nAVj1RlITFH+FMB8GA1UdIwQY
MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt
NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3
LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUvPsrvAG
aNWPkVezXOLsgC1iMj0qtGUuqcP5C5Y8KYcweBXamp/DvVs2ivTxgjqaemajmNwi
BayBzz/R0xJS8zTpdZ+RdQYjN7kBURvSHQMHQYxui0uKDCB/gxWqcbEZ7nz/wfu8
KjLhudjk0sFuQVUxgFGgjCdwRcotYORiWc4SZfbGoKwp89DMohusnPPO8dqHfU3Y
xjP+kHOfey+WNzPsgSMLQB1ZI5ky2ZiXI4fAgTzmPOLpBgbFDj57GaJi+cDbiYPr
Tn43HFsH2cSgSDmQlnmAwx1+I76Zm7/TDiSflTR/P5qsxJRZh3Ys0a/HX710me7O
rz2fIuYC8sD73A==
-----END CERTIFICATE-----