Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
File:                     2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json)
Hash identifier:          PrNYMMeTpk+ubtntRuPDkX9zg6L4qkQYHf+/PBI22ns=
Subject key identifier:   5D:6C:AE:19:48:0F:34:84:C0:67:3C:30:A3:14:84:B2:21:D1:E8:93
Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9
Certificate issuer:       /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
Certificate serial:       019D2A3BE96705EC9E04352F326D05077AFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
Manifest number:          1519
Signing time:             Thu 26 Mar 2026 13:01:02 +0000
Manifest this update:     Thu 26 Mar 2026 13:01:02 +0000
Manifest next update:     Fri 27 Mar 2026 13:01:02 +0000
Files and hashes:         1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: TLn2Z6SBpMP2H5SSZoGccomKYducyeVAn0fs5DkR8qg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3b:e9:67:05:ec:9e:04:35:2f:32:6d:05:07:7a:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
        Validity
            Not Before: Mar 26 13:01:02 2026 GMT
            Not After : Mar 27 13:01:02 2026 GMT
        Subject: CN=5d6cae19480f3484c0673c30a31484b221d1e893
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:0e:4a:bc:b0:a9:24:5c:76:c3:38:92:0e:1a:
                    2b:37:7d:d6:9b:e7:66:0c:9f:8d:52:64:17:0d:b7:
                    56:26:a5:b5:a6:e3:50:c0:61:58:fe:df:fd:63:8c:
                    87:e5:30:67:fb:c9:27:c2:3e:94:c2:6b:bc:74:1d:
                    b1:11:1e:3c:99:1b:99:70:1a:99:4f:67:84:30:e6:
                    ac:90:16:5e:bb:5f:4a:20:cc:67:be:1a:ac:51:6f:
                    5f:bd:2f:be:a6:78:76:78:13:df:7f:45:ba:e9:d5:
                    d2:0a:98:c6:8b:fd:05:33:92:18:8f:f8:03:53:d3:
                    aa:29:c9:d2:a6:d1:4d:b0:15:50:0b:c1:6b:61:d8:
                    85:df:4a:cd:6d:bb:e1:9c:75:b0:03:5a:09:f4:ea:
                    7c:2a:af:65:6b:a2:b9:a1:dd:bf:92:42:b7:d9:ae:
                    9e:f3:a5:23:70:f8:1e:ca:ae:d7:ae:08:03:13:25:
                    a6:36:a0:46:19:03:75:21:85:ff:83:b2:4a:17:04:
                    9e:04:4a:ce:48:78:9b:ee:24:55:a6:4b:ec:e0:ff:
                    5c:9f:28:57:f5:e4:ef:31:8b:d6:32:63:6c:6f:17:
                    0d:6f:af:0e:63:47:cd:33:75:0a:52:f0:b0:b6:e5:
                    c9:6d:95:f0:e7:85:11:db:53:44:e2:6c:2d:fc:6c:
                    16:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6C:AE:19:48:0F:34:84:C0:67:3C:30:A3:14:84:B2:21:D1:E8:93
            X509v3 Authority Key Identifier:
                keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:6b:93:c1:9b:e0:2a:a8:70:7f:23:51:41:d8:1c:eb:70:c5:
         ed:e1:e8:be:5a:7f:9f:d8:a2:6b:e0:b2:81:8e:43:4d:a8:dd:
         48:59:20:ba:53:a5:09:c8:ef:44:53:0a:f6:6d:5f:4b:fb:13:
         6b:70:2d:36:80:a9:7c:17:ca:31:d6:60:8a:b0:a9:8b:0d:8d:
         41:38:ad:57:74:56:e2:7d:c9:f2:f0:02:5d:01:98:8c:14:e6:
         87:61:70:c6:cc:3a:5f:aa:0f:34:7b:07:d8:5e:20:8a:02:cf:
         9d:a5:e5:1a:9a:f0:81:82:ea:4b:17:56:65:1f:cf:8c:32:50:
         39:ec:e0:e0:a6:0d:69:49:fc:96:b5:5d:53:4d:52:c0:90:25:
         ab:d3:de:3b:c2:fe:54:55:d0:e3:82:72:c1:99:a5:89:b5:8b:
         8d:8c:d5:90:ae:53:58:fd:0d:72:64:0e:47:00:47:74:06:80:
         c8:18:32:5e:40:96:a8:20:a2:f4:ff:38:c4:a9:02:40:43:ff:
         49:2f:42:5e:c0:1e:93:b4:5f:2b:c3:40:29:13:0c:11:df:56:
         f0:8d:55:95:6b:3e:30:c2:cd:54:d8:3c:51:45:27:64:27:e4:
         1b:58:fc:85:7b:59:8d:1e:f6:f8:94:59:1b:6a:7a:80:d5:1a:
         65:f1:75:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qO+lnBeyeBDUvMm0FB3r8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz
YWQzZDkwHhcNMjYwMzI2MTMwMTAyWhcNMjYwMzI3MTMwMTAyWjAzMTEwLwYDVQQD
Eyg1ZDZjYWUxOTQ4MGYzNDg0YzA2NzNjMzBhMzE0ODRiMjIxZDFlODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQ5KvLCpJFx2wziSDhorN33Wm+dm
DJ+NUmQXDbdWJqW1puNQwGFY/t/9Y4yH5TBn+8knwj6Uwmu8dB2xER48mRuZcBqZ
T2eEMOaskBZeu19KIMxnvhqsUW9fvS++pnh2eBPff0W66dXSCpjGi/0FM5IYj/gD
U9OqKcnSptFNsBVQC8FrYdiF30rNbbvhnHWwA1oJ9Op8Kq9la6K5od2/kkK32a6e
86UjcPgeyq7XrggDEyWmNqBGGQN1IYX/g7JKFwSeBErOSHib7iRVpkvs4P9cnyhX
9eTvMYvWMmNsbxcNb68OY0fNM3UKUvCwtuXJbZXw54UR21NE4mwt/GwWjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1srhlIDzSEwGc8MKMUhLIh0eiTMB8GA1UdIwQY
MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt
MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5
LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ2uTwZvg
KqhwfyNRQdgc63DF7eHovlp/n9iia+CygY5DTajdSFkgulOlCcjvRFMK9m1fS/sT
a3AtNoCpfBfKMdZgirCpiw2NQTitV3RW4n3J8vACXQGYjBTmh2Fwxsw6X6oPNHsH
2F4gigLPnaXlGprwgYLqSxdWZR/PjDJQOezg4KYNaUn8lrVdU01SwJAlq9PeO8L+
VFXQ44JywZmlibWLjYzVkK5TWP0NcmQORwBHdAaAyBgyXkCWqCCi9P84xKkCQEP/
SS9CXsAek7RfK8NAKRMMEd9W8I1VlWs+MMLNVNg8UUUnZCfkG1j8hXtZjR72+JRZ
G2p6gNUaZfF1Xg==
-----END CERTIFICATE-----