Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
File:                     gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json)
Hash identifier:          iMfoE/ZnLBiYOcRNmzWX7mPpe6sP6YALbx1mPTEJVHc=
Subject key identifier:   70:21:6E:A2:E6:A3:22:60:71:D2:6F:C8:BD:62:BB:6C:AF:D5:32:89
Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66
Certificate issuer:       /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
Certificate serial:       019D2AE0F9481B5A40D9C7FFDD781BD08EF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 16:01:19 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:19 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:19 +0000
Files and hashes:         1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: wt6N6OtH7pxpgRooXcEunwYs5y1KnNU8RRtONW6T0Fw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:f9:48:1b:5a:40:d9:c7:ff:dd:78:1b:d0:8e:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
        Validity
            Not Before: Mar 26 16:01:19 2026 GMT
            Not After : Mar 27 16:01:19 2026 GMT
        Subject: CN=70216ea2e6a3226071d26fc8bd62bb6cafd53289
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:c2:a5:d9:c0:2c:2a:25:dc:b8:d7:2d:fb:cc:
                    b2:76:99:14:99:4e:4a:d5:6e:d7:4b:79:20:e1:32:
                    4a:34:50:23:8e:16:8c:ba:22:9c:cc:42:cd:3d:04:
                    d0:99:43:2d:60:b0:2d:d9:c0:92:89:39:df:13:8a:
                    9a:2e:3c:b7:4f:30:d6:d4:15:84:b3:2d:cb:cb:6c:
                    cd:09:f1:56:e5:5f:78:31:34:bb:4c:d3:91:e3:70:
                    95:d1:79:fa:1a:69:d0:af:dd:6f:69:3f:a8:7f:95:
                    cf:47:36:7a:0e:59:22:a6:57:1f:c9:3a:95:59:2d:
                    82:32:44:f4:93:2c:2d:0b:82:0e:13:ce:20:e8:87:
                    e4:c2:d1:88:d0:d9:64:93:b5:1c:58:af:20:4a:89:
                    2a:4f:3b:9a:3d:6f:7f:2c:44:75:4d:79:85:80:dc:
                    e0:bd:62:4b:c2:72:c0:dd:75:36:4a:91:39:0e:47:
                    53:ec:39:73:f7:9a:51:a7:9d:60:e4:82:ba:38:00:
                    6f:65:2f:c4:be:ea:3b:64:97:51:f9:17:35:94:99:
                    fc:a7:11:e5:14:96:16:89:2b:26:05:d6:64:71:9c:
                    94:04:57:82:56:13:b9:9e:54:6b:06:d1:f8:14:84:
                    68:65:cb:25:99:37:ee:3a:33:05:d2:dd:9d:76:c0:
                    c0:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:21:6E:A2:E6:A3:22:60:71:D2:6F:C8:BD:62:BB:6C:AF:D5:32:89
            X509v3 Authority Key Identifier:
                keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:b2:2e:e1:b2:ee:4e:03:ab:d5:32:15:3a:b4:87:5b:9c:2f:
         30:28:dc:f1:89:0d:9d:03:8a:55:67:b3:7e:d4:f9:a1:7a:fe:
         2b:53:66:46:2d:f5:c8:63:b1:61:8c:86:ef:6f:fd:c9:0c:66:
         2c:25:e7:3d:06:a7:a2:5b:50:a2:12:02:93:de:d0:41:72:8e:
         cf:ae:09:92:a0:2f:3c:64:d1:bf:5c:fc:df:d8:99:a9:39:f3:
         46:1e:d4:07:14:1b:68:20:2f:a3:4e:6d:2c:da:6a:4d:49:33:
         f8:51:c9:06:d5:06:5a:4a:47:bf:41:40:91:52:ec:26:d8:22:
         1d:16:4e:d4:4f:86:f0:8f:34:6c:85:ca:c3:f3:f3:7b:27:52:
         78:57:27:22:fb:de:73:88:ca:ef:83:5e:99:88:2d:6d:c2:44:
         d0:51:5a:68:68:75:59:94:1c:fa:34:08:3b:7f:d1:e5:4c:1f:
         91:08:f0:0a:d8:6d:39:f3:50:08:40:26:bc:c2:dd:ed:d8:50:
         29:b0:e8:35:73:c4:1c:ba:83:df:6f:50:94:cd:81:19:04:56:
         65:8a:63:a8:a8:c5:76:60:f0:74:ba:e5:a4:7d:71:41:24:3d:
         fb:57:f0:0b:d2:93:4c:8d:65:11:64:5d:e9:d8:d3:d3:01:24:
         1f:9e:0c:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4PlIG1pA2cf/3Xgb0I70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi
NWZhNjYwHhcNMjYwMzI2MTYwMTE5WhcNMjYwMzI3MTYwMTE5WjAzMTEwLwYDVQQD
Eyg3MDIxNmVhMmU2YTMyMjYwNzFkMjZmYzhiZDYyYmI2Y2FmZDUzMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8Kl2cAsKiXcuNct+8yydpkUmU5K
1W7XS3kg4TJKNFAjjhaMuiKczELNPQTQmUMtYLAt2cCSiTnfE4qaLjy3TzDW1BWE
sy3Ly2zNCfFW5V94MTS7TNOR43CV0Xn6GmnQr91vaT+of5XPRzZ6DlkiplcfyTqV
WS2CMkT0kywtC4IOE84g6IfkwtGI0Nlkk7UcWK8gSokqTzuaPW9/LER1TXmFgNzg
vWJLwnLA3XU2SpE5DkdT7Dlz95pRp51g5IK6OABvZS/Evuo7ZJdR+Rc1lJn8pxHl
FJYWiSsmBdZkcZyUBFeCVhO5nlRrBtH4FIRoZcslmTfuOjMF0t2ddsDAwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHAhbqLmoyJgcdJvyL1iu2yv1TKJMB8GA1UdIwQY
MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt
NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz
LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ7Iu4bLu
TgOr1TIVOrSHW5wvMCjc8YkNnQOKVWezftT5oXr+K1NmRi31yGOxYYyG72/9yQxm
LCXnPQanoltQohICk97QQXKOz64JkqAvPGTRv1z839iZqTnzRh7UBxQbaCAvo05t
LNpqTUkz+FHJBtUGWkpHv0FAkVLsJtgiHRZO1E+G8I80bIXKw/PzeydSeFcnIvve
c4jK74NemYgtbcJE0FFaaGh1WZQc+jQIO3/R5UwfkQjwCthtOfNQCEAmvMLd7dhQ
KbDoNXPEHLqD329QlM2BGQRWZYpjqKjFdmDwdLrlpH1xQSQ9+1fwC9KTTI1lEWRd
6djT0wEkH54Mag==
-----END CERTIFICATE-----