Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
File:                     gXNntPK_jrMfbhYk7Vbtq6nwITs.mft (raw, json)
Hash identifier:          XT7nLgN2fhQglF4/r6Q25prH8c6aDdFzxlYVq8nmL0I=
Subject key identifier:   BD:D9:87:B6:81:07:8A:00:B0:DD:6C:24:A5:BE:F8:16:D2:C3:72:25
Authority key identifier: 81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B
Certificate issuer:       /CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
Certificate serial:       019D2B4EF0AF56DB28B4DC5E9C9B78A5C23E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
Manifest number:          0FA3
Signing time:             Thu 26 Mar 2026 18:01:26 +0000
Manifest this update:     Thu 26 Mar 2026 18:01:26 +0000
Manifest next update:     Fri 27 Mar 2026 18:01:26 +0000
Files and hashes:         1: gXNntPK_jrMfbhYk7Vbtq6nwITs.crl (hash: zOrbC2C/le4Gt7qk2RDVVrDcWigJZ4zB9Nrb28FznjY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2b:4e:f0:af:56:db:28:b4:dc:5e:9c:9b:78:a5:c2:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
        Validity
            Not Before: Mar 26 18:01:26 2026 GMT
            Not After : Mar 27 18:01:26 2026 GMT
        Subject: CN=bdd987b681078a00b0dd6c24a5bef816d2c37225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:45:89:98:09:e5:35:d8:16:76:68:8e:f0:a6:
                    6a:e3:6f:50:5e:01:e1:03:f8:cc:1d:64:9c:7a:b9:
                    b4:cc:75:44:71:7d:d0:46:64:6f:c4:04:34:0b:53:
                    07:68:81:80:a3:85:4e:f8:c5:d7:2e:f1:e6:af:5b:
                    a2:0f:ad:1f:85:68:82:44:fd:46:be:89:a1:c7:31:
                    a3:04:a4:e7:10:fa:61:55:f1:a3:1c:ae:66:2e:1e:
                    56:f4:32:fa:ab:f7:ed:fa:c5:76:b3:6b:8f:51:ab:
                    5d:89:f7:a5:75:3b:f5:2a:67:c7:e9:c2:e1:b7:8e:
                    27:55:76:24:32:29:ba:38:5a:93:91:82:fb:8c:3e:
                    64:f3:08:36:22:03:f0:c6:cd:14:ae:8d:f5:2b:f4:
                    36:73:c5:f9:e4:62:b2:d5:41:af:16:53:d3:3e:37:
                    f1:67:ff:65:3c:74:49:d8:10:cf:6d:2a:15:1c:96:
                    f7:a4:76:b9:c6:f9:1f:d7:d1:33:15:06:d2:83:97:
                    ba:88:08:78:b6:78:ed:7b:28:2a:43:7f:7b:94:d5:
                    97:26:63:b5:e0:cd:bd:3b:86:4f:04:c6:7f:cf:ec:
                    6e:44:6e:8c:f1:88:93:2f:e6:e9:38:04:01:a0:56:
                    f2:ed:07:60:e6:ac:fc:0b:64:00:2b:01:96:9e:2c:
                    59:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:D9:87:B6:81:07:8A:00:B0:DD:6C:24:A5:BE:F8:16:D2:C3:72:25
            X509v3 Authority Key Identifier:
                keyid:81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:78:04:ca:f9:8b:8b:8e:27:77:3b:77:d7:3e:e9:53:47:60:
         7c:73:97:e8:35:10:d2:b4:df:c9:c7:5a:05:dd:26:a8:2d:19:
         71:b6:ac:42:94:d0:e0:56:e1:2b:a8:6d:5d:58:f4:93:a7:fc:
         76:03:83:92:64:5f:30:a5:34:80:2c:39:a8:07:c2:20:83:67:
         27:18:a3:e7:61:92:d4:89:3c:f4:74:6d:85:5c:53:7b:37:88:
         71:bb:95:fb:22:71:c4:e1:45:db:11:76:6d:d7:04:4c:4e:ee:
         3e:ee:0d:63:d9:eb:07:6f:62:c3:c1:57:55:65:bc:40:89:76:
         d4:a9:c8:00:1e:c3:a6:72:5e:93:57:c7:ff:92:99:86:aa:14:
         9d:39:7a:7c:ab:b8:30:21:07:70:d3:8f:42:d9:82:56:ea:63:
         9d:2f:3d:55:9e:af:3b:66:57:ec:15:81:c0:a3:3f:ba:cf:8e:
         d5:30:75:26:1f:b9:59:30:4d:f4:4d:56:7c:20:95:ac:b7:ab:
         ec:07:bc:35:95:64:e4:4e:89:c6:cc:77:db:e4:fc:69:3c:e7:
         8f:96:8c:76:3b:fb:72:0d:a8:02:c2:46:59:23:18:07:81:39:
         2f:c0:78:a9:c7:b2:62:e5:4f:bc:06:ff:d1:21:71:0c:6c:cb:
         01:fc:a6:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTvCvVtsotNxenJt4pcI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzM2N2I0ZjJiZjhlYjMxZjZlMTYyNGVkNTZlZGFiYTlm
MDIxM2IwHhcNMjYwMzI2MTgwMTI2WhcNMjYwMzI3MTgwMTI2WjAzMTEwLwYDVQQD
EyhiZGQ5ODdiNjgxMDc4YTAwYjBkZDZjMjRhNWJlZjgxNmQyYzM3MjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkWJmAnlNdgWdmiO8KZq429QXgHh
A/jMHWScerm0zHVEcX3QRmRvxAQ0C1MHaIGAo4VO+MXXLvHmr1uiD60fhWiCRP1G
vomhxzGjBKTnEPphVfGjHK5mLh5W9DL6q/ft+sV2s2uPUatdifeldTv1KmfH6cLh
t44nVXYkMim6OFqTkYL7jD5k8wg2IgPwxs0Uro31K/Q2c8X55GKy1UGvFlPTPjfx
Z/9lPHRJ2BDPbSoVHJb3pHa5xvkf19EzFQbSg5e6iAh4tnjteygqQ397lNWXJmO1
4M29O4ZPBMZ/z+xuRG6M8YiTL+bpOAQBoFby7Qdg5qz8C2QAKwGWnixZTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3Zh7aBB4oAsN1sJKW++BbSw3IlMB8GA1UdIwQY
MBaAFIFzZ7Tyv46zH24WJO1W7aup8CE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2Et
NTU1MTMwYTU3MDQxLzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2EtNTU1MTMwYTU3MDQx
LzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYHgEyvmL
i44ndzt31z7pU0dgfHOX6DUQ0rTfycdaBd0mqC0ZcbasQpTQ4FbhK6htXVj0k6f8
dgODkmRfMKU0gCw5qAfCIINnJxij52GS1Ik89HRthVxTezeIcbuV+yJxxOFF2xF2
bdcETE7uPu4NY9nrB29iw8FXVWW8QIl21KnIAB7DpnJek1fH/5KZhqoUnTl6fKu4
MCEHcNOPQtmCVupjnS89VZ6vO2ZX7BWBwKM/us+O1TB1Jh+5WTBN9E1WfCCVrLer
7Ae8NZVk5E6Jxsx32+T8aTznj5aMdjv7cg2oAsJGWSMYB4E5L8B4qceyYuVPvAb/
0SFxDGzLAfymRg==
-----END CERTIFICATE-----