Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
File:                     GWa02kiR-4CQGCvDO0m1liT8nZs.mft (raw, json)
Hash identifier:          aopnyXNirrZ6VmL5ZRIR8lKWUJXZ1gWJR0c/1EjlMq8=
Subject key identifier:   02:63:52:4D:72:B4:AF:0A:95:EC:A0:D8:C0:E4:F9:84:8F:26:0F:7C
Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
Certificate issuer:       /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Certificate serial:       019D2704436366147E3104F2F81282FA7FC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
Manifest number:          1772
Signing time:             Wed 25 Mar 2026 22:01:23 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:23 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:23 +0000
Files and hashes:         1: GWa02kiR-4CQGCvDO0m1liT8nZs.crl (hash: WZyOm/2qz/VdkFEa2/XxU+cYzXStCfLHyyEPkmz38q4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:43:63:66:14:7e:31:04:f2:f8:12:82:fa:7f:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
        Validity
            Not Before: Mar 25 22:01:23 2026 GMT
            Not After : Mar 26 22:01:23 2026 GMT
        Subject: CN=0263524d72b4af0a95eca0d8c0e4f9848f260f7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:a1:1a:71:a5:9b:ec:4a:66:1a:82:73:94:c0:
                    24:9f:6a:40:16:d2:4c:34:1a:dc:7f:77:a4:e7:a6:
                    3c:5d:e9:ea:d5:96:bd:5b:e4:a1:fe:08:f0:03:e6:
                    fe:2f:23:a8:6c:ab:77:59:ad:94:a1:a0:c3:9e:c9:
                    5e:63:6e:27:31:49:72:1b:a3:c5:62:9a:fb:b6:1a:
                    13:87:21:16:bf:9a:3a:2e:cd:02:9a:6e:d4:5b:c4:
                    39:d4:bb:21:7b:f5:79:e1:bc:52:09:1d:f8:bd:e0:
                    53:c7:f7:a1:6c:d8:33:97:e2:76:2d:cb:72:54:72:
                    04:68:dc:53:3a:c4:4e:e8:68:fa:cb:2c:4a:5f:e7:
                    f7:47:bb:7f:b8:8a:ba:2f:79:ec:d5:80:60:d1:d2:
                    46:7a:2a:68:46:ec:bd:11:bc:11:bd:bd:d3:0a:15:
                    d0:a1:29:df:30:9c:0c:95:f8:2e:66:0d:0e:d3:06:
                    49:dd:d2:6f:40:45:66:50:e4:0a:f2:49:90:83:6a:
                    68:43:19:3a:b7:59:28:4f:e5:24:ec:8e:31:1b:00:
                    79:29:8e:dc:67:4c:ee:40:00:01:d5:89:fb:6a:26:
                    ed:97:f0:18:8d:7d:d7:82:f7:d5:a3:da:4f:9a:aa:
                    f4:d1:4e:b3:1c:bb:89:7f:88:64:b4:7d:be:c8:31:
                    77:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:63:52:4D:72:B4:AF:0A:95:EC:A0:D8:C0:E4:F9:84:8F:26:0F:7C
            X509v3 Authority Key Identifier:
                keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:e5:28:97:3c:3c:72:68:79:a4:e7:dd:af:70:cb:69:be:1e:
         b4:29:fc:83:44:41:99:f7:09:a7:0f:f4:83:47:55:3c:f5:8c:
         aa:6c:25:10:fd:6f:90:ca:ad:13:9c:43:7c:4a:11:27:a8:48:
         56:24:40:13:cb:33:c2:f5:f2:66:e2:01:6f:4d:a3:69:12:cd:
         67:7b:90:83:94:3b:6a:49:6b:dd:fd:1f:84:e2:7b:da:54:c9:
         93:b1:36:2c:2a:f9:49:14:96:6c:a3:f0:d0:4d:90:ed:79:fe:
         04:ec:73:7c:58:be:e4:7e:1d:db:4b:12:b5:a5:e1:33:48:16:
         5a:f9:03:bb:12:58:ca:b2:b2:ba:43:58:57:a8:a0:2b:bb:89:
         48:be:16:00:c6:05:3a:4d:25:de:8f:f8:f8:84:c0:b5:84:cb:
         a7:63:3b:a4:45:b2:95:2d:06:48:bb:0a:a7:fe:b4:60:70:7d:
         dc:af:a1:ee:01:25:23:df:10:16:6a:61:d6:07:82:dc:9b:6a:
         8f:9c:d2:e7:44:86:94:6d:39:c5:08:7f:18:dd:c7:90:0d:c4:
         59:fe:9e:42:63:45:30:d7:ce:3e:e8:42:2d:7f:07:a6:8a:42:
         65:2a:ca:05:66:c3:f2:e9:e8:88:3d:47:9e:8e:96:28:07:c2:
         0f:99:24:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBENjZhR+MQTy+BKC+n/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjZiNGRhNDg5MWZiODA5MDE4MmJjMzNiNDliNTk2MjRm
YzlkOWIwHhcNMjYwMzI1MjIwMTIzWhcNMjYwMzI2MjIwMTIzWjAzMTEwLwYDVQQD
EygwMjYzNTI0ZDcyYjRhZjBhOTVlY2EwZDhjMGU0Zjk4NDhmMjYwZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaEacaWb7EpmGoJzlMAkn2pAFtJM
NBrcf3ek56Y8Xenq1Za9W+Sh/gjwA+b+LyOobKt3Wa2UoaDDnsleY24nMUlyG6PF
Ypr7thoThyEWv5o6Ls0Cmm7UW8Q51Lshe/V54bxSCR34veBTx/ehbNgzl+J2Lcty
VHIEaNxTOsRO6Gj6yyxKX+f3R7t/uIq6L3ns1YBg0dJGeipoRuy9EbwRvb3TChXQ
oSnfMJwMlfguZg0O0wZJ3dJvQEVmUOQK8kmQg2poQxk6t1koT+Uk7I4xGwB5KY7c
Z0zuQAAB1Yn7aibtl/AYjX3XgvfVo9pPmqr00U6zHLuJf4hktH2+yDF3nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJjUk1ytK8Kleyg2MDk+YSPJg98MB8GA1UdIwQY
MBaAFBlmtNpIkfuAkBgrwztJtZYk/J2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDIt
NzlkNWI0NmQ5YzBlLzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDItNzlkNWI0NmQ5YzBl
LzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS+Uolzw8
cmh5pOfdr3DLab4etCn8g0RBmfcJpw/0g0dVPPWMqmwlEP1vkMqtE5xDfEoRJ6hI
ViRAE8szwvXyZuIBb02jaRLNZ3uQg5Q7aklr3f0fhOJ72lTJk7E2LCr5SRSWbKPw
0E2Q7Xn+BOxzfFi+5H4d20sStaXhM0gWWvkDuxJYyrKyukNYV6igK7uJSL4WAMYF
Ok0l3o/4+ITAtYTLp2M7pEWylS0GSLsKp/60YHB93K+h7gElI98QFmph1geC3Jtq
j5zS50SGlG05xQh/GN3HkA3EWf6eQmNFMNfOPuhCLX8HpopCZSrKBWbD8unoiD1H
no6WKAfCD5kkSQ==
-----END CERTIFICATE-----