Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
File:                     G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft (raw, json)
Hash identifier:          VvQ8vgHEaFuYpPT9M56pEtmcZhiFYfpOywfrTsm64tU=
Subject key identifier:   6E:D2:18:FA:40:DA:19:00:49:60:5B:47:2F:FB:86:CE:D6:96:84:7E
Authority key identifier: 1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6
Certificate issuer:       /CN=1b934577cb49d8d231b74c550726f3387e026cf6
Certificate serial:       019D28F3284DAB9C0DE43F9854EE0A2E7133
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 07:01:57 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:57 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:57 +0000
Files and hashes:         1: G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl (hash: oy5JsefIuFpVy/+0jXbr1t+h+Hh9LFwBgiEVRJ1jVuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:28:4d:ab:9c:0d:e4:3f:98:54:ee:0a:2e:71:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b934577cb49d8d231b74c550726f3387e026cf6
        Validity
            Not Before: Mar 26 07:01:57 2026 GMT
            Not After : Mar 27 07:01:57 2026 GMT
        Subject: CN=6ed218fa40da190049605b472ffb86ced696847e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:0b:69:ef:76:d4:a5:55:14:2a:13:48:47:2f:
                    dd:b4:00:77:97:90:61:4f:ef:9c:cb:01:5d:bc:df:
                    d3:0f:b1:c2:d1:7d:d5:48:ee:cd:9b:b5:0c:c9:ef:
                    d4:5d:0f:0d:84:45:64:65:0b:7c:44:4b:da:ce:80:
                    9b:50:a8:6a:c4:19:f4:73:52:8c:a8:72:62:2b:76:
                    95:13:df:aa:9f:f5:46:9d:f7:b9:c1:9d:ea:71:b1:
                    44:c3:98:a3:f6:f6:05:3f:47:e0:fa:40:15:8e:92:
                    70:fe:5b:bb:98:d8:f1:37:df:cc:f1:4c:76:6b:d1:
                    f7:5f:ca:6d:31:69:ce:34:62:3e:d1:fb:f9:6c:1a:
                    64:23:4f:74:91:76:3f:73:c8:dd:bf:b9:59:65:17:
                    ab:8b:48:f3:22:b1:14:0a:9c:9b:f6:1e:a7:d6:06:
                    f9:af:89:43:f6:4f:54:22:0e:e6:d1:1e:68:b0:1b:
                    28:27:73:55:e3:17:04:1c:46:e0:51:1d:01:0d:ca:
                    37:5c:8d:14:d9:f1:62:7b:fd:5a:c0:50:b3:30:2d:
                    4c:76:b4:df:b4:49:f1:ca:33:6b:9c:ed:6f:7a:89:
                    4a:02:e6:a2:53:63:f6:c2:e5:49:b1:d7:0b:11:fe:
                    dc:8d:83:f2:de:60:24:ef:4a:e7:f4:3a:df:94:53:
                    48:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:D2:18:FA:40:DA:19:00:49:60:5B:47:2F:FB:86:CE:D6:96:84:7E
            X509v3 Authority Key Identifier:
                keyid:1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:52:14:07:25:fe:e3:c6:c4:63:61:77:d5:e8:a6:05:c0:80:
         52:aa:3a:b7:94:bb:e0:d8:28:bf:d8:e2:a5:44:83:e6:7d:19:
         d5:38:b4:55:2e:30:c5:6a:c2:92:5e:11:6f:b6:93:7b:ec:c8:
         d3:d8:e2:d9:3c:a4:ed:72:3c:a3:2c:66:d8:48:e2:64:ab:28:
         eb:3e:05:bc:ab:52:98:c1:4b:54:8b:18:82:e4:88:7e:f5:b1:
         d3:c7:5b:42:5a:90:3a:46:6d:2a:10:5b:92:fe:16:2f:28:ef:
         4a:50:93:44:a9:6f:6a:b2:ee:22:6c:95:5a:63:b7:6d:26:7d:
         f8:9b:75:bf:43:01:d6:3b:04:47:fb:6c:24:6a:1a:92:0b:66:
         27:ad:24:2c:71:e5:58:89:90:cb:e2:7c:24:93:cf:3d:63:42:
         bf:a9:09:37:89:c5:43:30:0c:da:ce:58:e5:06:74:bc:51:f5:
         88:79:19:73:cb:f2:97:b7:de:aa:20:c4:06:b9:48:9e:5d:f6:
         db:3a:ee:7e:75:e5:b0:25:3c:41:8f:4c:92:a6:64:e6:db:b0:
         cf:45:f9:4b:71:3d:2e:a2:74:17:cf:e6:ab:23:c3:7a:b3:b6:
         0a:95:eb:34:32:87:88:89:ad:2c:55:7a:25:4b:b8:89:80:fb:
         12:60:d3:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8yhNq5wN5D+YVO4KLnEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOTM0NTc3Y2I0OWQ4ZDIzMWI3NGM1NTA3MjZmMzM4N2Uw
MjZjZjYwHhcNMjYwMzI2MDcwMTU3WhcNMjYwMzI3MDcwMTU3WjAzMTEwLwYDVQQD
Eyg2ZWQyMThmYTQwZGExOTAwNDk2MDViNDcyZmZiODZjZWQ2OTY4NDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQtp73bUpVUUKhNIRy/dtAB3l5Bh
T++cywFdvN/TD7HC0X3VSO7Nm7UMye/UXQ8NhEVkZQt8REvazoCbUKhqxBn0c1KM
qHJiK3aVE9+qn/VGnfe5wZ3qcbFEw5ij9vYFP0fg+kAVjpJw/lu7mNjxN9/M8Ux2
a9H3X8ptMWnONGI+0fv5bBpkI090kXY/c8jdv7lZZReri0jzIrEUCpyb9h6n1gb5
r4lD9k9UIg7m0R5osBsoJ3NV4xcEHEbgUR0BDco3XI0U2fFie/1awFCzMC1MdrTf
tEnxyjNrnO1veolKAuaiU2P2wuVJsdcLEf7cjYPy3mAk70rn9DrflFNIHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7SGPpA2hkASWBbRy/7hs7WloR+MB8GA1UdIwQY
MBaAFBuTRXfLSdjSMbdMVQcm8zh+Amz2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEt
MGUyOTg1OGM2MzdhLzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEtMGUyOTg1OGM2Mzdh
LzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPlIUByX+
48bEY2F31eimBcCAUqo6t5S74Ngov9jipUSD5n0Z1Ti0VS4wxWrCkl4Rb7aTe+zI
09ji2Tyk7XI8oyxm2EjiZKso6z4FvKtSmMFLVIsYguSIfvWx08dbQlqQOkZtKhBb
kv4WLyjvSlCTRKlvarLuImyVWmO3bSZ9+Jt1v0MB1jsER/tsJGoakgtmJ60kLHHl
WImQy+J8JJPPPWNCv6kJN4nFQzAM2s5Y5QZ0vFH1iHkZc8vyl7feqiDEBrlInl32
2zrufnXlsCU8QY9MkqZk5tuwz0X5S3E9LqJ0F8/mqyPDerO2CpXrNDKHiImtLFV6
JUu4iYD7EmDTLQ==
-----END CERTIFICATE-----