Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
File:                     G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json)
Hash identifier:          J338iLa1zmyVQX4mfvXxXpq3qeAj26RgQKs5G/HdoC4=
Subject key identifier:   B0:FC:7C:79:9D:35:B2:B7:CC:EC:F2:D8:0C:73:BE:75:8F:7B:7A:DD
Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD
Certificate issuer:       /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
Certificate serial:       019D2AE027E8935D8B03F8BC918CAC6B8040
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
Manifest number:          1020
Signing time:             Thu 26 Mar 2026 16:00:26 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:26 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:26 +0000
Files and hashes:         1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: bSK+cqwqRPk0+FsiTYo8NaoEvJ71Cj8oQ1Ad86wBjDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:27:e8:93:5d:8b:03:f8:bc:91:8c:ac:6b:80:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
        Validity
            Not Before: Mar 26 16:00:26 2026 GMT
            Not After : Mar 27 16:00:26 2026 GMT
        Subject: CN=b0fc7c799d35b2b7ccecf2d80c73be758f7b7add
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:1b:18:c8:9a:c1:21:6b:f4:dc:5d:98:89:11:
                    bc:73:d0:7b:16:6f:ed:43:5c:e3:a5:2b:9e:f3:52:
                    85:0b:25:da:15:0d:54:48:cb:5a:5e:0c:9c:99:75:
                    e2:df:3b:ad:90:f6:aa:cf:0b:be:3d:bd:ad:6f:d8:
                    f1:bd:40:bf:4a:38:88:71:f7:75:70:36:6f:fd:68:
                    1c:ee:8d:e4:77:17:83:08:7b:51:61:63:4b:12:48:
                    84:f6:71:5c:5d:6c:b1:2b:d9:f4:9a:30:df:93:a8:
                    98:79:c6:af:95:0e:e3:34:15:de:d6:f1:bf:f9:d4:
                    e0:a3:b4:8f:33:76:82:9b:61:46:1b:bc:a8:d0:ce:
                    e8:d6:94:4b:c3:42:b4:44:da:96:f4:0c:3c:9c:d0:
                    48:4e:86:80:5b:f9:62:47:7b:93:3d:37:57:81:7f:
                    58:d4:44:7f:e6:42:9e:e6:c3:07:cf:fb:1e:45:c8:
                    c4:0d:74:98:2b:77:e0:b5:13:40:bc:3f:41:94:50:
                    9c:79:52:e8:46:15:2d:3b:3a:c6:b7:09:d0:24:b4:
                    80:10:3a:67:80:2f:44:63:17:2e:68:a8:ba:92:07:
                    c2:29:dc:43:47:d4:30:d1:f3:08:df:70:af:a5:26:
                    f3:33:31:aa:d1:5c:06:f6:f8:a8:c0:7f:6d:38:b9:
                    d0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:FC:7C:79:9D:35:B2:B7:CC:EC:F2:D8:0C:73:BE:75:8F:7B:7A:DD
            X509v3 Authority Key Identifier:
                keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:3f:61:ff:d9:82:7a:81:c5:5d:29:24:46:dd:15:13:7c:09:
         c5:4d:89:37:87:2f:54:cb:e5:90:00:ac:d1:28:1a:0e:f8:0e:
         cd:20:3c:8e:09:4c:e0:05:3c:4d:5b:f4:98:df:4b:5b:6f:f4:
         50:df:ef:99:d7:84:9d:73:92:34:1d:63:b2:b4:d5:72:7e:76:
         ed:f6:6f:52:6d:2e:11:8f:b4:49:66:0d:27:09:ca:c0:e8:c1:
         76:e0:ad:e9:fe:03:81:7c:3a:48:79:5e:5e:bf:18:48:35:ad:
         02:fb:b3:04:71:5b:a5:d4:1d:11:18:39:86:cd:a2:d0:41:1c:
         b4:1e:70:ad:68:ab:09:b4:af:c1:f7:7d:68:5c:1e:37:e3:35:
         5e:b8:db:90:98:2a:7d:37:02:c7:33:1f:04:9f:f0:25:6a:ff:
         b9:e8:31:45:d7:32:b1:0a:5c:83:60:1d:96:72:27:69:36:0d:
         89:1a:cd:7b:0f:24:2a:8f:c8:33:4e:63:58:cc:81:ce:a8:17:
         d1:64:4c:60:63:8a:ac:24:9e:bc:ad:94:a6:13:c3:b9:e4:cc:
         72:07:ee:34:dd:7e:ff:4e:54:c3:69:b5:e6:e0:d4:57:67:3a:
         f5:b8:0b:9b:52:67:93:2f:07:26:2e:b6:43:26:3e:87:3b:85:
         ee:87:9d:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4Cfok12LA/i8kYysa4BAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh
NTZjYmQwHhcNMjYwMzI2MTYwMDI2WhcNMjYwMzI3MTYwMDI2WjAzMTEwLwYDVQQD
EyhiMGZjN2M3OTlkMzViMmI3Y2NlY2YyZDgwYzczYmU3NThmN2I3YWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hsYyJrBIWv03F2YiRG8c9B7Fm/t
Q1zjpSue81KFCyXaFQ1USMtaXgycmXXi3zutkPaqzwu+Pb2tb9jxvUC/SjiIcfd1
cDZv/Wgc7o3kdxeDCHtRYWNLEkiE9nFcXWyxK9n0mjDfk6iYecavlQ7jNBXe1vG/
+dTgo7SPM3aCm2FGG7yo0M7o1pRLw0K0RNqW9Aw8nNBIToaAW/liR3uTPTdXgX9Y
1ER/5kKe5sMHz/seRcjEDXSYK3fgtRNAvD9BlFCceVLoRhUtOzrGtwnQJLSAEDpn
gC9EYxcuaKi6kgfCKdxDR9Qw0fMI33CvpSbzMzGq0VwG9viowH9tOLnQPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLD8fHmdNbK3zOzy2AxzvnWPe3rdMB8GA1UdIwQY
MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt
MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx
LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWj9h/9mC
eoHFXSkkRt0VE3wJxU2JN4cvVMvlkACs0SgaDvgOzSA8jglM4AU8TVv0mN9LW2/0
UN/vmdeEnXOSNB1jsrTVcn527fZvUm0uEY+0SWYNJwnKwOjBduCt6f4DgXw6SHle
Xr8YSDWtAvuzBHFbpdQdERg5hs2i0EEctB5wrWirCbSvwfd9aFweN+M1XrjbkJgq
fTcCxzMfBJ/wJWr/uegxRdcysQpcg2AdlnInaTYNiRrNew8kKo/IM05jWMyBzqgX
0WRMYGOKrCSevK2UphPDueTMcgfuNN1+/05Uw2m15uDUV2c69bgLm1Jnky8HJi62
QyY+hzuF7oedIA==
-----END CERTIFICATE-----