Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
File:                     GhgxUqZBpAN71soKarQcukbaV9s.mft (raw, json)
Hash identifier:          S1JcYxlQ8UlWnsmFU9+bB34oqYEuzosiiq5zVK9f7qE=
Subject key identifier:   E6:98:F9:E9:5A:D4:02:4E:39:AA:7F:EE:56:89:5F:C2:9C:54:45:16
Authority key identifier: 1A:18:31:52:A6:41:A4:03:7B:D6:CA:0A:6A:B4:1C:BA:46:DA:57:DB
Certificate issuer:       /CN=1a183152a641a4037bd6ca0a6ab41cba46da57db
Certificate serial:       019D26CD0925EE522A9260318B66D281ADE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
Manifest number:          11A8
Signing time:             Wed 25 Mar 2026 21:01:04 +0000
Manifest this update:     Wed 25 Mar 2026 21:01:04 +0000
Manifest next update:     Thu 26 Mar 2026 21:01:04 +0000
Files and hashes:         1: GhgxUqZBpAN71soKarQcukbaV9s.crl (hash: wkQ62oGf5bBKrAavyiMq5huDhrJ5TBoKLhRtbh0w7i4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:cd:09:25:ee:52:2a:92:60:31:8b:66:d2:81:ad:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a183152a641a4037bd6ca0a6ab41cba46da57db
        Validity
            Not Before: Mar 25 21:01:04 2026 GMT
            Not After : Mar 26 21:01:04 2026 GMT
        Subject: CN=e698f9e95ad4024e39aa7fee56895fc29c544516
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c7:3e:08:d6:f1:69:a7:d6:be:0f:00:de:b8:
                    41:d5:97:de:8d:f2:72:33:6c:ad:8d:80:90:68:31:
                    4d:ae:a1:52:c1:9d:9b:c8:e4:1b:fb:80:bf:78:0e:
                    dc:e5:7e:ac:10:be:12:a4:1b:7d:75:fc:7a:8d:90:
                    96:69:85:9e:01:fb:f1:e1:0e:da:09:5a:da:1c:8f:
                    2b:8b:94:6a:c2:8b:81:52:3c:8b:5a:1b:23:08:91:
                    f9:2a:63:9c:6c:25:ea:75:e4:7d:1b:56:82:f5:b6:
                    34:38:4a:77:9d:90:cb:87:fd:c9:6f:07:5e:85:c1:
                    74:d1:a5:2c:c4:b1:63:98:0f:3c:a4:cd:6e:93:95:
                    fb:45:7e:c2:91:71:57:83:9a:3a:87:89:f6:18:dc:
                    3c:33:b9:1f:d0:60:21:2d:ab:a3:01:c4:07:22:5a:
                    c9:ed:a6:ca:b1:32:3a:e6:13:42:c1:15:51:17:59:
                    d3:fb:02:17:d4:13:b5:61:05:ad:5a:ad:af:e2:b3:
                    c2:e5:0e:6e:6e:2f:83:2e:04:3b:de:5b:35:b4:23:
                    28:7c:1f:af:82:36:46:25:85:ed:d3:18:fa:0c:e9:
                    1b:c0:c0:07:a3:58:58:1a:34:67:2a:c5:08:e1:43:
                    cb:c9:7f:39:2b:ec:4a:ab:37:b2:69:e3:f5:24:7d:
                    be:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:98:F9:E9:5A:D4:02:4E:39:AA:7F:EE:56:89:5F:C2:9C:54:45:16
            X509v3 Authority Key Identifier:
                keyid:1A:18:31:52:A6:41:A4:03:7B:D6:CA:0A:6A:B4:1C:BA:46:DA:57:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:a0:b9:2c:e6:a8:b5:48:08:26:6c:62:87:17:23:d2:a5:bc:
         ae:44:84:f7:d3:f8:98:f4:99:9b:91:27:70:32:f9:22:7f:7c:
         d0:2f:85:78:34:33:d5:37:b8:0b:a5:a1:f8:19:3f:0e:d0:5b:
         a0:27:6b:d3:5f:92:58:f2:f4:bd:a9:a5:6f:d9:43:03:3f:c8:
         66:0a:45:68:8d:b6:bf:22:4f:10:b0:81:b9:23:80:2b:54:ed:
         ba:14:38:0e:79:e4:24:e7:9f:31:26:ad:71:69:25:85:c7:84:
         4d:27:1a:f9:25:c3:67:43:2b:7d:33:41:3b:ad:99:d1:1e:44:
         09:25:b6:70:27:63:56:3c:ac:71:3c:4e:3f:b6:12:ce:af:2f:
         9b:5f:c8:54:68:c1:0f:cd:a2:65:fa:e8:2f:bb:23:4a:e2:4c:
         53:30:51:c2:0f:0d:d5:a8:3d:1f:bd:ee:19:c4:72:3a:5a:f9:
         d1:58:37:f1:6a:9a:0b:40:e2:c0:af:4d:12:f1:9f:4f:0d:32:
         2c:e4:32:ff:7e:5e:ca:9e:43:d8:84:3f:da:01:54:f0:77:4c:
         82:9a:a7:35:1c:09:d3:a4:93:ab:71:cf:d2:ee:07:e7:b0:73:
         5b:ba:df:9e:17:b9:96:52:82:db:bf:05:d6:be:2f:e1:93:20:
         cc:cc:6c:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzQkl7lIqkmAxi2bSga3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTgzMTUyYTY0MWE0MDM3YmQ2Y2EwYTZhYjQxY2JhNDZk
YTU3ZGIwHhcNMjYwMzI1MjEwMTA0WhcNMjYwMzI2MjEwMTA0WjAzMTEwLwYDVQQD
EyhlNjk4ZjllOTVhZDQwMjRlMzlhYTdmZWU1Njg5NWZjMjljNTQ0NTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMc+CNbxaafWvg8A3rhB1ZfejfJy
M2ytjYCQaDFNrqFSwZ2byOQb+4C/eA7c5X6sEL4SpBt9dfx6jZCWaYWeAfvx4Q7a
CVraHI8ri5RqwouBUjyLWhsjCJH5KmOcbCXqdeR9G1aC9bY0OEp3nZDLh/3Jbwde
hcF00aUsxLFjmA88pM1uk5X7RX7CkXFXg5o6h4n2GNw8M7kf0GAhLaujAcQHIlrJ
7abKsTI65hNCwRVRF1nT+wIX1BO1YQWtWq2v4rPC5Q5ubi+DLgQ73ls1tCMofB+v
gjZGJYXt0xj6DOkbwMAHo1hYGjRnKsUI4UPLyX85K+xKqzeyaeP1JH2+owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaY+ela1AJOOap/7laJX8KcVEUWMB8GA1UdIwQY
MBaAFBoYMVKmQaQDe9bKCmq0HLpG2lfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jM2UwM2QtYTRkYi00MDUwLTkwNmMt
NTYyOTRjNzA4ZmFmLzEvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9jM2UwM2QtYTRkYi00MDUwLTkwNmMtNTYyOTRjNzA4ZmFm
LzEvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR6C5LOao
tUgIJmxihxcj0qW8rkSE99P4mPSZm5EncDL5In980C+FeDQz1Te4C6Wh+Bk/DtBb
oCdr01+SWPL0vamlb9lDAz/IZgpFaI22vyJPELCBuSOAK1TtuhQ4DnnkJOefMSat
cWklhceETSca+SXDZ0MrfTNBO62Z0R5ECSW2cCdjVjyscTxOP7YSzq8vm1/IVGjB
D82iZfroL7sjSuJMUzBRwg8N1ag9H73uGcRyOlr50Vg38WqaC0DiwK9NEvGfTw0y
LOQy/35eyp5D2IQ/2gFU8HdMgpqnNRwJ06STq3HP0u4H57BzW7rfnhe5llKC278F
1r4v4ZMgzMxsnw==
-----END CERTIFICATE-----