Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
File:                     hDGpmcvwQL00DSk12JlhtS8EpEU.mft (raw, json)
Hash identifier:          SB738Z9vm3GlV1NbrIleQyBlv3XqNbvjblEQOUsA4eA=
Subject key identifier:   65:A8:85:06:DB:B3:8D:87:93:62:FE:12:B3:29:E4:F9:EF:41:69:7C
Authority key identifier: 84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45
Certificate issuer:       /CN=8431a999cbf040bd340d2935d89961b52f04a445
Certificate serial:       019CAB6B12EB1125E522C27C6D87A598A8C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
Manifest number:          0B78
Signing time:             Sun 01 Mar 2026 22:00:46 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:46 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:46 +0000
Files and hashes:         1: hDGpmcvwQL00DSk12JlhtS8EpEU.crl (hash: t0Rq0oRvvEqeSiXY3XRcqjF2gB345BLuethSKm/9dEg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:12:eb:11:25:e5:22:c2:7c:6d:87:a5:98:a8:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8431a999cbf040bd340d2935d89961b52f04a445
        Validity
            Not Before: Mar  1 22:00:46 2026 GMT
            Not After : Mar  2 22:00:46 2026 GMT
        Subject: CN=65a88506dbb38d879362fe12b329e4f9ef41697c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:54:7f:85:67:9c:d6:43:cd:a0:36:ee:60:bc:
                    ca:38:5e:95:15:ff:2a:d0:51:60:58:4a:47:db:d8:
                    5f:17:00:79:53:68:28:bb:a2:dc:db:30:3c:be:60:
                    b7:3a:4d:30:0e:c2:ea:58:98:51:23:5a:bf:54:82:
                    8d:08:ee:ca:48:92:f1:3e:56:73:29:15:ba:0b:33:
                    4d:dd:76:72:6a:63:11:7e:ef:5f:39:6a:0c:89:52:
                    c1:96:63:cb:76:c7:6c:b0:38:22:76:af:38:3a:48:
                    d2:1c:1b:b3:bf:7e:9b:b1:8d:83:cc:5a:10:f6:4b:
                    45:b1:85:b9:13:9b:c4:54:a6:33:b6:33:7d:87:45:
                    a6:dd:9c:bf:2d:28:24:31:0d:01:9d:2b:10:8e:1b:
                    62:6b:c5:69:6a:7d:4b:bb:fc:51:08:7b:f3:fc:9f:
                    23:0b:b1:0d:d6:0c:7f:da:50:f8:a2:ea:7e:52:81:
                    22:e1:07:04:f5:ca:ed:f6:05:33:37:2d:28:a3:ff:
                    69:7d:71:87:ee:a8:f8:46:92:3c:07:34:92:2d:6e:
                    13:0a:b1:55:a9:43:23:c6:b7:32:23:94:bb:00:ac:
                    3f:f1:48:5d:4f:e1:7e:ad:da:fc:27:e4:94:8b:92:
                    71:22:e6:4a:42:71:be:ae:19:a3:7f:89:86:42:71:
                    19:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:A8:85:06:DB:B3:8D:87:93:62:FE:12:B3:29:E4:F9:EF:41:69:7C
            X509v3 Authority Key Identifier:
                keyid:84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:2c:49:31:b9:e2:b3:5c:7e:84:a7:16:43:82:40:77:f9:d4:
         98:fd:a1:00:f0:41:11:70:80:35:90:27:28:49:8c:15:49:54:
         a6:51:cf:7b:e6:b6:a2:4d:02:ea:f4:d2:66:e9:47:a3:20:87:
         bd:ce:73:a6:c8:5b:a8:01:61:85:e5:c8:7f:a7:7a:c3:85:82:
         b2:f2:9b:ed:dd:9a:63:d2:8b:35:75:02:8c:2d:0d:e0:7a:9c:
         09:b2:22:d8:e0:34:73:c1:bb:b9:7f:4e:1d:8a:89:3c:b4:f4:
         f5:d1:ef:fd:29:63:fa:7d:95:8f:5c:f0:8e:de:15:dd:d4:05:
         3d:82:f8:63:9e:8a:14:16:a8:a3:cc:0b:ea:19:a2:86:01:e3:
         67:55:09:4f:23:58:78:de:40:c5:4a:e2:95:02:d3:3e:69:36:
         d9:cb:68:b5:85:18:5a:71:ae:e3:7d:8a:e6:bd:43:7b:37:81:
         a2:56:ff:70:12:63:25:a3:12:d7:1f:31:45:d0:ee:f0:0f:02:
         19:ad:61:04:a5:b8:a2:9a:35:9e:6d:c4:dd:a2:fb:b5:39:d8:
         86:04:f6:c8:16:fa:d3:a0:ac:c3:e0:fe:95:54:7e:17:e7:ae:
         95:d1:1e:c3:f9:4f:74:e7:09:77:7b:c2:f5:15:44:59:13:5e:
         4d:2e:5b:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraxLrESXlIsJ8bYelmKjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MzFhOTk5Y2JmMDQwYmQzNDBkMjkzNWQ4OTk2MWI1MmYw
NGE0NDUwHhcNMjYwMzAxMjIwMDQ2WhcNMjYwMzAyMjIwMDQ2WjAzMTEwLwYDVQQD
Eyg2NWE4ODUwNmRiYjM4ZDg3OTM2MmZlMTJiMzI5ZTRmOWVmNDE2OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVR/hWec1kPNoDbuYLzKOF6VFf8q
0FFgWEpH29hfFwB5U2gou6Lc2zA8vmC3Ok0wDsLqWJhRI1q/VIKNCO7KSJLxPlZz
KRW6CzNN3XZyamMRfu9fOWoMiVLBlmPLdsdssDgidq84OkjSHBuzv36bsY2DzFoQ
9ktFsYW5E5vEVKYztjN9h0Wm3Zy/LSgkMQ0BnSsQjhtia8Vpan1Lu/xRCHvz/J8j
C7EN1gx/2lD4oup+UoEi4QcE9crt9gUzNy0oo/9pfXGH7qj4RpI8BzSSLW4TCrFV
qUMjxrcyI5S7AKw/8UhdT+F+rdr8J+SUi5JxIuZKQnG+rhmjf4mGQnEZEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGWohQbbs42Hk2L+ErMp5PnvQWl8MB8GA1UdIwQY
MBaAFIQxqZnL8EC9NA0pNdiZYbUvBKRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYt
MTNkOWJhMjdlNTFmLzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYtMTNkOWJhMjdlNTFm
LzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAASxJMbni
s1x+hKcWQ4JAd/nUmP2hAPBBEXCANZAnKEmMFUlUplHPe+a2ok0C6vTSZulHoyCH
vc5zpshbqAFhheXIf6d6w4WCsvKb7d2aY9KLNXUCjC0N4HqcCbIi2OA0c8G7uX9O
HYqJPLT09dHv/Slj+n2Vj1zwjt4V3dQFPYL4Y56KFBaoo8wL6hmihgHjZ1UJTyNY
eN5AxUrilQLTPmk22ctotYUYWnGu432K5r1DezeBolb/cBJjJaMS1x8xRdDu8A8C
Ga1hBKW4opo1nm3E3aL7tTnYhgT2yBb606Csw+D+lVR+F+euldEew/lPdOcJd3vC
9RVEWRNeTS5bCQ==
-----END CERTIFICATE-----