Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
File:                     gAVnqlixEmbTjGRvpkc_VEk3fE0.mft (raw, json)
Hash identifier:          2MU/3pdCkMqhLULLCKBKRNfV3BTmlAGzyP6CxNUBSDk=
Subject key identifier:   E7:84:F1:80:2C:02:C5:9D:1B:24:D2:8A:9E:60:E6:1A:C4:7D:E6:9D
Authority key identifier: 80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D
Certificate issuer:       /CN=800567aa58b11266d38c646fa6473f5449377c4d
Certificate serial:       019D262898B26E9BE5CBFCBF8A9FB37EF180
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
Manifest number:          033D
Signing time:             Wed 25 Mar 2026 18:01:27 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:27 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:27 +0000
Files and hashes:         1: gAVnqlixEmbTjGRvpkc_VEk3fE0.crl (hash: etSJrYKmkL5a1Lwo9nAURMkvv0j0G5KdMsItZhBi3yo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 18:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:98:b2:6e:9b:e5:cb:fc:bf:8a:9f:b3:7e:f1:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=800567aa58b11266d38c646fa6473f5449377c4d
        Validity
            Not Before: Mar 25 18:01:27 2026 GMT
            Not After : Mar 26 18:01:27 2026 GMT
        Subject: CN=e784f1802c02c59d1b24d28a9e60e61ac47de69d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:94:10:7b:b2:03:4a:f3:9a:76:29:a5:db:29:
                    29:38:22:8f:10:b2:21:84:c3:41:c2:1c:bc:7d:9f:
                    ec:c2:b4:86:77:49:8a:90:ea:1e:65:b1:47:09:95:
                    57:ee:dc:c4:56:b0:c4:57:44:85:75:47:5a:f7:1d:
                    f4:e8:cc:c7:54:1d:b2:36:02:ec:43:b6:8a:44:98:
                    19:4d:c9:74:2c:65:27:a5:09:9f:28:d1:d1:fb:5e:
                    f1:3a:f9:25:e6:80:27:cd:77:e2:8d:39:23:6e:a1:
                    86:6c:fe:29:cf:ce:cc:d9:47:dc:16:49:10:a0:a6:
                    d6:30:ff:e1:af:69:6e:50:7d:61:fe:47:f8:d9:1d:
                    70:f8:4b:1e:6d:7a:87:f6:a7:3e:2d:ba:46:56:04:
                    bb:16:6b:c5:c2:1d:af:2e:7b:19:fa:1d:2c:86:ad:
                    ce:88:7b:72:42:d4:14:63:71:e8:a5:1d:c0:3b:3e:
                    d6:61:85:dd:cb:91:bd:7f:af:3b:9f:68:8f:9f:7d:
                    c3:84:d2:b1:01:e8:13:22:8b:4f:2a:2a:b5:05:70:
                    93:4c:b1:74:f7:9b:82:e7:fc:43:eb:d5:f5:07:a6:
                    ee:26:a3:d0:e2:7e:b1:d8:c4:7c:e4:df:e5:c4:10:
                    47:4a:1a:7a:cc:50:5b:a5:e0:55:e0:2b:ea:6d:4e:
                    3a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:84:F1:80:2C:02:C5:9D:1B:24:D2:8A:9E:60:E6:1A:C4:7D:E6:9D
            X509v3 Authority Key Identifier:
                keyid:80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:b2:7e:bc:89:b8:08:d8:35:64:62:93:8e:20:66:eb:ec:1a:
         1d:5a:22:cc:2d:27:03:01:31:52:c4:a4:3e:b8:17:78:1a:a4:
         96:54:b2:78:6b:65:81:9a:1d:0d:19:c6:80:2a:b2:26:a2:d5:
         93:2e:d0:84:05:89:ef:5a:2b:b1:ec:28:1d:25:ec:cc:ab:43:
         e2:e3:1c:08:99:ee:da:76:12:18:5a:10:b6:a7:5e:8d:72:4e:
         a4:08:44:f4:9e:01:4d:9e:32:79:a3:22:8e:45:fe:e6:84:c6:
         ff:99:e3:e7:17:08:b6:f5:37:36:67:c1:b4:70:ff:8f:1c:ca:
         28:e4:e1:08:81:cf:4a:51:b6:65:c1:f7:e6:b6:85:59:be:e7:
         c2:11:a9:d7:83:35:78:c1:31:87:90:38:36:83:e3:6f:ae:16:
         ed:c3:1f:46:d7:31:8d:bb:8e:4f:40:f4:23:54:0a:f7:49:e6:
         31:95:d5:85:9e:64:1d:43:d9:37:b2:f4:bd:aa:53:2e:27:cf:
         05:fd:67:13:a1:5e:98:47:10:7f:0a:73:8d:69:a8:ec:51:bf:
         85:4c:db:35:35:4d:31:2e:1d:2c:f6:68:32:b1:fc:16:78:3c:
         71:95:34:20:b6:0d:20:d7:a8:f9:a8:a7:5e:88:f8:be:04:f2:
         a4:df:2c:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKJiybpvly/y/ip+zfvGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMDU2N2FhNThiMTEyNjZkMzhjNjQ2ZmE2NDczZjU0NDkz
NzdjNGQwHhcNMjYwMzI1MTgwMTI3WhcNMjYwMzI2MTgwMTI3WjAzMTEwLwYDVQQD
EyhlNzg0ZjE4MDJjMDJjNTlkMWIyNGQyOGE5ZTYwZTYxYWM0N2RlNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5QQe7IDSvOadiml2ykpOCKPELIh
hMNBwhy8fZ/swrSGd0mKkOoeZbFHCZVX7tzEVrDEV0SFdUda9x306MzHVB2yNgLs
Q7aKRJgZTcl0LGUnpQmfKNHR+17xOvkl5oAnzXfijTkjbqGGbP4pz87M2UfcFkkQ
oKbWMP/hr2luUH1h/kf42R1w+EsebXqH9qc+LbpGVgS7FmvFwh2vLnsZ+h0shq3O
iHtyQtQUY3HopR3AOz7WYYXdy5G9f687n2iPn33DhNKxAegTIotPKiq1BXCTTLF0
95uC5/xD69X1B6buJqPQ4n6x2MR85N/lxBBHShp6zFBbpeBV4CvqbU46uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOeE8YAsAsWdGyTSip5g5hrEfeadMB8GA1UdIwQY
MBaAFIAFZ6pYsRJm04xkb6ZHP1RJN3xNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUt
OGRkNDVkMmJjYTdhLzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUtOGRkNDVkMmJjYTdh
LzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd7J+vIm4
CNg1ZGKTjiBm6+waHVoizC0nAwExUsSkPrgXeBqkllSyeGtlgZodDRnGgCqyJqLV
ky7QhAWJ71orsewoHSXszKtD4uMcCJnu2nYSGFoQtqdejXJOpAhE9J4BTZ4yeaMi
jkX+5oTG/5nj5xcItvU3NmfBtHD/jxzKKOThCIHPSlG2ZcH35raFWb7nwhGp14M1
eMExh5A4NoPjb64W7cMfRtcxjbuOT0D0I1QK90nmMZXVhZ5kHUPZN7L0vapTLifP
Bf1nE6FemEcQfwpzjWmo7FG/hUzbNTVNMS4dLPZoMrH8Fng8cZU0ILYNINeo+ain
Xoj4vgTypN8sIA==
-----END CERTIFICATE-----