Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.mft
File:                     GHrmJafreY8V_B5hw-E3AaNW_hY.mft (raw, json)
Hash identifier:          oZkX9vooW6g+gyEKW8/xU+SwwssNKo49rMAbR4UOWL8=
Subject key identifier:   9F:9F:8B:B9:C5:AE:0E:02:C4:CD:F9:0F:C2:C3:12:CD:E8:F3:52:2D
Authority key identifier: 18:7A:E6:25:A7:EB:79:8F:15:FC:1E:61:C3:E1:37:01:A3:56:FE:16
Certificate issuer:       /CN=187ae625a7eb798f15fc1e61c3e13701a356fe16
Certificate serial:       019D2704A0EB1A2FECC4F142E6175A54C1CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHrmJafreY8V_B5hw-E3AaNW_hY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.mft
Manifest number:          02A5
Signing time:             Wed 25 Mar 2026 22:01:47 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:47 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:47 +0000
Files and hashes:         1: GHrmJafreY8V_B5hw-E3AaNW_hY.crl (hash: mHN5AjjbZ+3j19roCMrMIkLpSaQD6vO7p/LNoQ7ah/Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHrmJafreY8V_B5hw-E3AaNW_hY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:a0:eb:1a:2f:ec:c4:f1:42:e6:17:5a:54:c1:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=187ae625a7eb798f15fc1e61c3e13701a356fe16
        Validity
            Not Before: Mar 25 22:01:47 2026 GMT
            Not After : Mar 26 22:01:47 2026 GMT
        Subject: CN=9f9f8bb9c5ae0e02c4cdf90fc2c312cde8f3522d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:9e:61:c2:7c:c9:83:74:da:e4:19:91:7b:85:
                    86:4b:b6:7c:0c:19:8c:66:6d:7b:b0:90:66:a8:28:
                    c4:ad:f3:80:f0:56:09:f5:2b:79:56:f0:8a:0d:d9:
                    a9:bc:14:94:77:cc:72:e7:e3:cf:9e:4f:7f:2b:64:
                    ff:06:68:0d:b0:d3:7c:95:80:4a:4f:80:04:00:5e:
                    cc:94:9e:e0:e4:2a:9c:00:42:93:f1:8b:99:49:6d:
                    73:f3:df:35:3d:e5:a6:4b:71:ba:f4:b7:3b:83:af:
                    6f:4c:25:d8:ff:3c:83:83:d6:11:c6:68:ce:2b:77:
                    64:ae:8e:98:4f:12:8b:62:45:7a:0c:5b:15:c9:3c:
                    0c:9c:ec:2a:7d:8e:84:ea:07:dd:ec:25:c3:c7:23:
                    d8:fd:ad:91:2f:37:46:f0:8b:8a:aa:30:2e:b1:df:
                    e5:30:42:96:f0:08:6d:75:7f:da:89:71:75:90:3b:
                    cf:0a:9f:f0:07:4c:23:3e:28:a6:b5:b3:29:30:5b:
                    18:ae:d7:a8:c5:6d:81:a4:f1:d1:d9:be:6a:85:26:
                    ce:79:dc:6c:be:42:be:ba:45:cc:e3:86:a0:5e:ba:
                    10:e1:87:09:ba:48:13:5d:d3:57:e7:49:fc:da:5d:
                    e5:70:1a:45:f7:60:e9:d1:ca:da:c2:31:31:bc:78:
                    29:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:9F:8B:B9:C5:AE:0E:02:C4:CD:F9:0F:C2:C3:12:CD:E8:F3:52:2D
            X509v3 Authority Key Identifier:
                keyid:18:7A:E6:25:A7:EB:79:8F:15:FC:1E:61:C3:E1:37:01:A3:56:FE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHrmJafreY8V_B5hw-E3AaNW_hY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:dc:86:21:3e:84:2f:af:72:bc:53:d4:78:e7:f9:21:75:c9:
         97:b4:99:4b:0c:1a:a2:49:2f:8e:55:e8:3a:7c:f4:83:26:bf:
         01:ad:fe:d7:06:e8:33:40:63:13:ee:c3:6f:31:1b:2f:8f:8e:
         40:2a:aa:c1:a5:cb:59:73:5b:89:c6:8c:29:65:7b:d6:51:7a:
         0d:0a:1e:9c:9b:81:50:ff:1c:77:72:ce:3a:15:75:bd:61:3a:
         a2:b3:9f:c4:67:96:dc:6d:f2:ab:f1:d4:1a:56:21:16:5b:94:
         3d:3c:ec:bb:d6:c7:d9:f3:62:e9:75:bd:cc:50:d7:d4:f8:3d:
         72:dd:fc:a5:45:30:2d:69:29:69:c8:ff:fc:d9:52:ce:07:8b:
         8c:ce:ce:2e:94:46:c9:bb:a0:b4:de:0e:08:78:3d:cb:48:12:
         e6:d8:43:f6:5a:b5:a2:41:65:e5:5b:0e:62:42:b2:b3:cb:dd:
         3d:43:df:46:c9:79:21:ac:9d:af:5a:f8:f8:f9:7b:96:dd:67:
         b6:62:b9:d9:6f:8c:5c:0d:bb:1b:0e:19:b0:98:bd:25:da:c5:
         3c:30:43:d5:64:c5:20:3e:c3:6d:e9:62:64:ba:25:af:73:fa:
         4b:e6:d4:86:fb:40:b7:0c:84:60:19:0f:84:fc:77:54:b4:7a:
         63:18:e5:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBKDrGi/sxPFC5hdaVMHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4N2FlNjI1YTdlYjc5OGYxNWZjMWU2MWMzZTEzNzAxYTM1
NmZlMTYwHhcNMjYwMzI1MjIwMTQ3WhcNMjYwMzI2MjIwMTQ3WjAzMTEwLwYDVQQD
Eyg5ZjlmOGJiOWM1YWUwZTAyYzRjZGY5MGZjMmMzMTJjZGU4ZjM1MjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyp5hwnzJg3Ta5BmRe4WGS7Z8DBmM
Zm17sJBmqCjErfOA8FYJ9St5VvCKDdmpvBSUd8xy5+PPnk9/K2T/BmgNsNN8lYBK
T4AEAF7MlJ7g5CqcAEKT8YuZSW1z8981PeWmS3G69Lc7g69vTCXY/zyDg9YRxmjO
K3dkro6YTxKLYkV6DFsVyTwMnOwqfY6E6gfd7CXDxyPY/a2RLzdG8IuKqjAusd/l
MEKW8AhtdX/aiXF1kDvPCp/wB0wjPiimtbMpMFsYrteoxW2BpPHR2b5qhSbOedxs
vkK+ukXM44agXroQ4YcJukgTXdNX50n82l3lcBpF92Dp0crawjExvHgpjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+fi7nFrg4CxM35D8LDEs3o81ItMB8GA1UdIwQY
MBaAFBh65iWn63mPFfweYcPhNwGjVv4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hybUphZnJlWThWX0I1aHctRTNBYU5XX2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85YTVhZjItNWRhZi00MDBiLWI5MWEt
NWMwMGNiZTc2ZjM0LzEvR0hybUphZnJlWThWX0I1aHctRTNBYU5XX2hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85YTVhZjItNWRhZi00MDBiLWI5MWEtNWMwMGNiZTc2ZjM0
LzEvR0hybUphZnJlWThWX0I1aHctRTNBYU5XX2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZNyGIT6E
L69yvFPUeOf5IXXJl7SZSwwaokkvjlXoOnz0gya/Aa3+1wboM0BjE+7DbzEbL4+O
QCqqwaXLWXNbicaMKWV71lF6DQoenJuBUP8cd3LOOhV1vWE6orOfxGeW3G3yq/HU
GlYhFluUPTzsu9bH2fNi6XW9zFDX1Pg9ct38pUUwLWkpacj//NlSzgeLjM7OLpRG
ybugtN4OCHg9y0gS5thD9lq1okFl5VsOYkKys8vdPUPfRsl5Iaydr1r4+Pl7lt1n
tmK52W+MXA27Gw4ZsJi9JdrFPDBD1WTFID7DbeliZLolr3P6S+bUhvtAtwyEYBkP
hPx3VLR6Yxjl+w==
-----END CERTIFICATE-----