Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
File:                     GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json)
Hash identifier:          ukN2AxHvGQy/yoLkmVamJaKf/JP/moxgvHqbp/jzJX8=
Subject key identifier:   AF:35:26:CE:C5:CB:05:DC:40:33:AA:DC:57:5D:35:00:5C:AB:63:A8
Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D
Certificate issuer:       /CN=1a66819ed62a71090cf437e4263012d4c035067d
Certificate serial:       019D296154E55C9823DA5AAD0F0EBDCBDC9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 09:02:17 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:17 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:17 +0000
Files and hashes:         1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: Wg6d0uW0gElhx95arY6NO0EjddtqwylPRg1z+ScFv10=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:54:e5:5c:98:23:da:5a:ad:0f:0e:bd:cb:dc:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d
        Validity
            Not Before: Mar 26 09:02:17 2026 GMT
            Not After : Mar 27 09:02:17 2026 GMT
        Subject: CN=af3526cec5cb05dc4033aadc575d35005cab63a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:9b:9d:33:68:03:2c:f6:da:b9:ce:58:ce:bb:
                    24:75:2f:1a:49:db:e8:90:c6:f4:77:bf:f7:e2:40:
                    5b:08:3f:43:ab:1f:4a:55:9b:dd:34:c4:b5:e0:bf:
                    e7:85:de:a2:29:78:04:c5:85:29:3c:2a:76:02:c9:
                    a9:52:d0:5a:30:85:6c:98:3c:cb:87:b4:21:ef:b1:
                    2a:72:a5:62:91:90:ea:49:1d:b4:86:1b:73:97:1f:
                    c6:e3:dd:07:23:d3:41:57:61:b2:eb:03:27:44:e9:
                    be:6d:57:a0:4c:b1:e1:9e:3c:c9:71:c6:37:58:73:
                    81:9d:48:a4:4f:a2:14:19:84:19:84:8c:25:02:bc:
                    d5:74:e9:0e:55:55:fe:5f:79:fc:3a:cd:26:1e:20:
                    aa:44:83:ee:03:83:65:0f:f1:c8:97:f7:cb:e3:d8:
                    d9:ff:ad:c0:49:c4:78:4f:5e:8a:b2:c4:0d:3d:e5:
                    b7:5c:4b:92:b7:e8:f3:c3:4c:e0:09:d7:95:70:24:
                    ff:76:30:a6:10:d1:46:87:8d:fe:9a:54:f1:06:16:
                    e3:31:45:0d:85:89:2c:1a:68:52:3e:bb:02:1f:e3:
                    b2:4c:2b:7c:de:85:80:80:6f:c8:d9:24:5a:be:e1:
                    fc:ab:fc:b3:6d:42:1a:4f:ec:c8:72:2c:7a:2a:3d:
                    fa:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:35:26:CE:C5:CB:05:DC:40:33:AA:DC:57:5D:35:00:5C:AB:63:A8
            X509v3 Authority Key Identifier:
                keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:b5:77:1c:32:ea:37:6a:22:fe:12:2e:06:37:e1:68:53:d7:
         9a:a9:65:0c:55:5d:8a:09:cf:2a:1a:a4:8e:d8:5c:fa:9c:81:
         a8:ed:39:3b:6b:42:c7:fb:f3:9c:21:84:a2:80:f9:40:cc:a9:
         9e:20:5b:6c:b1:a4:6d:fa:56:ab:47:69:6e:f3:99:19:e9:a6:
         ff:0b:c0:49:ea:1d:76:91:77:c8:8e:88:1f:d4:14:a7:28:a7:
         ff:73:c5:94:6a:27:3d:d1:91:c3:5f:14:77:13:86:e6:5d:e7:
         3f:74:be:65:d5:21:78:52:31:5b:c6:58:d8:87:3e:36:04:37:
         e0:34:43:78:8f:16:e0:75:9f:2d:e3:3f:2a:d0:8c:fe:dd:94:
         9a:f4:c8:b6:35:28:56:cd:4d:d4:76:2f:b1:0b:e0:69:c0:16:
         6f:8a:e0:eb:04:37:4d:8a:51:39:0d:f0:30:44:6a:e0:4f:81:
         6d:5d:6a:dc:09:ff:56:df:0f:d6:d8:c0:38:6f:ef:ac:e7:cc:
         e3:59:c7:13:b8:db:6c:9e:1e:2a:7d:fd:44:4d:d4:16:d5:12:
         15:62:d8:6c:a9:7d:50:5d:2d:d2:c4:7e:c3:a1:c2:2c:0e:61:
         84:a7:c3:c1:3e:ef:2d:48:03:2f:6f:d0:1d:bc:f2:d4:41:40:
         23:97:d8:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYVTlXJgj2lqtDw69y9yeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz
NTA2N2QwHhcNMjYwMzI2MDkwMjE3WhcNMjYwMzI3MDkwMjE3WjAzMTEwLwYDVQQD
EyhhZjM1MjZjZWM1Y2IwNWRjNDAzM2FhZGM1NzVkMzUwMDVjYWI2M2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05udM2gDLPbauc5YzrskdS8aSdvo
kMb0d7/34kBbCD9Dqx9KVZvdNMS14L/nhd6iKXgExYUpPCp2AsmpUtBaMIVsmDzL
h7Qh77EqcqVikZDqSR20hhtzlx/G490HI9NBV2Gy6wMnROm+bVegTLHhnjzJccY3
WHOBnUikT6IUGYQZhIwlArzVdOkOVVX+X3n8Os0mHiCqRIPuA4NlD/HIl/fL49jZ
/63AScR4T16KssQNPeW3XEuSt+jzw0zgCdeVcCT/djCmENFGh43+mlTxBhbjMUUN
hYksGmhSPrsCH+OyTCt83oWAgG/I2SRavuH8q/yzbUIaT+zIcix6Kj36SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK81Js7FywXcQDOq3FddNQBcq2OoMB8GA1UdIwQY
MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt
NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3
LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMbV3HDLq
N2oi/hIuBjfhaFPXmqllDFVdignPKhqkjthc+pyBqO05O2tCx/vznCGEooD5QMyp
niBbbLGkbfpWq0dpbvOZGemm/wvASeoddpF3yI6IH9QUpyin/3PFlGonPdGRw18U
dxOG5l3nP3S+ZdUheFIxW8ZY2Ic+NgQ34DRDeI8W4HWfLeM/KtCM/t2UmvTItjUo
Vs1N1HYvsQvgacAWb4rg6wQ3TYpROQ3wMERq4E+BbV1q3An/Vt8P1tjAOG/vrOfM
41nHE7jbbJ4eKn39RE3UFtUSFWLYbKl9UF0t0sR+w6HCLA5hhKfDwT7vLUgDL2/Q
Hbzy1EFAI5fYRg==
-----END CERTIFICATE-----