Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
File:                     GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json)
Hash identifier:          ixYEazsFFGkZHbsiLfeVxDmPm94ddYTi/58I7spgN1Q=
Subject key identifier:   17:C8:C6:D4:E3:CB:8C:A0:CB:1C:1A:30:40:D1:DD:90:2A:44:72:B3
Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26
Certificate issuer:       /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
Certificate serial:       019D27047D57ECF6A5A5DCC0FDF615147018
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
Manifest number:          15C4
Signing time:             Wed 25 Mar 2026 22:01:38 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:38 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:38 +0000
Files and hashes:         1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: phMBBUFjL5dDIlmLZO498hRZMX1lONdgmiNuZZwlWLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:7d:57:ec:f6:a5:a5:dc:c0:fd:f6:15:14:70:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26
        Validity
            Not Before: Mar 25 22:01:38 2026 GMT
            Not After : Mar 26 22:01:38 2026 GMT
        Subject: CN=17c8c6d4e3cb8ca0cb1c1a3040d1dd902a4472b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:4b:86:87:24:33:59:e7:d1:62:e5:8e:c5:05:
                    0c:87:a3:f3:1c:e9:12:25:1a:0b:8a:df:8c:73:6e:
                    8e:cb:c3:e9:16:51:15:21:30:77:00:cb:92:b8:84:
                    ad:79:20:ca:f9:bd:e1:6d:b5:62:4c:c3:a5:f7:21:
                    b7:c5:8c:e5:1c:78:de:bd:05:2b:bc:37:fb:98:4d:
                    ef:b5:ab:8f:a4:d2:8e:c3:46:1d:8a:36:50:03:48:
                    8e:56:88:16:cf:54:1f:8b:be:9f:30:f1:f6:de:0e:
                    23:4c:6a:51:29:ea:8d:d8:d8:bf:4d:ed:75:58:d0:
                    85:04:b1:d5:6a:c4:b9:07:57:7a:0a:7b:69:ce:ca:
                    db:7b:01:7c:a5:2d:b1:de:28:eb:3e:e7:d6:d3:88:
                    e1:ee:7d:43:60:e4:d9:77:18:31:cc:4f:bd:b4:26:
                    ec:56:22:c9:65:17:51:5a:31:c7:ec:8a:e4:64:c1:
                    8b:66:3e:fb:1f:ce:3c:ea:c9:93:d2:d5:ed:13:82:
                    73:d6:0f:ba:9f:7c:32:74:06:de:ce:ee:ed:d2:93:
                    33:95:66:9a:1d:79:89:54:f3:61:2b:e6:9b:25:d0:
                    aa:75:9e:6f:04:e0:45:53:c3:80:78:34:88:26:76:
                    1b:26:6d:0e:18:67:a0:e9:8c:4f:8f:63:fa:2f:12:
                    e4:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:C8:C6:D4:E3:CB:8C:A0:CB:1C:1A:30:40:D1:DD:90:2A:44:72:B3
            X509v3 Authority Key Identifier:
                keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:b4:3d:6f:12:76:82:23:55:da:d2:d5:66:f3:14:49:42:2d:
         34:d5:e8:18:81:56:c8:05:4d:ec:50:e5:bb:89:f6:a1:20:9c:
         a6:50:55:00:4e:81:a9:59:40:c4:48:82:96:4d:e2:b1:83:00:
         6f:17:ca:d6:1f:3e:7c:8f:28:a0:f7:7f:91:e8:6e:f8:5c:e9:
         73:0f:f2:28:cf:c3:d5:80:30:69:17:83:76:f2:2e:53:6c:0b:
         a5:13:7b:5b:a0:5f:ad:ba:5e:e2:9a:58:db:6f:6f:79:15:5d:
         87:48:9a:69:26:59:ca:6d:ea:9a:98:b0:f2:3a:84:6e:40:d7:
         ec:28:44:60:86:f0:78:41:ec:37:70:bc:54:a7:8f:5d:e2:cf:
         fd:6a:08:34:06:d4:bc:3f:a2:9b:a9:68:68:2e:b2:86:9e:0c:
         a0:82:24:23:ee:20:6a:99:c2:4e:ce:5e:f5:05:2a:8b:85:7d:
         2b:0f:0f:ed:26:bd:e1:43:79:fa:80:a8:fa:75:44:ee:75:52:
         66:fa:56:3a:19:25:45:08:bd:8b:bb:14:e5:fa:cd:db:fc:0a:
         82:29:b0:24:5e:23:bd:f0:2e:28:5a:be:fd:db:47:80:28:8c:
         39:6c:fd:e9:1a:70:a5:e7:72:aa:db:88:81:80:f0:58:60:c1:
         96:71:9c:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBH1X7PalpdzA/fYVFHAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1
YjNlMjYwHhcNMjYwMzI1MjIwMTM4WhcNMjYwMzI2MjIwMTM4WjAzMTEwLwYDVQQD
EygxN2M4YzZkNGUzY2I4Y2EwY2IxYzFhMzA0MGQxZGQ5MDJhNDQ3MmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UuGhyQzWefRYuWOxQUMh6PzHOkS
JRoLit+Mc26Oy8PpFlEVITB3AMuSuISteSDK+b3hbbViTMOl9yG3xYzlHHjevQUr
vDf7mE3vtauPpNKOw0YdijZQA0iOVogWz1Qfi76fMPH23g4jTGpRKeqN2Ni/Te11
WNCFBLHVasS5B1d6CntpzsrbewF8pS2x3ijrPufW04jh7n1DYOTZdxgxzE+9tCbs
ViLJZRdRWjHH7IrkZMGLZj77H8486smT0tXtE4Jz1g+6n3wydAbezu7t0pMzlWaa
HXmJVPNhK+abJdCqdZ5vBOBFU8OAeDSIJnYbJm0OGGeg6YxPj2P6LxLk0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfIxtTjy4ygyxwaMEDR3ZAqRHKzMB8GA1UdIwQY
MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct
ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh
LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ7Q9bxJ2
giNV2tLVZvMUSUItNNXoGIFWyAVN7FDlu4n2oSCcplBVAE6BqVlAxEiClk3isYMA
bxfK1h8+fI8ooPd/kehu+Fzpcw/yKM/D1YAwaReDdvIuU2wLpRN7W6Bfrbpe4ppY
229veRVdh0iaaSZZym3qmpiw8jqEbkDX7ChEYIbweEHsN3C8VKePXeLP/WoINAbU
vD+im6loaC6yhp4MoIIkI+4gapnCTs5e9QUqi4V9Kw8P7Sa94UN5+oCo+nVE7nVS
ZvpWOhklRQi9i7sU5frN2/wKgimwJF4jvfAuKFq+/dtHgCiMOWz96RpwpedyqtuI
gYDwWGDBlnGcgA==
-----END CERTIFICATE-----