Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
File:                     gz8MJRPUNTtAzvg5F57r-HOCRcY.mft (raw, json)
Hash identifier:          2NGuCfYkQi4DdBWAAw5R7xj7Zh/Qbpgt7Ui58ehmBAA=
Subject key identifier:   7A:C6:0B:51:61:6E:B6:41:3A:8D:51:72:6B:4C:46:29:0B:C6:D1:E9
Authority key identifier: 83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6
Certificate issuer:       /CN=833f0c2513d4353b40cef839179eebf8738245c6
Certificate serial:       019D27047B4E34087B250F33C7CEF564ADC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
Manifest number:          135A
Signing time:             Wed 25 Mar 2026 22:01:38 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:38 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:38 +0000
Files and hashes:         1: gz8MJRPUNTtAzvg5F57r-HOCRcY.crl (hash: VZ0nx86LKLSqiSaPxiLoeyh8UscovRkn+FH+AzEQdiI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:7b:4e:34:08:7b:25:0f:33:c7:ce:f5:64:ad:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833f0c2513d4353b40cef839179eebf8738245c6
        Validity
            Not Before: Mar 25 22:01:38 2026 GMT
            Not After : Mar 26 22:01:38 2026 GMT
        Subject: CN=7ac60b51616eb6413a8d51726b4c46290bc6d1e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a8:1e:9c:d7:d7:ea:2e:fc:12:1c:59:1a:58:
                    7c:2f:8e:27:62:c1:2d:5c:79:c8:73:97:0a:e2:79:
                    47:36:4c:6d:92:43:02:5b:08:16:b7:c1:e2:ab:95:
                    06:14:cb:77:4a:74:42:b4:48:39:da:d2:59:b4:55:
                    2d:15:2f:12:30:0d:58:0f:07:ea:46:f8:4f:c5:2a:
                    91:cc:f5:43:ba:ae:6c:3f:0e:f0:1a:56:a9:09:f1:
                    96:e3:eb:c3:5f:46:f0:1e:e6:2f:e0:aa:b4:e7:78:
                    59:5a:b9:6a:ff:9f:24:f6:1b:2c:53:93:db:42:11:
                    6a:55:f3:f2:78:5a:74:a4:06:16:f4:81:90:20:ca:
                    5e:00:75:c1:c8:22:9c:b7:ff:87:57:5c:9f:7c:37:
                    73:28:dd:26:5c:08:32:a8:35:52:e5:c8:a9:b9:2c:
                    2b:51:45:cb:a2:85:b9:dd:7e:99:f1:01:cc:12:e4:
                    d3:13:c9:43:73:b4:90:b1:7f:68:9b:91:a2:d5:86:
                    2f:35:c9:5d:ac:ea:11:c3:32:11:6a:85:03:5e:b8:
                    a8:67:50:7d:86:df:aa:1f:bd:f3:fd:1b:e6:49:96:
                    59:3b:d3:c3:fc:c7:53:17:58:59:e9:ed:3f:99:93:
                    7f:b4:da:22:be:08:9a:89:6a:65:aa:00:3d:31:50:
                    30:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:C6:0B:51:61:6E:B6:41:3A:8D:51:72:6B:4C:46:29:0B:C6:D1:E9
            X509v3 Authority Key Identifier:
                keyid:83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:8c:9b:3b:9f:9d:a6:d5:f4:6b:61:d2:69:3a:5c:51:b3:64:
         41:bd:b4:38:07:dd:7d:f6:d0:8f:04:43:42:0d:d2:f0:3f:af:
         ff:19:1e:71:2a:38:a3:92:4f:ad:f6:e1:1d:7d:b8:2d:b7:41:
         2c:f3:cd:d7:3e:72:98:bd:9d:b7:93:30:a1:0a:49:a3:5a:16:
         26:26:ed:49:96:93:02:d5:0f:07:55:d1:73:f2:9a:d0:1a:d1:
         6d:97:47:0d:2b:9d:b8:d3:a1:19:73:0e:37:ef:5f:09:77:04:
         57:85:1b:d3:fa:5c:42:ef:9e:63:d3:7e:05:5d:9f:04:9d:4f:
         b5:74:b5:9f:a6:32:cd:09:b1:3e:37:3f:df:05:3e:d3:99:fb:
         85:cc:66:28:a8:77:a9:53:be:58:73:ed:3f:27:ce:d0:21:20:
         19:f6:90:47:15:4d:53:9f:e6:53:57:fa:c5:cf:6a:eb:7e:44:
         78:97:f5:cf:20:b4:ec:26:79:d1:80:c1:4c:95:d0:5e:88:04:
         97:a7:fa:15:e9:fb:ac:e7:be:0e:0a:9c:5e:5e:3e:66:49:6f:
         8d:40:7a:31:c9:cf:ae:b3:c7:d9:97:9d:e8:73:82:63:95:ec:
         25:31:d8:bd:54:05:a7:68:08:b6:49:3a:4b:19:f7:fc:23:da:
         28:4e:52:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBHtONAh7JQ8zx871ZK3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2YwYzI1MTNkNDM1M2I0MGNlZjgzOTE3OWVlYmY4NzM4
MjQ1YzYwHhcNMjYwMzI1MjIwMTM4WhcNMjYwMzI2MjIwMTM4WjAzMTEwLwYDVQQD
Eyg3YWM2MGI1MTYxNmViNjQxM2E4ZDUxNzI2YjRjNDYyOTBiYzZkMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvagenNfX6i78EhxZGlh8L44nYsEt
XHnIc5cK4nlHNkxtkkMCWwgWt8Hiq5UGFMt3SnRCtEg52tJZtFUtFS8SMA1YDwfq
RvhPxSqRzPVDuq5sPw7wGlapCfGW4+vDX0bwHuYv4Kq053hZWrlq/58k9hssU5Pb
QhFqVfPyeFp0pAYW9IGQIMpeAHXByCKct/+HV1yffDdzKN0mXAgyqDVS5cipuSwr
UUXLooW53X6Z8QHMEuTTE8lDc7SQsX9om5Gi1YYvNcldrOoRwzIRaoUDXrioZ1B9
ht+qH73z/RvmSZZZO9PD/MdTF1hZ6e0/mZN/tNoivgiaiWplqgA9MVAwKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrGC1FhbrZBOo1RcmtMRikLxtHpMB8GA1UdIwQY
MBaAFIM/DCUT1DU7QM74ORee6/hzgkXGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEt
ZWQwN2VjZjJkYzM2LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEtZWQwN2VjZjJkYzM2
LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdIybO5+d
ptX0a2HSaTpcUbNkQb20OAfdffbQjwRDQg3S8D+v/xkecSo4o5JPrfbhHX24LbdB
LPPN1z5ymL2dt5MwoQpJo1oWJibtSZaTAtUPB1XRc/Ka0BrRbZdHDSuduNOhGXMO
N+9fCXcEV4Ub0/pcQu+eY9N+BV2fBJ1PtXS1n6YyzQmxPjc/3wU+05n7hcxmKKh3
qVO+WHPtPyfO0CEgGfaQRxVNU5/mU1f6xc9q635EeJf1zyC07CZ50YDBTJXQXogE
l6f6Fen7rOe+DgqcXl4+ZklvjUB6McnPrrPH2Zed6HOCY5XsJTHYvVQFp2gItkk6
Sxn3/CPaKE5SDA==
-----END CERTIFICATE-----