Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          xCP0j0QiI8WFrVScgMNrtzrPnsC6aRXV3axKaXlS83s=
Subject key identifier:   67:93:84:BC:D8:8D:1D:83:DA:28:D7:83:9A:4C:95:56:F8:72:36:7A
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       019D2703CA1CC81C9887C410AC79F92DCEAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:00:52 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:52 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:52 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: d3R4g5RyxXPSGfjkhsDFwDrv9q7J/NCeZccXdRKUoSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:ca:1c:c8:1c:98:87:c4:10:ac:79:f9:2d:ce:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Mar 25 22:00:52 2026 GMT
            Not After : Mar 26 22:00:52 2026 GMT
        Subject: CN=679384bcd88d1d83da28d7839a4c9556f872367a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d1:b8:b6:08:3a:e7:6d:9a:6b:de:c5:d6:fb:
                    17:8c:20:87:ee:63:1d:60:0f:da:44:38:27:78:5c:
                    38:d0:30:e6:61:8a:b6:41:23:25:64:38:10:ae:14:
                    4d:0e:c6:92:46:f7:12:46:b6:b7:01:4b:26:73:bd:
                    4f:10:6a:0e:d3:c7:fc:28:69:28:83:21:cd:a8:af:
                    80:9f:72:3b:07:f2:5c:69:16:c1:62:9a:22:be:94:
                    ec:8d:f8:7e:bb:6c:c6:32:a7:17:22:f5:36:d3:4d:
                    00:2d:46:a0:79:4d:5f:4c:1a:84:54:e5:f5:07:01:
                    0c:f1:fa:c4:16:cd:63:e8:69:22:3b:66:7a:02:5d:
                    22:48:a1:52:c0:ef:bb:aa:e6:b7:1e:3a:c2:bb:84:
                    a0:a9:c2:e8:eb:48:0b:fc:73:8e:d3:65:ad:83:e3:
                    b9:8b:1c:02:d1:47:7a:23:89:17:51:59:5a:c7:4f:
                    1d:e8:51:10:18:89:5c:27:18:71:12:be:9b:57:16:
                    20:3a:9d:5f:f1:f6:b3:07:5b:8b:25:79:0a:61:b1:
                    65:17:23:9b:68:3e:37:25:5f:b2:17:68:ce:3c:f0:
                    9c:1c:37:9b:33:a1:21:04:00:99:8e:f2:a3:c6:75:
                    45:28:16:7a:3f:0b:63:ea:b7:c5:da:ab:9b:4c:a8:
                    b8:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:93:84:BC:D8:8D:1D:83:DA:28:D7:83:9A:4C:95:56:F8:72:36:7A
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:09:97:09:50:85:e3:5b:76:cb:8f:5a:d7:7f:79:f4:2d:57:
         5e:81:12:36:b7:84:12:e4:c2:76:f9:d9:db:41:1a:bc:7c:16:
         8c:56:87:50:b1:86:61:6f:d5:33:ef:62:ed:41:82:ce:fa:3a:
         bb:3c:cd:5d:ce:d9:bf:75:17:bf:0a:b0:c9:59:23:91:f3:bf:
         ff:cc:ec:34:bf:e4:54:17:af:77:b9:a6:e7:c7:38:d6:f4:82:
         2a:5a:73:78:d6:d7:7e:94:15:13:6c:24:3d:32:d2:e2:5f:71:
         25:aa:ac:be:24:1e:1c:64:3a:b9:d4:d6:7b:bf:1e:21:3f:aa:
         91:0f:38:67:83:9f:42:29:b8:cd:16:e7:ba:36:77:3e:f7:09:
         62:6d:03:82:c8:24:56:be:b0:e1:a1:f5:00:e5:22:c4:7f:51:
         4a:8f:43:84:ad:ba:c9:4a:58:03:cf:65:c5:69:0a:28:bb:12:
         6f:e0:15:78:18:36:86:e8:89:d5:fd:26:54:3e:de:65:c9:c5:
         80:db:e9:7c:09:2f:20:f5:0c:03:8a:b1:8e:53:b4:3f:ca:41:
         f5:f9:ec:97:63:ad:3f:ed:69:f8:69:56:4d:c1:7d:6d:32:74:
         a4:bc:bd:47:58:a9:61:db:00:20:25:6c:5e:75:4e:5c:8d:80:
         6c:b3:67:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA8ocyByYh8QQrHn5Lc6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjYwMzI1MjIwMDUyWhcNMjYwMzI2MjIwMDUyWjAzMTEwLwYDVQQD
Eyg2NzkzODRiY2Q4OGQxZDgzZGEyOGQ3ODM5YTRjOTU1NmY4NzIzNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9G4tgg6522aa97F1vsXjCCH7mMd
YA/aRDgneFw40DDmYYq2QSMlZDgQrhRNDsaSRvcSRra3AUsmc71PEGoO08f8KGko
gyHNqK+An3I7B/JcaRbBYpoivpTsjfh+u2zGMqcXIvU2000ALUageU1fTBqEVOX1
BwEM8frEFs1j6GkiO2Z6Al0iSKFSwO+7qua3HjrCu4SgqcLo60gL/HOO02Wtg+O5
ixwC0Ud6I4kXUVlax08d6FEQGIlcJxhxEr6bVxYgOp1f8fazB1uLJXkKYbFlFyOb
aD43JV+yF2jOPPCcHDebM6EhBACZjvKjxnVFKBZ6Pwtj6rfF2qubTKi48QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGeThLzYjR2D2ijXg5pMlVb4cjZ6MB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABwmXCVCF
41t2y49a13959C1XXoESNreEEuTCdvnZ20EavHwWjFaHULGGYW/VM+9i7UGCzvo6
uzzNXc7Zv3UXvwqwyVkjkfO//8zsNL/kVBevd7mm58c41vSCKlpzeNbXfpQVE2wk
PTLS4l9xJaqsviQeHGQ6udTWe78eIT+qkQ84Z4OfQim4zRbnujZ3PvcJYm0Dgsgk
Vr6w4aH1AOUixH9RSo9DhK26yUpYA89lxWkKKLsSb+AVeBg2huiJ1f0mVD7eZcnF
gNvpfAkvIPUMA4qxjlO0P8pB9fnsl2OtP+1p+GlWTcF9bTJ0pLy9R1ipYdsAICVs
XnVOXI2AbLNnqw==
-----END CERTIFICATE-----