Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
File:                     2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft (raw, json)
Hash identifier:          DSF5HtSfRxsnXQG7cnz+ImlO3vfrxbosxfaP9Y6nVWM=
Subject key identifier:   04:95:3B:DB:6C:DD:9D:2F:BB:FD:B1:4E:DB:EF:D7:DF:02:4B:62:25
Authority key identifier: D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51
Certificate issuer:       /CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51
Certificate serial:       019D2A04672F9DE1CAFBFFBEEB01F14EBF3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
Manifest number:          0324
Signing time:             Thu 26 Mar 2026 12:00:24 +0000
Manifest this update:     Thu 26 Mar 2026 12:00:24 +0000
Manifest next update:     Fri 27 Mar 2026 12:00:24 +0000
Files and hashes:         1: 2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl (hash: P7bouvBgIHu08rvRDPgB+40LnE62LHXo50cUEmxNIQk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 12:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:04:67:2f:9d:e1:ca:fb:ff:be:eb:01:f1:4e:bf:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51
        Validity
            Not Before: Mar 26 12:00:24 2026 GMT
            Not After : Mar 27 12:00:24 2026 GMT
        Subject: CN=04953bdb6cdd9d2fbbfdb14edbefd7df024b6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:7a:26:21:d1:e4:bd:0d:3c:df:f4:e2:4e:15:
                    fd:d5:81:a8:a5:ad:14:c2:b1:e4:6f:24:2f:c6:9e:
                    1f:44:9c:09:13:83:be:eb:78:a7:67:5e:02:0a:bf:
                    9f:e0:83:5d:13:be:4f:c6:93:47:72:76:16:9b:45:
                    71:02:54:75:cb:b9:df:c4:38:b1:0f:db:5b:73:9d:
                    76:eb:eb:51:4d:f7:2f:b8:11:18:95:db:8e:c9:00:
                    9c:a7:42:05:5b:57:20:eb:9e:1a:81:dd:39:8d:e8:
                    d8:e0:26:6e:b6:fa:88:1d:2d:35:ea:ac:7b:54:1f:
                    ab:0c:c9:84:de:c8:ef:d2:a0:1a:3a:a1:9a:b1:00:
                    c3:e3:15:18:6c:dd:c3:8e:a1:75:8e:7e:54:a4:fc:
                    85:c1:a2:39:1f:3c:75:20:3d:f9:ab:5f:12:4b:e4:
                    bc:ca:56:9f:42:5c:80:05:70:0d:f4:72:95:d4:25:
                    6b:e9:a8:f9:9c:7a:a4:3a:d6:e0:6a:3b:69:1d:ae:
                    d2:50:de:ea:82:ee:5d:6d:e0:0e:8b:b7:31:e4:65:
                    b0:1b:98:e0:96:d1:33:26:d7:56:fc:e7:78:96:23:
                    8b:89:a9:6b:c2:b9:19:f5:e2:90:c9:bb:fb:c1:d6:
                    62:bc:50:7b:cd:63:f4:1e:cc:ed:30:fd:c5:4c:1f:
                    85:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:95:3B:DB:6C:DD:9D:2F:BB:FD:B1:4E:DB:EF:D7:DF:02:4B:62:25
            X509v3 Authority Key Identifier:
                keyid:D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:64:f7:79:08:30:8d:df:dc:c8:26:d7:35:f7:09:8d:7b:86:
         da:c0:2f:71:5a:f2:08:4b:00:f4:59:0c:53:7c:b5:af:f6:ae:
         4a:e9:ea:1b:d1:a7:2c:f5:2a:9c:0a:da:ae:46:11:b0:be:a6:
         50:ef:3e:f5:ee:2b:a8:51:73:19:48:1b:29:72:27:1b:05:f1:
         17:66:c3:08:ca:b3:77:fd:17:8d:57:19:6b:b8:9f:ba:bc:f1:
         9c:0a:b4:32:1f:cb:7d:6c:76:6f:4f:e3:d8:45:3b:88:bb:47:
         fd:a0:e6:25:36:d4:f3:c2:78:91:97:68:9d:d4:bc:00:21:be:
         8a:a1:4a:fb:f2:05:44:2a:2e:e4:5f:be:aa:39:0c:2e:0b:c9:
         04:1c:e1:5a:c4:b2:a8:4b:7c:be:47:2d:cb:1a:00:95:32:3a:
         ce:1b:99:07:80:36:ce:b4:e3:90:a4:5a:c6:23:c5:97:f2:7c:
         17:54:c6:a2:5a:1c:55:e0:c9:6e:5b:48:2e:21:29:2b:80:7f:
         dc:e1:66:9c:b2:96:ce:d6:69:64:f4:74:65:b5:0b:60:31:4a:
         86:9f:27:61:bf:c8:ff:77:3b:37:e0:d5:4f:9f:96:a2:3a:79:
         02:63:ec:89:c0:a1:42:fa:a7:77:f9:e8:a1:80:8d:d0:82:5e:
         9e:15:9d:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBGcvneHK+/++6wHxTr87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjgyZDJjY2FkNGU0MWE1NTIwOTQ5N2VlMGZlMjdmMzkw
MWJiNTEwHhcNMjYwMzI2MTIwMDI0WhcNMjYwMzI3MTIwMDI0WjAzMTEwLwYDVQQD
EygwNDk1M2JkYjZjZGQ5ZDJmYmJmZGIxNGVkYmVmZDdkZjAyNGI2MjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3omIdHkvQ083/TiThX91YGopa0U
wrHkbyQvxp4fRJwJE4O+63inZ14CCr+f4INdE75PxpNHcnYWm0VxAlR1y7nfxDix
D9tbc5126+tRTfcvuBEYlduOyQCcp0IFW1cg654agd05jejY4CZutvqIHS016qx7
VB+rDMmE3sjv0qAaOqGasQDD4xUYbN3DjqF1jn5UpPyFwaI5Hzx1ID35q18SS+S8
ylafQlyABXAN9HKV1CVr6aj5nHqkOtbgajtpHa7SUN7qgu5dbeAOi7cx5GWwG5jg
ltEzJtdW/Od4liOLialrwrkZ9eKQybv7wdZivFB7zWP0HsztMP3FTB+F1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFASVO9ts3Z0vu/2xTtvv198CS2IlMB8GA1UdIwQY
MBaAFNhoLSzK1OQaVSCUl+4P4n85AbtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTct
NWM3ZTlmZTZlMWE5LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTctNWM3ZTlmZTZlMWE5
LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIGT3eQgw
jd/cyCbXNfcJjXuG2sAvcVryCEsA9FkMU3y1r/auSunqG9GnLPUqnArarkYRsL6m
UO8+9e4rqFFzGUgbKXInGwXxF2bDCMqzd/0XjVcZa7ifurzxnAq0Mh/LfWx2b0/j
2EU7iLtH/aDmJTbU88J4kZdondS8ACG+iqFK+/IFRCou5F++qjkMLgvJBBzhWsSy
qEt8vkctyxoAlTI6zhuZB4A2zrTjkKRaxiPFl/J8F1TGolocVeDJbltILiEpK4B/
3OFmnLKWztZpZPR0ZbULYDFKhp8nYb/I/3c7N+DVT5+Wojp5AmPsicChQvqnd/no
oYCN0IJenhWdxg==
-----END CERTIFICATE-----