Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
File:                     GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json)
Hash identifier:          dyB6lBDQJssxhhNQlHaz4dB204Icymtp+NrAs23ZJiE=
Subject key identifier:   1C:61:74:7E:38:73:03:0F:DD:2A:89:4D:C6:B6:62:38:3B:4B:12:8E
Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D
Certificate issuer:       /CN=1a66819ed62a71090cf437e4263012d4c035067d
Certificate serial:       019D9B50D8E59AD00C3DFD3D4C0A060014F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 12:01:00 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:00 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:00 +0000
Files and hashes:         1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: b67ZgeMRxvZI2KFY+AnXJLHPTOxjz7FCZ2e6GBCIGxg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:d8:e5:9a:d0:0c:3d:fd:3d:4c:0a:06:00:14:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d
        Validity
            Not Before: Apr 17 12:01:00 2026 GMT
            Not After : Apr 18 12:01:00 2026 GMT
        Subject: CN=1c61747e3873030fdd2a894dc6b662383b4b128e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:e6:89:90:78:21:3b:02:20:b8:b5:d8:a0:41:
                    62:47:bd:6a:12:96:7b:c0:10:79:f1:a5:ae:23:59:
                    cd:4a:65:bd:ac:36:5d:d8:ef:f8:09:99:3a:25:a2:
                    85:b1:a4:53:10:d9:dc:93:a3:ff:39:8f:8c:80:e5:
                    cc:c7:b7:b3:3a:cf:35:81:9d:b2:c4:9e:59:f9:89:
                    26:de:27:d7:a3:0b:6f:f9:6d:85:f0:22:1c:38:93:
                    88:cb:07:dd:20:04:2c:76:95:f7:d5:7c:a6:65:b2:
                    69:36:c4:4c:e4:99:4c:b3:be:1e:cd:b5:89:e9:5a:
                    f0:3e:1e:08:f5:ca:20:8a:44:35:0a:01:fc:b4:5a:
                    2b:7f:87:20:37:76:19:14:27:3f:6a:27:88:1e:d1:
                    eb:fe:09:5f:3f:74:61:a7:64:89:5a:95:1c:cf:e1:
                    b9:2e:c0:2a:84:b0:17:5f:fe:36:fa:2d:9e:35:73:
                    fa:44:92:c3:a7:6f:11:01:b9:ba:27:c4:01:56:13:
                    64:ae:71:65:96:cd:19:e9:bf:23:48:ff:cd:61:07:
                    e1:7b:c2:a7:45:2e:fb:7a:2d:7d:95:cd:b1:a1:a2:
                    2e:e4:8c:6e:49:92:88:7b:2e:39:0e:a8:77:fb:81:
                    b4:b9:00:cd:87:d2:81:fe:c2:05:05:22:3e:55:46:
                    45:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:61:74:7E:38:73:03:0F:DD:2A:89:4D:C6:B6:62:38:3B:4B:12:8E
            X509v3 Authority Key Identifier:
                keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:9c:be:53:95:cf:44:b4:26:a4:8b:d8:b2:49:2b:61:ae:e3:
         95:8f:1e:a0:47:5e:b9:e0:31:9b:58:06:12:2f:1e:a3:ab:d1:
         da:60:36:70:5a:ee:17:5d:82:e0:09:ee:a4:80:2f:a0:ec:07:
         0a:06:7d:78:0b:20:e7:83:10:70:52:3c:6f:ae:71:37:1c:cf:
         98:bc:f8:30:a8:89:cb:f8:ef:7a:ca:2d:08:38:f3:fd:74:15:
         ae:ae:bf:5d:22:82:26:23:de:a4:31:7c:05:ac:5e:02:eb:99:
         21:cd:bb:dd:a2:d0:e8:55:38:39:ee:bf:ea:9d:b7:ac:7e:6a:
         53:5c:ff:2e:f8:f1:ae:14:47:f5:91:a6:4b:76:ae:99:56:0b:
         53:4e:d6:30:d7:7c:09:f9:b0:fc:97:2c:8d:d2:58:b1:da:70:
         4b:02:5c:a0:a1:4f:1a:a2:f1:29:4c:06:ee:60:aa:c3:67:3a:
         61:b4:0f:25:77:7b:7f:59:78:7b:1a:26:1c:b9:4a:cc:36:f8:
         6e:27:ea:2c:1b:90:f7:7f:14:bb:b0:3c:de:d3:4d:a4:d4:1d:
         1f:ce:66:02:d1:f3:55:9f:ba:c3:f5:85:41:aa:fe:72:f4:7e:
         41:fd:7f:c1:a5:ad:0f:c8:ba:c7:eb:03:7c:49:da:39:6c:d9:
         83:99:e6:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUNjlmtAMPf09TAoGABT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz
NTA2N2QwHhcNMjYwNDE3MTIwMTAwWhcNMjYwNDE4MTIwMTAwWjAzMTEwLwYDVQQD
EygxYzYxNzQ3ZTM4NzMwMzBmZGQyYTg5NGRjNmI2NjIzODNiNGIxMjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+aJkHghOwIguLXYoEFiR71qEpZ7
wBB58aWuI1nNSmW9rDZd2O/4CZk6JaKFsaRTENnck6P/OY+MgOXMx7ezOs81gZ2y
xJ5Z+Ykm3ifXowtv+W2F8CIcOJOIywfdIAQsdpX31XymZbJpNsRM5JlMs74ezbWJ
6VrwPh4I9cogikQ1CgH8tForf4cgN3YZFCc/aieIHtHr/glfP3Rhp2SJWpUcz+G5
LsAqhLAXX/42+i2eNXP6RJLDp28RAbm6J8QBVhNkrnFlls0Z6b8jSP/NYQfhe8Kn
RS77ei19lc2xoaIu5IxuSZKIey45Dqh3+4G0uQDNh9KB/sIFBSI+VUZFHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxhdH44cwMP3SqJTca2Yjg7SxKOMB8GA1UdIwQY
MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt
NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3
LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZZy+U5XP
RLQmpIvYskkrYa7jlY8eoEdeueAxm1gGEi8eo6vR2mA2cFruF12C4AnupIAvoOwH
CgZ9eAsg54MQcFI8b65xNxzPmLz4MKiJy/jvesotCDjz/XQVrq6/XSKCJiPepDF8
BaxeAuuZIc273aLQ6FU4Oe6/6p23rH5qU1z/LvjxrhRH9ZGmS3aumVYLU07WMNd8
Cfmw/JcsjdJYsdpwSwJcoKFPGqLxKUwG7mCqw2c6YbQPJXd7f1l4exomHLlKzDb4
bifqLBuQ938Uu7A83tNNpNQdH85mAtHzVZ+6w/WFQar+cvR+Qf1/waWtD8i6x+sD
fEnaOWzZg5nmog==
-----END CERTIFICATE-----