Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
File:                     gTpCg40uRe1drUEUYG2XKaZQHSM.mft (raw, json)
Hash identifier:          jmlTfM8ICPFwEUCVpcpDBl+BTJoC85avS65fySQR5vs=
Subject key identifier:   95:2D:8E:01:9D:24:C2:63:1B:10:6A:F6:79:42:E8:BD:DA:00:CF:BD
Authority key identifier: 81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23
Certificate issuer:       /CN=813a42838d2e45ed5dad4114606d9729a6501d23
Certificate serial:       019D29607A71391256C489499E2038CE0603
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
Manifest number:          10E6
Signing time:             Thu 26 Mar 2026 09:01:21 +0000
Manifest this update:     Thu 26 Mar 2026 09:01:21 +0000
Manifest next update:     Fri 27 Mar 2026 09:01:21 +0000
Files and hashes:         1: gTpCg40uRe1drUEUYG2XKaZQHSM.crl (hash: i7V0ym+g5IRV4YFcEEGViTGVdwyU6yOWmFUZzWMyHv8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:60:7a:71:39:12:56:c4:89:49:9e:20:38:ce:06:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=813a42838d2e45ed5dad4114606d9729a6501d23
        Validity
            Not Before: Mar 26 09:01:21 2026 GMT
            Not After : Mar 27 09:01:21 2026 GMT
        Subject: CN=952d8e019d24c2631b106af67942e8bdda00cfbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:97:fd:63:a7:36:34:66:66:e0:c2:0f:6b:72:
                    4e:e5:a2:ff:a2:69:33:aa:bf:1f:d7:db:27:d6:09:
                    c7:93:49:ce:e3:66:b3:06:75:12:07:a3:fe:4d:67:
                    93:8a:85:18:73:a9:f1:30:84:93:5a:f2:e1:95:7b:
                    9b:26:c3:86:9b:26:57:14:a2:ce:05:b6:33:ba:d9:
                    87:56:c6:08:13:8b:06:2f:05:d5:f3:09:f3:ac:b7:
                    cb:99:e1:3f:55:34:d0:0e:ba:55:95:07:f3:05:94:
                    20:3f:d8:40:80:84:1c:2f:ff:a7:01:9d:d2:72:61:
                    35:34:bc:11:ae:d4:05:79:92:71:8f:41:7b:34:3c:
                    15:35:a1:71:68:93:e2:26:b2:34:db:05:b4:ce:42:
                    6b:a2:3a:0d:f6:fc:2e:50:b8:e3:74:ef:82:87:74:
                    ee:4e:ed:1e:34:a0:a7:ba:26:33:90:d5:35:13:7f:
                    a8:96:06:2e:f3:63:00:9c:f5:69:73:bd:77:29:ee:
                    d3:91:cf:13:85:d1:ec:8c:46:b3:b6:a5:6a:b0:7a:
                    e0:d1:f8:3a:03:ca:2b:9f:d1:25:89:9d:2e:dc:ec:
                    7a:1b:fd:32:fe:0d:0c:af:87:25:ed:dd:61:eb:2f:
                    f4:3b:b6:e0:68:d2:33:94:97:0c:e6:38:41:e4:55:
                    59:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:2D:8E:01:9D:24:C2:63:1B:10:6A:F6:79:42:E8:BD:DA:00:CF:BD
            X509v3 Authority Key Identifier:
                keyid:81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:c5:3b:13:5a:2a:5b:9b:55:d6:0e:9c:95:c1:0e:ed:7d:1e:
         77:8f:7a:e0:b8:25:32:33:1f:d3:4c:ad:ea:36:74:39:e4:1e:
         ca:cc:01:9d:01:3a:de:41:af:49:7b:86:b6:3e:80:93:d5:31:
         c0:55:99:54:90:c7:c0:b2:03:e4:40:1e:a0:35:ca:da:f4:bc:
         98:91:50:4e:70:cb:de:e0:4e:04:8a:ea:35:56:9f:3f:11:ab:
         e1:59:75:90:ca:3e:5b:04:5b:ce:d0:c1:d7:a6:ed:3b:fd:bf:
         e7:60:a3:c1:e4:2e:99:9f:a9:fe:6b:87:b6:ac:a7:da:2f:aa:
         ca:cd:52:00:45:ff:28:f6:45:36:77:b4:2b:de:9b:a4:9c:9f:
         f8:22:17:ef:06:ec:e7:02:b5:4d:da:43:a6:e5:dc:0f:8d:8b:
         64:e2:cf:f8:15:26:cc:7b:bc:82:eb:02:2b:38:4a:32:9b:83:
         c0:ce:9e:15:93:90:ad:bd:c6:4f:3f:d8:01:2a:ff:79:b2:ba:
         97:cb:6e:1c:de:76:e0:75:19:31:bb:25:fe:fe:0c:a6:57:8c:
         b6:52:84:36:59:b6:e6:5d:3a:02:16:41:ec:ae:12:f3:4a:dd:
         cc:13:42:1e:e7:64:f1:11:c0:70:14:98:ac:d1:af:9d:69:fc:
         41:9b:07:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYHpxORJWxIlJniA4zgYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxM2E0MjgzOGQyZTQ1ZWQ1ZGFkNDExNDYwNmQ5NzI5YTY1
MDFkMjMwHhcNMjYwMzI2MDkwMTIxWhcNMjYwMzI3MDkwMTIxWjAzMTEwLwYDVQQD
Eyg5NTJkOGUwMTlkMjRjMjYzMWIxMDZhZjY3OTQyZThiZGRhMDBjZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJf9Y6c2NGZm4MIPa3JO5aL/omkz
qr8f19sn1gnHk0nO42azBnUSB6P+TWeTioUYc6nxMISTWvLhlXubJsOGmyZXFKLO
BbYzutmHVsYIE4sGLwXV8wnzrLfLmeE/VTTQDrpVlQfzBZQgP9hAgIQcL/+nAZ3S
cmE1NLwRrtQFeZJxj0F7NDwVNaFxaJPiJrI02wW0zkJrojoN9vwuULjjdO+Ch3Tu
Tu0eNKCnuiYzkNU1E3+olgYu82MAnPVpc713Ke7Tkc8ThdHsjEaztqVqsHrg0fg6
A8orn9EliZ0u3Ox6G/0y/g0Mr4cl7d1h6y/0O7bgaNIzlJcM5jhB5FVZNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUtjgGdJMJjGxBq9nlC6L3aAM+9MB8GA1UdIwQY
MBaAFIE6QoONLkXtXa1BFGBtlymmUB0jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDct
NTM0OGZlNzdiYTczLzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDctNTM0OGZlNzdiYTcz
LzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMsU7E1oq
W5tV1g6clcEO7X0ed4964LglMjMf00yt6jZ0OeQeyswBnQE63kGvSXuGtj6Ak9Ux
wFWZVJDHwLID5EAeoDXK2vS8mJFQTnDL3uBOBIrqNVafPxGr4Vl1kMo+WwRbztDB
16btO/2/52CjweQumZ+p/muHtqyn2i+qys1SAEX/KPZFNne0K96bpJyf+CIX7wbs
5wK1TdpDpuXcD42LZOLP+BUmzHu8gusCKzhKMpuDwM6eFZOQrb3GTz/YASr/ebK6
l8tuHN524HUZMbsl/v4MpleMtlKENlm25l06AhZB7K4S80rdzBNCHudk8RHAcBSY
rNGvnWn8QZsHkw==
-----END CERTIFICATE-----