Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          ndNgFBfW5mWGoFH5fJUNGqqcojQXVCfPyNjanteK7Vs=
Subject key identifier:   D1:96:35:78:ED:B7:54:EF:69:50:9C:D6:D6:B1:91:71:BA:74:5F:B7
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       019D277295E4B1CA399B177E9C7B302D02E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          0D14
Signing time:             Thu 26 Mar 2026 00:01:53 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:53 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:53 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: G29CPS+G1pBfnA+0x4iSoWK5j6rvVbHX0B2o4jN6KH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:95:e4:b1:ca:39:9b:17:7e:9c:7b:30:2d:02:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Mar 26 00:01:53 2026 GMT
            Not After : Mar 27 00:01:53 2026 GMT
        Subject: CN=d1963578edb754ef69509cd6d6b19171ba745fb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:41:d7:04:24:47:da:54:ea:89:f7:53:69:b5:
                    b6:63:c9:a1:c5:5b:2d:22:59:74:15:f2:54:2e:35:
                    9a:8c:58:62:dc:7f:81:35:97:7d:bd:64:a0:1f:61:
                    19:8c:3e:a5:5d:3f:5c:b9:6f:8a:2e:c1:16:ad:e3:
                    06:63:b3:91:78:24:d6:4a:38:98:57:fc:60:61:52:
                    52:69:25:3d:d3:82:c8:be:3b:0f:57:4d:71:79:51:
                    70:22:3d:22:af:76:06:a3:88:b9:29:93:db:9c:00:
                    3e:03:36:d7:8d:9d:b2:48:aa:38:3d:a8:c9:10:4b:
                    65:94:aa:62:2b:ab:85:e1:0f:48:77:40:db:db:d1:
                    b7:25:65:13:11:10:32:df:b1:dc:72:4b:b7:ee:3d:
                    0d:2e:59:8b:a6:68:f2:cc:a1:9e:23:3b:4e:f8:4a:
                    2c:8e:01:d1:49:a4:3f:f9:04:4c:68:86:3a:93:2b:
                    e4:1b:48:50:8f:d3:ec:99:e6:bf:7f:71:ce:a8:e2:
                    08:47:d4:98:1c:35:2b:68:9f:00:25:6d:62:e6:45:
                    a8:aa:39:c0:d8:7b:4b:aa:b8:bb:74:67:82:99:f3:
                    06:70:f2:8e:d3:ac:a2:51:35:60:e8:90:95:62:dd:
                    ea:7c:ee:26:d0:99:01:f1:95:9f:e4:33:4b:b9:66:
                    50:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:96:35:78:ED:B7:54:EF:69:50:9C:D6:D6:B1:91:71:BA:74:5F:B7
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:67:68:c1:63:0e:5c:a0:b1:68:de:b0:15:cc:1c:98:4e:35:
         c4:33:26:86:ba:00:91:cb:d0:2b:c6:a6:e9:4a:bc:16:ba:70:
         ee:ea:34:10:57:e4:1e:f2:63:32:14:d0:94:a9:11:02:e9:62:
         2e:cb:bd:81:28:d4:9d:40:5c:d9:16:9d:02:da:f5:36:81:ed:
         d0:b0:36:ea:b8:25:67:49:ef:f5:4d:6f:89:42:12:a5:e7:bc:
         59:d8:63:24:8e:2f:55:74:e9:d2:b8:ac:bd:f8:91:37:01:f5:
         8d:08:a0:e5:c7:4c:37:1e:40:62:db:c9:11:64:a4:fd:d5:c4:
         01:a1:28:72:75:5f:cf:38:c0:33:29:c8:64:6f:d3:e8:4e:db:
         54:88:ac:33:c3:b1:c4:74:60:fa:d6:b8:be:5a:c3:db:95:2a:
         74:da:b7:b4:99:be:09:25:fd:f3:e8:30:f2:72:96:54:81:b8:
         6e:6c:0a:22:2d:ce:e3:74:c1:41:d5:8a:70:be:ec:c8:90:a6:
         67:f9:07:94:13:86:8a:85:20:63:82:4f:e6:69:26:d1:4f:f0:
         4b:28:82:58:7c:8e:0b:8d:2a:21:0a:1d:8a:ef:3e:65:a8:41:
         cd:55:e0:66:6f:05:6e:0f:d1:2c:a2:ba:0c:fc:eb:8c:aa:9b:
         0f:ae:20:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncpXksco5mxd+nHswLQLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjYwMzI2MDAwMTUzWhcNMjYwMzI3MDAwMTUzWjAzMTEwLwYDVQQD
EyhkMTk2MzU3OGVkYjc1NGVmNjk1MDljZDZkNmIxOTE3MWJhNzQ1ZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEHXBCRH2lTqifdTabW2Y8mhxVst
Ill0FfJULjWajFhi3H+BNZd9vWSgH2EZjD6lXT9cuW+KLsEWreMGY7OReCTWSjiY
V/xgYVJSaSU904LIvjsPV01xeVFwIj0ir3YGo4i5KZPbnAA+AzbXjZ2ySKo4PajJ
EEtllKpiK6uF4Q9Id0Db29G3JWUTERAy37Hccku37j0NLlmLpmjyzKGeIztO+Eos
jgHRSaQ/+QRMaIY6kyvkG0hQj9Psmea/f3HOqOIIR9SYHDUraJ8AJW1i5kWoqjnA
2HtLqri7dGeCmfMGcPKO06yiUTVg6JCVYt3qfO4m0JkB8ZWf5DNLuWZQUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGWNXjtt1TvaVCc1taxkXG6dF+3MB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVmdowWMO
XKCxaN6wFcwcmE41xDMmhroAkcvQK8am6Uq8Frpw7uo0EFfkHvJjMhTQlKkRAuli
Lsu9gSjUnUBc2RadAtr1NoHt0LA26rglZ0nv9U1viUISpee8WdhjJI4vVXTp0ris
vfiRNwH1jQig5cdMNx5AYtvJEWSk/dXEAaEocnVfzzjAMynIZG/T6E7bVIisM8Ox
xHRg+ta4vlrD25UqdNq3tJm+CSX98+gw8nKWVIG4bmwKIi3O43TBQdWKcL7syJCm
Z/kHlBOGioUgY4JP5mkm0U/wSyiCWHyOC40qIQodiu8+ZahBzVXgZm8Fbg/RLKK6
DPzrjKqbD64gow==
-----END CERTIFICATE-----