Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.mft
File:                     Gveb-Kq2vgFJ2NtcigztvJVw8W4.mft (raw, json)
Hash identifier:          cmaS07FFt4n8A/37+PnBctZaUh4JqyUnOQeGIQVkesk=
Subject key identifier:   B9:1A:A8:E0:35:07:37:9C:55:DC:D5:ED:A9:81:13:22:64:02:99:71
Authority key identifier: 1A:F7:9B:F8:AA:B6:BE:01:49:D8:DB:5C:8A:0C:ED:BC:95:70:F1:6E
Certificate issuer:       /CN=1af79bf8aab6be0149d8db5c8a0cedbc9570f16e
Certificate serial:       019D2696098E94D7203105689EFC6C8A1EE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gveb-Kq2vgFJ2NtcigztvJVw8W4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.mft
Manifest number:          036C
Signing time:             Wed 25 Mar 2026 20:01:00 +0000
Manifest this update:     Wed 25 Mar 2026 20:01:00 +0000
Manifest next update:     Thu 26 Mar 2026 20:01:00 +0000
Files and hashes:         1: Gveb-Kq2vgFJ2NtcigztvJVw8W4.crl (hash: aZw7lwzn3BGzJg7W72nG8Rf/u2eO7OSApAoGJ4jWATs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gveb-Kq2vgFJ2NtcigztvJVw8W4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 20:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:96:09:8e:94:d7:20:31:05:68:9e:fc:6c:8a:1e:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1af79bf8aab6be0149d8db5c8a0cedbc9570f16e
        Validity
            Not Before: Mar 25 20:01:00 2026 GMT
            Not After : Mar 26 20:01:00 2026 GMT
        Subject: CN=b91aa8e03507379c55dcd5eda981132264029971
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:34:97:53:b4:dc:2e:b6:95:7a:42:93:66:c6:
                    a7:fd:c3:39:6e:8c:cb:95:30:96:69:da:fd:33:cd:
                    c3:46:e2:65:63:fe:4d:aa:be:4c:fe:44:df:5b:f9:
                    fe:eb:74:e3:73:bd:cd:f0:de:c4:a8:17:f9:ef:d6:
                    d7:17:73:6b:10:98:dc:9e:cd:5b:c7:75:26:10:1b:
                    da:8f:99:3d:92:5e:c1:67:86:d3:17:d1:de:25:db:
                    27:d0:d8:e4:88:36:51:2a:d6:1e:ba:e5:0d:54:6e:
                    ea:ab:66:cb:47:04:63:3a:20:dc:41:64:46:d9:cb:
                    67:18:2a:fd:63:00:eb:71:ca:c0:5d:71:7d:18:d6:
                    dc:ec:60:f9:53:b9:5b:e8:c4:6c:6b:05:af:46:3d:
                    ed:5c:aa:e7:dc:06:21:c4:9b:db:a1:9b:16:97:2d:
                    36:92:e1:b4:0e:ea:ee:ff:1f:b3:60:e3:38:a8:bb:
                    46:fc:e4:ae:13:31:a4:5e:fd:f5:b2:5f:69:74:39:
                    8f:de:1a:cc:6b:d0:fb:3f:02:55:92:1e:ae:0d:63:
                    c7:06:e6:1a:db:0f:e5:89:ea:f1:e9:ba:47:3a:90:
                    98:ba:18:fb:94:48:4e:f8:3c:2d:6c:9b:58:87:67:
                    c3:cd:98:17:e6:58:8d:ad:20:a5:13:f6:10:ff:51:
                    34:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:1A:A8:E0:35:07:37:9C:55:DC:D5:ED:A9:81:13:22:64:02:99:71
            X509v3 Authority Key Identifier:
                keyid:1A:F7:9B:F8:AA:B6:BE:01:49:D8:DB:5C:8A:0C:ED:BC:95:70:F1:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gveb-Kq2vgFJ2NtcigztvJVw8W4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a72453-fea1-4a70-a54b-911d34f014f3/1/Gveb-Kq2vgFJ2NtcigztvJVw8W4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:a4:bf:cf:4c:53:41:d5:a3:b8:79:9d:3b:61:46:a5:f5:a0:
         84:56:41:c5:05:a7:7f:0d:3d:db:f9:6b:c3:d6:1b:af:5a:db:
         5c:c9:6a:ce:35:9b:3c:32:22:44:8f:b3:3e:fb:24:33:7b:50:
         64:d8:e3:69:48:8f:c6:a7:8e:0d:a8:42:7f:4a:bd:d7:82:85:
         55:cf:e9:a9:07:77:15:59:c3:1e:b5:ac:c5:57:c2:c1:12:ab:
         59:4d:96:bd:07:7a:37:32:c0:e8:d1:a5:52:ea:aa:4a:71:f6:
         d4:85:27:86:08:72:8c:e2:3c:bb:9c:07:69:b6:00:f2:0f:43:
         f7:7b:4f:55:6d:66:91:98:fc:d9:08:72:26:7a:83:0d:32:9f:
         fe:e5:c7:e9:df:3b:9c:72:c5:b9:09:d6:19:a1:e9:69:88:75:
         a7:dd:4b:24:31:57:b8:10:92:f9:aa:06:45:e0:a6:fb:e1:cf:
         ab:ac:c0:70:74:cd:9b:a9:96:0c:5d:33:e3:db:0b:06:d6:46:
         f5:c3:1d:9a:5e:59:09:11:5c:73:4b:d6:31:55:bb:1c:56:bf:
         42:55:27:53:5c:e4:e1:33:3e:0a:da:65:da:d5:de:a8:12:23:
         6a:8c:82:fd:62:39:08:d5:88:92:65:36:d5:7f:ad:5b:cb:df:
         7c:bb:5d:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlgmOlNcgMQVonvxsih7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZjc5YmY4YWFiNmJlMDE0OWQ4ZGI1YzhhMGNlZGJjOTU3
MGYxNmUwHhcNMjYwMzI1MjAwMTAwWhcNMjYwMzI2MjAwMTAwWjAzMTEwLwYDVQQD
EyhiOTFhYThlMDM1MDczNzljNTVkY2Q1ZWRhOTgxMTMyMjY0MDI5OTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zSXU7TcLraVekKTZsan/cM5bozL
lTCWadr9M83DRuJlY/5Nqr5M/kTfW/n+63Tjc73N8N7EqBf579bXF3NrEJjcns1b
x3UmEBvaj5k9kl7BZ4bTF9HeJdsn0NjkiDZRKtYeuuUNVG7qq2bLRwRjOiDcQWRG
2ctnGCr9YwDrccrAXXF9GNbc7GD5U7lb6MRsawWvRj3tXKrn3AYhxJvboZsWly02
kuG0Duru/x+zYOM4qLtG/OSuEzGkXv31sl9pdDmP3hrMa9D7PwJVkh6uDWPHBuYa
2w/lierx6bpHOpCYuhj7lEhO+DwtbJtYh2fDzZgX5liNrSClE/YQ/1E0ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkaqOA1BzecVdzV7amBEyJkAplxMB8GA1UdIwQY
MBaAFBr3m/iqtr4BSdjbXIoM7byVcPFuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZlYi1LcTJ2Z0ZKMk50Y2lnenR2SlZ3OFc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzI0NTMtZmVhMS00YTcwLWE1NGIt
OTExZDM0ZjAxNGYzLzEvR3ZlYi1LcTJ2Z0ZKMk50Y2lnenR2SlZ3OFc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzI0NTMtZmVhMS00YTcwLWE1NGItOTExZDM0ZjAxNGYz
LzEvR3ZlYi1LcTJ2Z0ZKMk50Y2lnenR2SlZ3OFc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJaS/z0xT
QdWjuHmdO2FGpfWghFZBxQWnfw092/lrw9Ybr1rbXMlqzjWbPDIiRI+zPvskM3tQ
ZNjjaUiPxqeODahCf0q914KFVc/pqQd3FVnDHrWsxVfCwRKrWU2WvQd6NzLA6NGl
UuqqSnH21IUnhghyjOI8u5wHabYA8g9D93tPVW1mkZj82QhyJnqDDTKf/uXH6d87
nHLFuQnWGaHpaYh1p91LJDFXuBCS+aoGReCm++HPq6zAcHTNm6mWDF0z49sLBtZG
9cMdml5ZCRFcc0vWMVW7HFa/QlUnU1zk4TM+Ctpl2tXeqBIjaoyC/WI5CNWIkmU2
1X+tW8vffLtddA==
-----END CERTIFICATE-----