Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          P8XVpV6AUsf3vmAtRzT/plL3wnEn/DXFvemMF23n5YY=
Subject key identifier:   D2:47:C7:86:93:F1:42:24:27:60:9D:DA:1F:DD:95:96:94:45:65:FB
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       019D292962CEB1CB32F9162115C880EB4D4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          0F8F
Signing time:             Thu 26 Mar 2026 08:01:11 +0000
Manifest this update:     Thu 26 Mar 2026 08:01:11 +0000
Manifest next update:     Fri 27 Mar 2026 08:01:11 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: jiM5QH/TxcdKLN0evdApRsQpNVsgmef0CEd7LfCNNvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 08:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:29:62:ce:b1:cb:32:f9:16:21:15:c8:80:eb:4d:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: Mar 26 08:01:11 2026 GMT
            Not After : Mar 27 08:01:11 2026 GMT
        Subject: CN=d247c78693f1422427609dda1fdd9596944565fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ae:8a:c4:c2:d1:70:89:12:e9:a5:8d:59:d6:
                    f8:ef:65:cf:15:7a:4f:f4:b4:7e:d4:9f:11:cb:88:
                    c1:c4:93:18:26:8f:87:53:b8:46:7f:4d:c9:f0:f0:
                    3c:2a:c8:5d:d7:82:20:a7:93:3d:c4:d1:c5:bc:9c:
                    58:e7:89:43:88:83:6f:2b:69:6a:51:70:60:a2:8d:
                    4f:33:62:ab:ea:b9:7d:fe:8c:8e:5d:b5:3e:19:89:
                    37:cd:93:a2:41:bd:bd:7e:1c:15:34:2e:90:c0:fb:
                    82:e6:a3:81:64:98:97:72:5f:4d:a3:36:72:9f:7e:
                    05:2f:8f:7a:04:52:f7:90:ff:c0:d1:09:4b:d6:3e:
                    f9:62:ae:a4:7f:6d:a0:4f:ca:bd:63:26:25:43:1b:
                    62:6d:bf:e4:c9:e2:c2:67:16:0b:39:7e:0d:7a:9e:
                    b6:83:a0:93:2e:fe:c5:85:be:bb:60:48:63:b4:ff:
                    6e:b2:9e:de:52:e2:6c:a3:6c:50:e4:00:c8:81:01:
                    43:4b:55:05:13:8f:7a:15:5a:b6:19:53:3e:ce:bc:
                    b2:50:a3:08:7c:21:b4:6a:95:06:83:0e:ce:65:9c:
                    5e:61:e4:05:8c:ef:aa:a5:04:c0:17:e6:08:3e:73:
                    3e:d7:d7:70:fe:cb:b0:5d:5d:a8:27:39:74:36:d1:
                    d6:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:47:C7:86:93:F1:42:24:27:60:9D:DA:1F:DD:95:96:94:45:65:FB
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:b7:e1:2e:f7:22:be:66:16:a0:d8:07:f3:36:ed:4e:de:12:
         c2:80:45:41:30:a2:fd:28:1e:50:f5:04:b3:2a:31:9c:93:59:
         54:6d:de:67:70:b4:f1:a2:af:27:12:d1:25:42:09:d3:5b:6f:
         aa:0d:fd:72:32:a7:ad:f5:73:d8:1f:a4:12:19:da:dc:22:3b:
         a6:0e:5b:4a:e1:ad:a7:94:97:68:85:41:99:04:04:7f:4d:73:
         6e:c6:6b:49:ef:7a:ac:f6:e9:d0:5d:95:7c:b4:1a:9a:d2:99:
         2f:e2:ac:5d:8a:8b:9d:9f:09:4a:ce:54:6d:78:67:70:bc:b6:
         85:80:12:a7:38:f6:04:6f:d7:7f:a0:0e:b4:7a:20:a0:1a:5a:
         3c:3c:6a:46:ed:7d:fe:63:92:27:7e:be:de:42:74:65:e5:71:
         d7:04:02:73:d6:09:8d:ae:a5:56:e0:a2:44:2e:fe:e5:b6:18:
         c7:64:0c:62:16:68:71:ad:51:06:42:76:40:9f:b8:46:69:eb:
         6e:8a:fb:49:b5:01:68:5b:82:d4:dd:ee:0a:10:86:b3:93:fb:
         cf:fb:0f:05:b2:5f:22:cc:50:ba:90:a7:78:48:cd:ff:79:e1:
         d0:67:96:24:e7:78:1e:e0:18:ce:82:40:95:72:fb:fb:65:95:
         55:64:64:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKWLOscsy+RYhFciA601LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjYwMzI2MDgwMTExWhcNMjYwMzI3MDgwMTExWjAzMTEwLwYDVQQD
EyhkMjQ3Yzc4NjkzZjE0MjI0Mjc2MDlkZGExZmRkOTU5Njk0NDU2NWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK6KxMLRcIkS6aWNWdb472XPFXpP
9LR+1J8Ry4jBxJMYJo+HU7hGf03J8PA8Kshd14Igp5M9xNHFvJxY54lDiINvK2lq
UXBgoo1PM2Kr6rl9/oyOXbU+GYk3zZOiQb29fhwVNC6QwPuC5qOBZJiXcl9NozZy
n34FL496BFL3kP/A0QlL1j75Yq6kf22gT8q9YyYlQxtibb/kyeLCZxYLOX4Nep62
g6CTLv7Fhb67YEhjtP9usp7eUuJso2xQ5ADIgQFDS1UFE496FVq2GVM+zryyUKMI
fCG0apUGgw7OZZxeYeQFjO+qpQTAF+YIPnM+19dw/suwXV2oJzl0NtHW6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJHx4aT8UIkJ2Cd2h/dlZaURWX7MB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR7fhLvci
vmYWoNgH8zbtTt4SwoBFQTCi/SgeUPUEsyoxnJNZVG3eZ3C08aKvJxLRJUIJ01tv
qg39cjKnrfVz2B+kEhna3CI7pg5bSuGtp5SXaIVBmQQEf01zbsZrSe96rPbp0F2V
fLQamtKZL+KsXYqLnZ8JSs5UbXhncLy2hYASpzj2BG/Xf6AOtHogoBpaPDxqRu19
/mOSJ36+3kJ0ZeVx1wQCc9YJja6lVuCiRC7+5bYYx2QMYhZoca1RBkJ2QJ+4Rmnr
bor7SbUBaFuC1N3uChCGs5P7z/sPBbJfIsxQupCneEjN/3nh0GeWJOd4HuAYzoJA
lXL7+2WVVWRktQ==
-----END CERTIFICATE-----