Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          tmE3CT0WyoTL6Fv9N/lp6UMCp1Hm3G0cTrxf95gvNfA=
Subject key identifier:   EF:71:99:77:C1:1E:73:A9:3D:FA:A7:C9:E6:94:33:3A:2D:FC:89:7F
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       019CAD903D175E38477160DD9F8F7660823A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          0F4F
Signing time:             Mon 02 Mar 2026 08:00:36 +0000
Manifest this update:     Mon 02 Mar 2026 08:00:36 +0000
Manifest next update:     Tue 03 Mar 2026 08:00:36 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: 0+M8Tb0GPs4Ux9+G4r7QO6AnObmZwqoQNhQOlzPUe2E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:90:3d:17:5e:38:47:71:60:dd:9f:8f:76:60:82:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: Mar  2 08:00:36 2026 GMT
            Not After : Mar  3 08:00:36 2026 GMT
        Subject: CN=ef719977c11e73a93dfaa7c9e694333a2dfc897f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:a3:97:94:c6:4e:63:87:64:cd:2e:87:d2:2d:
                    e9:f2:11:33:dd:9a:31:7f:61:dd:11:e5:f2:25:96:
                    d6:79:ee:4c:32:b8:c6:d7:22:dd:82:6c:ee:f8:ee:
                    15:78:ce:d1:08:b2:61:84:da:e4:bd:88:12:e3:31:
                    83:b2:f8:16:1c:c0:3d:9d:60:f2:33:a8:ec:21:ac:
                    13:b1:0f:7f:43:e2:2c:99:d4:83:94:5d:a6:5e:50:
                    6d:25:30:00:8f:07:07:88:d1:12:2a:c3:c8:e3:ce:
                    74:bb:7d:d9:fb:44:46:c6:b6:6a:cd:66:2c:e0:10:
                    15:86:b3:b1:37:a5:8d:e4:66:e0:db:97:35:e1:f9:
                    59:39:1c:87:a6:3e:4b:6b:66:a9:0e:33:f3:f1:3a:
                    49:51:e8:2d:33:bf:f3:a9:1b:22:26:fe:1e:b6:42:
                    ad:ae:ce:fd:85:c5:c9:9f:5a:64:6b:cb:da:8d:c5:
                    c7:b2:5e:e9:ea:86:38:fc:65:b1:dc:f9:e3:81:6b:
                    e6:1f:7b:26:09:50:a3:29:5e:57:7a:ce:bf:4f:af:
                    a9:e2:f2:9b:9a:b8:35:84:c0:48:d6:85:1e:8f:d9:
                    3e:29:6d:7c:a5:16:d0:8b:1e:61:10:99:ab:b0:ec:
                    5f:f2:ac:a8:e4:a0:85:f5:18:52:cf:ec:8c:05:72:
                    a9:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:71:99:77:C1:1E:73:A9:3D:FA:A7:C9:E6:94:33:3A:2D:FC:89:7F
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:30:b9:8e:8d:59:21:2c:37:8e:99:ea:01:c1:1b:32:82:56:
         d0:84:76:f9:bf:69:65:bc:60:a3:dc:1b:18:fa:85:9e:b3:5e:
         b1:1a:62:c8:80:60:bb:9b:58:58:be:08:24:ee:b7:cc:0c:01:
         31:de:3d:1b:02:c4:ee:ac:88:86:17:e8:74:60:8a:1a:b8:3b:
         5f:f6:0a:bd:1e:50:e0:ff:0a:72:03:6f:d4:f8:c4:0b:0b:b4:
         38:bd:56:5f:90:e3:e3:8f:50:02:6f:d5:8d:2f:53:7f:c2:48:
         af:21:6e:5a:4d:ce:c3:81:39:eb:4f:4b:74:a0:f0:6b:05:19:
         5c:a5:e7:2e:ca:c4:3f:53:7d:03:7d:6a:2f:5d:a0:2a:7d:2f:
         20:54:1c:74:d9:c0:98:9a:93:08:b9:07:e2:a4:23:55:1f:bd:
         fc:f4:7c:76:08:ea:94:63:c5:78:c9:31:a7:72:5c:cf:8e:5c:
         df:27:5e:95:13:56:44:c0:c4:ee:7a:aa:92:f0:c0:a9:86:02:
         e6:a8:f4:21:50:cd:40:41:6c:9c:f9:6e:e0:7d:bf:5f:cf:8b:
         f6:42:8f:30:10:f1:09:2b:54:e4:0c:f9:35:88:e1:8e:a3:0a:
         e6:d4:e9:81:fc:ae:ed:ef:b2:3d:89:12:13:88:79:f2:a9:09:
         e8:d1:84:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkD0XXjhHcWDdn492YII6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjYwMzAyMDgwMDM2WhcNMjYwMzAzMDgwMDM2WjAzMTEwLwYDVQQD
EyhlZjcxOTk3N2MxMWU3M2E5M2RmYWE3YzllNjk0MzMzYTJkZmM4OTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6OXlMZOY4dkzS6H0i3p8hEz3Zox
f2HdEeXyJZbWee5MMrjG1yLdgmzu+O4VeM7RCLJhhNrkvYgS4zGDsvgWHMA9nWDy
M6jsIawTsQ9/Q+IsmdSDlF2mXlBtJTAAjwcHiNESKsPI4850u33Z+0RGxrZqzWYs
4BAVhrOxN6WN5Gbg25c14flZORyHpj5La2apDjPz8TpJUegtM7/zqRsiJv4etkKt
rs79hcXJn1pka8vajcXHsl7p6oY4/GWx3PnjgWvmH3smCVCjKV5Xes6/T6+p4vKb
mrg1hMBI1oUej9k+KW18pRbQix5hEJmrsOxf8qyo5KCF9RhSz+yMBXKpvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9xmXfBHnOpPfqnyeaUMzot/Il/MB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAATC5jo1Z
ISw3jpnqAcEbMoJW0IR2+b9pZbxgo9wbGPqFnrNesRpiyIBgu5tYWL4IJO63zAwB
Md49GwLE7qyIhhfodGCKGrg7X/YKvR5Q4P8KcgNv1PjECwu0OL1WX5Dj449QAm/V
jS9Tf8JIryFuWk3Ow4E5609LdKDwawUZXKXnLsrEP1N9A31qL12gKn0vIFQcdNnA
mJqTCLkH4qQjVR+9/PR8dgjqlGPFeMkxp3Jcz45c3ydelRNWRMDE7nqqkvDAqYYC
5qj0IVDNQEFsnPlu4H2/X8+L9kKPMBDxCStU5Az5NYjhjqMK5tTpgfyu7e+yPYkS
E4h58qkJ6NGEMg==
-----END CERTIFICATE-----