Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          xYtCjdvyjeSbm2+4Kf+fYopUyV0Umo69oRLRSKEBOR8=
Subject key identifier:   EC:87:AD:1B:BD:9D:14:C8:8C:71:0F:DA:AD:3E:E9:EA:70:92:AB:CD
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       019CAB342C7174DC1FD57822EFC15CF6D551
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          0A96
Signing time:             Sun 01 Mar 2026 21:00:49 +0000
Manifest this update:     Sun 01 Mar 2026 21:00:49 +0000
Manifest next update:     Mon 02 Mar 2026 21:00:49 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: LrGBuFwQu46dks19yDr97mU2sG34zUJYMdeETE25VcU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:34:2c:71:74:dc:1f:d5:78:22:ef:c1:5c:f6:d5:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Mar  1 21:00:49 2026 GMT
            Not After : Mar  2 21:00:49 2026 GMT
        Subject: CN=ec87ad1bbd9d14c88c710fdaad3ee9ea7092abcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:93:b4:d2:07:5a:c2:ee:4f:dd:7f:d9:90:86:
                    8b:f9:9c:d6:c4:7b:24:53:c7:f2:9a:b2:28:07:5f:
                    05:41:cf:88:23:2b:9c:a7:16:b0:29:ec:31:e4:db:
                    ba:dd:f3:b5:b4:3c:a8:05:c5:60:84:bd:14:08:26:
                    eb:c1:58:48:86:7a:c3:90:25:4a:84:1a:ec:4f:7a:
                    e5:35:11:ce:05:33:dc:ac:96:88:5e:c0:97:88:be:
                    30:69:be:f3:84:b5:99:9d:f6:f7:0e:97:eb:65:2e:
                    cd:b8:45:9a:38:54:a5:fb:f0:5f:3b:e8:28:e2:c3:
                    c1:1a:b1:1b:9d:fd:32:92:13:38:d2:cb:57:92:e2:
                    70:b0:9b:5d:9c:af:58:71:18:fd:21:f6:b8:4b:a2:
                    ad:b5:1c:3b:b3:75:b8:55:9d:c0:19:2d:b3:96:c1:
                    17:af:ab:21:85:08:09:5a:84:b1:41:f7:f2:d0:85:
                    2f:9b:26:5e:83:9a:e5:5e:65:d6:b9:69:28:6b:a6:
                    6f:a0:1f:d9:23:8a:a3:00:b0:84:3b:97:a3:27:9a:
                    3a:4b:ce:dc:d9:9e:ed:ef:eb:98:cf:ff:b8:cf:53:
                    06:cc:20:20:39:9c:53:61:ed:5d:0b:ac:9a:64:4c:
                    bd:4f:7c:9d:ab:27:ec:49:ba:5b:16:fa:69:e2:e4:
                    d9:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:87:AD:1B:BD:9D:14:C8:8C:71:0F:DA:AD:3E:E9:EA:70:92:AB:CD
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:c2:93:56:8d:a5:e0:d4:43:c5:65:97:60:e8:0f:54:a1:9c:
         70:9e:8f:cb:4b:dd:44:28:a0:35:30:da:0b:62:ef:dc:6e:92:
         6e:0e:61:1f:95:12:77:74:b0:56:ee:be:b8:73:b9:1c:5a:65:
         26:a1:40:bb:cb:38:75:2c:25:45:c0:4f:b9:f3:6d:9e:92:61:
         01:21:21:70:57:58:97:51:79:f5:8b:93:87:11:e1:87:39:cc:
         65:a2:53:ea:01:1a:cd:b2:eb:c2:52:3e:84:06:d3:30:05:67:
         d1:86:6a:6b:b2:28:b1:22:7b:be:e6:2b:e0:99:78:4d:da:bf:
         1a:b6:84:27:34:b8:44:7c:98:ff:ad:83:16:37:06:19:fe:06:
         38:55:92:3a:d6:c2:91:ee:c2:8b:1c:41:c9:ce:45:92:e5:97:
         6c:a5:6a:53:6e:c2:6b:c5:36:86:8d:f6:45:b1:77:97:b3:9a:
         5c:e4:42:0d:85:c8:4e:c6:a7:47:ed:da:23:ad:9f:1c:b9:f2:
         2b:3a:e0:6d:77:de:80:ee:e2:ef:d2:4f:93:02:d4:b2:67:11:
         29:f4:a4:e5:63:2c:93:9e:29:f4:46:a0:c1:48:d6:5b:d8:89:
         e4:98:1d:ef:ac:55:39:f3:5b:47:4e:8f:2c:f5:92:a3:eb:5d:
         0b:56:82:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNCxxdNwf1Xgi78Fc9tVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjYwMzAxMjEwMDQ5WhcNMjYwMzAyMjEwMDQ5WjAzMTEwLwYDVQQD
EyhlYzg3YWQxYmJkOWQxNGM4OGM3MTBmZGFhZDNlZTllYTcwOTJhYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpO00gdawu5P3X/ZkIaL+ZzWxHsk
U8fymrIoB18FQc+IIyucpxawKewx5Nu63fO1tDyoBcVghL0UCCbrwVhIhnrDkCVK
hBrsT3rlNRHOBTPcrJaIXsCXiL4wab7zhLWZnfb3DpfrZS7NuEWaOFSl+/BfO+go
4sPBGrEbnf0ykhM40stXkuJwsJtdnK9YcRj9Ifa4S6KttRw7s3W4VZ3AGS2zlsEX
r6shhQgJWoSxQffy0IUvmyZeg5rlXmXWuWkoa6ZvoB/ZI4qjALCEO5ejJ5o6S87c
2Z7t7+uYz/+4z1MGzCAgOZxTYe1dC6yaZEy9T3ydqyfsSbpbFvpp4uTZlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyHrRu9nRTIjHEP2q0+6epwkqvNMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeMKTVo2l
4NRDxWWXYOgPVKGccJ6Py0vdRCigNTDaC2Lv3G6Sbg5hH5USd3SwVu6+uHO5HFpl
JqFAu8s4dSwlRcBPufNtnpJhASEhcFdYl1F59YuThxHhhznMZaJT6gEazbLrwlI+
hAbTMAVn0YZqa7IosSJ7vuYr4Jl4Tdq/GraEJzS4RHyY/62DFjcGGf4GOFWSOtbC
ke7CixxByc5FkuWXbKVqU27Ca8U2ho32RbF3l7OaXORCDYXITsanR+3aI62fHLny
KzrgbXfegO7i79JPkwLUsmcRKfSk5WMsk54p9EagwUjWW9iJ5Jgd76xVOfNbR06P
LPWSo+tdC1aC7g==
-----END CERTIFICATE-----