Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.mft
File:                     G_A9uL9mABk75I-xDm4xa4tfiOM.mft (raw, json)
Hash identifier:          nB01FtFU7e+ZQim4YUhbWmkall1/bhfB8O6QlVrnVAM=
Subject key identifier:   11:04:BA:A8:B9:99:51:24:54:88:69:D6:20:9E:C2:52:CA:E2:00:52
Authority key identifier: 1B:F0:3D:B8:BF:66:00:19:3B:E4:8F:B1:0E:6E:31:6B:8B:5F:88:E3
Certificate issuer:       /CN=1bf03db8bf6600193be48fb10e6e316b8b5f88e3
Certificate serial:       019D284DD6686C86B093E2BDF3BE617622E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_A9uL9mABk75I-xDm4xa4tfiOM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.mft
Manifest number:          07CE
Signing time:             Thu 26 Mar 2026 04:01:22 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:22 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:22 +0000
Files and hashes:         1: G_A9uL9mABk75I-xDm4xa4tfiOM.crl (hash: kq8njUx7uJjeqWpYxavEpq/GWJIElxdNPnyPl/asCJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_A9uL9mABk75I-xDm4xa4tfiOM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:d6:68:6c:86:b0:93:e2:bd:f3:be:61:76:22:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf03db8bf6600193be48fb10e6e316b8b5f88e3
        Validity
            Not Before: Mar 26 04:01:22 2026 GMT
            Not After : Mar 27 04:01:22 2026 GMT
        Subject: CN=1104baa8b9995124548869d6209ec252cae20052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:39:da:0f:af:13:26:6e:ba:8e:41:94:71:b8:
                    04:1a:61:b0:63:df:50:9a:ab:6f:52:70:bb:d1:24:
                    66:fe:b5:f2:b6:df:d7:c3:9c:fe:1b:f2:f4:f5:e6:
                    52:83:38:a1:a8:0f:7d:46:07:28:67:32:4c:18:2f:
                    22:f6:1a:14:66:d7:7d:c7:fb:db:a9:31:74:cd:4b:
                    19:2d:19:80:af:a7:8c:8f:12:04:f3:4b:6e:18:3c:
                    98:33:37:42:d6:94:71:d2:3c:86:e7:37:59:bb:4d:
                    9d:b3:54:fb:e8:93:f3:64:96:16:1c:6b:b3:aa:d5:
                    08:29:8f:21:d1:2a:e0:00:0b:ae:01:2b:43:0f:0f:
                    20:4a:36:25:a0:81:c6:ac:d1:62:7b:02:d0:9a:d3:
                    d2:77:32:5f:5a:cd:f4:cb:5e:0f:96:fb:e0:8e:bd:
                    ba:65:84:2d:0a:e3:ac:01:b3:68:6e:74:0f:49:3a:
                    bb:2f:4f:b5:bf:32:3c:0a:cf:1a:6c:30:c7:c0:83:
                    f7:91:2b:0b:fd:95:90:6b:c2:03:72:77:b6:5f:b2:
                    bb:b3:00:5d:8d:dc:68:ea:ec:a1:47:ee:01:34:c0:
                    c8:df:f0:33:28:ed:9e:99:67:cf:72:84:d4:e4:e2:
                    ce:a3:f5:15:4f:2c:3b:f7:65:a8:da:b7:61:ad:ff:
                    49:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:04:BA:A8:B9:99:51:24:54:88:69:D6:20:9E:C2:52:CA:E2:00:52
            X509v3 Authority Key Identifier:
                keyid:1B:F0:3D:B8:BF:66:00:19:3B:E4:8F:B1:0E:6E:31:6B:8B:5F:88:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_A9uL9mABk75I-xDm4xa4tfiOM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d60752-ca7e-4acf-8cd1-ee5988e873e1/1/G_A9uL9mABk75I-xDm4xa4tfiOM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:05:e2:5a:18:b5:34:5c:78:e2:51:7a:0b:51:d9:83:1c:fc:
         e8:14:49:9a:94:57:01:ee:fa:f0:0c:3b:b0:ac:ec:bd:31:a8:
         c1:da:14:45:19:34:67:da:05:a2:07:94:59:70:42:4a:e9:f2:
         fa:f0:eb:ce:c7:45:25:f0:79:18:65:07:a3:2c:12:48:7c:77:
         fd:95:1e:3d:b9:61:83:67:b2:5e:e7:ad:f9:63:36:2b:2e:e7:
         d5:16:42:c7:cc:5f:e7:0b:4e:b6:16:b7:76:ad:b2:30:6c:8f:
         cd:dc:43:f4:7d:48:d9:d9:d0:43:a4:d9:17:8f:ee:30:e1:98:
         f8:ff:85:e8:16:1e:b0:fc:b5:5b:30:41:e6:cf:a4:88:a9:25:
         54:ac:cf:6f:45:79:5e:ce:02:df:b7:d2:ca:65:57:d6:9c:38:
         ac:07:c1:4c:35:2c:a5:f3:39:c4:1f:b2:ba:c9:80:09:b0:78:
         da:24:27:fe:7d:ff:49:ff:84:c1:33:79:56:5a:60:7f:6a:eb:
         e3:3e:82:1b:e2:19:f8:f3:65:99:ef:d5:d0:f5:c3:3a:39:11:
         7c:e5:52:a6:e2:a7:19:47:e7:38:0f:7d:24:9c:cb:d8:4b:31:
         6c:a0:2f:cc:7f:3f:0c:9a:29:22:ad:c7:18:9a:8f:cb:ae:78:
         90:7c:4e:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTdZobIawk+K9875hdiLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjAzZGI4YmY2NjAwMTkzYmU0OGZiMTBlNmUzMTZiOGI1
Zjg4ZTMwHhcNMjYwMzI2MDQwMTIyWhcNMjYwMzI3MDQwMTIyWjAzMTEwLwYDVQQD
EygxMTA0YmFhOGI5OTk1MTI0NTQ4ODY5ZDYyMDllYzI1MmNhZTIwMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArznaD68TJm66jkGUcbgEGmGwY99Q
mqtvUnC70SRm/rXytt/Xw5z+G/L09eZSgzihqA99RgcoZzJMGC8i9hoUZtd9x/vb
qTF0zUsZLRmAr6eMjxIE80tuGDyYMzdC1pRx0jyG5zdZu02ds1T76JPzZJYWHGuz
qtUIKY8h0SrgAAuuAStDDw8gSjYloIHGrNFiewLQmtPSdzJfWs30y14Plvvgjr26
ZYQtCuOsAbNobnQPSTq7L0+1vzI8Cs8abDDHwIP3kSsL/ZWQa8IDcne2X7K7swBd
jdxo6uyhR+4BNMDI3/AzKO2emWfPcoTU5OLOo/UVTyw792Wo2rdhrf9J/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEEuqi5mVEkVIhp1iCewlLK4gBSMB8GA1UdIwQY
MBaAFBvwPbi/ZgAZO+SPsQ5uMWuLX4jjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19BOXVMOW1BQms3NUkteERtNHhhNHRmaU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9kNjA3NTItY2E3ZS00YWNmLThjZDEt
ZWU1OTg4ZTg3M2UxLzEvR19BOXVMOW1BQms3NUkteERtNHhhNHRmaU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9kNjA3NTItY2E3ZS00YWNmLThjZDEtZWU1OTg4ZTg3M2Ux
LzEvR19BOXVMOW1BQms3NUkteERtNHhhNHRmaU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVwXiWhi1
NFx44lF6C1HZgxz86BRJmpRXAe768Aw7sKzsvTGowdoURRk0Z9oFogeUWXBCSuny
+vDrzsdFJfB5GGUHoywSSHx3/ZUePblhg2eyXuet+WM2Ky7n1RZCx8xf5wtOtha3
dq2yMGyPzdxD9H1I2dnQQ6TZF4/uMOGY+P+F6BYesPy1WzBB5s+kiKklVKzPb0V5
Xs4C37fSymVX1pw4rAfBTDUspfM5xB+yusmACbB42iQn/n3/Sf+EwTN5Vlpgf2rr
4z6CG+IZ+PNlme/V0PXDOjkRfOVSpuKnGUfnOA99JJzL2EsxbKAvzH8/DJopIq3H
GJqPy654kHxOqA==
-----END CERTIFICATE-----