Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
File:                     hDGpmcvwQL00DSk12JlhtS8EpEU.mft (raw, json)
Hash identifier:          h3PhnI40cz8eB/WM3qvp3ji+OQL/zZ/hsiSehtIfwE4=
Subject key identifier:   54:A4:EE:71:C7:D0:B6:85:38:74:6D:AB:A6:0D:5D:56:CB:65:AB:CE
Authority key identifier: 84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45
Certificate issuer:       /CN=8431a999cbf040bd340d2935d89961b52f04a445
Certificate serial:       019D98F527C714085321C523650A18053AE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
Manifest number:          0BF3
Signing time:             Fri 17 Apr 2026 01:01:36 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:36 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:36 +0000
Files and hashes:         1: hDGpmcvwQL00DSk12JlhtS8EpEU.crl (hash: nlPz7EB6BfaPaqduQbi20LPDdDuOUk/xupqq8y+eGQY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:27:c7:14:08:53:21:c5:23:65:0a:18:05:3a:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8431a999cbf040bd340d2935d89961b52f04a445
        Validity
            Not Before: Apr 17 01:01:36 2026 GMT
            Not After : Apr 18 01:01:36 2026 GMT
        Subject: CN=54a4ee71c7d0b68538746daba60d5d56cb65abce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:8c:8a:86:ee:17:9b:c4:de:6f:87:49:82:21:
                    f5:61:41:82:37:65:3a:6a:75:32:72:3a:48:02:c6:
                    f2:c1:90:8c:e8:75:04:d8:f1:90:d4:5d:77:a4:ae:
                    75:26:ce:77:21:b7:b0:cf:6f:94:d4:55:a1:3b:8b:
                    d9:11:c4:0d:27:ae:01:13:bd:7b:c7:52:99:13:e2:
                    c1:7c:8f:84:0e:66:a1:ca:0c:01:a9:0b:9a:65:8e:
                    3d:b1:ff:c3:37:cb:ec:ba:c1:05:9b:bd:48:91:24:
                    37:1c:39:22:73:07:19:11:4a:c8:a2:cf:94:36:c5:
                    78:cc:aa:d4:45:69:c8:26:69:2d:3e:62:d2:9e:41:
                    85:a4:5c:d4:95:c5:e7:a6:b8:4c:6f:bf:d7:3f:cb:
                    c2:44:7b:37:08:47:0b:1e:21:7b:c8:74:bc:9f:9f:
                    38:8d:4d:29:76:d0:5f:e1:fa:1a:00:b5:a9:19:f2:
                    94:9a:ba:d0:ea:3a:7e:36:52:b0:4c:18:d6:77:39:
                    06:55:09:72:b2:c3:07:c3:b7:59:5e:92:63:f3:e5:
                    39:fe:58:8c:be:58:87:52:b3:7c:f7:78:14:50:9d:
                    10:8d:9f:9f:46:6c:d5:d8:89:56:3a:59:b7:9c:a8:
                    b7:e0:98:58:69:b2:27:a7:ec:7d:17:db:29:37:38:
                    7b:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:A4:EE:71:C7:D0:B6:85:38:74:6D:AB:A6:0D:5D:56:CB:65:AB:CE
            X509v3 Authority Key Identifier:
                keyid:84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:d1:2c:91:f7:66:49:86:d6:4b:0f:de:32:13:ed:39:f7:e3:
         1b:d8:33:de:a3:dc:28:bb:82:42:36:f5:d6:2b:fc:ea:5f:3c:
         17:b1:a0:59:05:34:c7:a4:d5:d2:a2:fe:12:69:a3:b4:62:41:
         60:de:f4:d4:1b:4f:f1:53:47:e1:45:03:bd:c9:30:b2:95:98:
         88:d7:22:a4:a3:ea:44:35:ff:21:68:22:ce:15:dd:ce:c9:f4:
         23:e9:db:cb:91:d3:f3:8b:e8:55:e4:08:d5:1c:9a:7d:49:ee:
         be:33:83:93:d4:57:73:90:a6:aa:24:8c:5f:36:72:90:15:d3:
         01:9f:fa:e1:af:79:86:10:fb:18:57:15:c1:d0:b8:a0:9d:69:
         26:0a:49:33:d0:17:47:40:1a:0d:92:a7:aa:46:70:1c:f0:59:
         7e:e2:7a:e7:d1:09:c4:01:74:ea:bd:d9:14:13:2b:36:a3:78:
         82:f4:bd:64:f1:74:ac:3f:91:f6:ce:07:64:d4:e9:4a:e7:8d:
         e6:81:99:ff:c7:63:b2:1a:4d:dc:79:53:ab:99:21:b0:49:ca:
         0f:a4:52:3d:0c:bc:8a:c4:dc:71:ba:ab:5b:6d:ed:9e:97:cb:
         fc:e6:3b:da:88:86:78:b8:81:32:a2:cf:09:b0:4f:d9:bc:54:
         f8:58:40:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9SfHFAhTIcUjZQoYBTrgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MzFhOTk5Y2JmMDQwYmQzNDBkMjkzNWQ4OTk2MWI1MmYw
NGE0NDUwHhcNMjYwNDE3MDEwMTM2WhcNMjYwNDE4MDEwMTM2WjAzMTEwLwYDVQQD
Eyg1NGE0ZWU3MWM3ZDBiNjg1Mzg3NDZkYWJhNjBkNWQ1NmNiNjVhYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIyKhu4Xm8Teb4dJgiH1YUGCN2U6
anUycjpIAsbywZCM6HUE2PGQ1F13pK51Js53Ibewz2+U1FWhO4vZEcQNJ64BE717
x1KZE+LBfI+EDmahygwBqQuaZY49sf/DN8vsusEFm71IkSQ3HDkicwcZEUrIos+U
NsV4zKrURWnIJmktPmLSnkGFpFzUlcXnprhMb7/XP8vCRHs3CEcLHiF7yHS8n584
jU0pdtBf4foaALWpGfKUmrrQ6jp+NlKwTBjWdzkGVQlyssMHw7dZXpJj8+U5/liM
vliHUrN893gUUJ0QjZ+fRmzV2IlWOlm3nKi34JhYabInp+x9F9spNzh79QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSk7nHH0LaFOHRtq6YNXVbLZavOMB8GA1UdIwQY
MBaAFIQxqZnL8EC9NA0pNdiZYbUvBKRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYt
MTNkOWJhMjdlNTFmLzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYtMTNkOWJhMjdlNTFm
LzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD9Eskfdm
SYbWSw/eMhPtOffjG9gz3qPcKLuCQjb11iv86l88F7GgWQU0x6TV0qL+EmmjtGJB
YN701BtP8VNH4UUDvckwspWYiNcipKPqRDX/IWgizhXdzsn0I+nby5HT84voVeQI
1RyafUnuvjODk9RXc5CmqiSMXzZykBXTAZ/64a95hhD7GFcVwdC4oJ1pJgpJM9AX
R0AaDZKnqkZwHPBZfuJ659EJxAF06r3ZFBMrNqN4gvS9ZPF0rD+R9s4HZNTpSueN
5oGZ/8djshpN3HlTq5khsEnKD6RSPQy8isTccbqrW23tnpfL/OY72oiGeLiBMqLP
CbBP2bxU+FhAZQ==
-----END CERTIFICATE-----