Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          Rh/G6mqhDYWvFEbGjIYJCxAjd4nADuuvHmgOoVrywXA=
Subject key identifier:   73:87:7E:7E:5C:3C:3D:71:7A:2D:64:25:5A:F1:68:5A:0F:B2:F9:D4
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       019D9AABD87C308E799B0ED699DB481EA127
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          0B12
Signing time:             Fri 17 Apr 2026 09:00:46 +0000
Manifest this update:     Fri 17 Apr 2026 09:00:46 +0000
Manifest next update:     Sat 18 Apr 2026 09:00:46 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: 7pu9bS+gPEH7Gp4Or4sRot4VIz7HJeYE/G8md9MC2HY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:ab:d8:7c:30:8e:79:9b:0e:d6:99:db:48:1e:a1:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Apr 17 09:00:46 2026 GMT
            Not After : Apr 18 09:00:46 2026 GMT
        Subject: CN=73877e7e5c3c3d717a2d64255af1685a0fb2f9d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:5f:a3:d2:e7:42:50:36:22:df:65:c3:24:5a:
                    f9:0e:bf:87:24:e0:9a:73:82:b6:9a:3e:82:0d:c7:
                    f8:07:6f:e6:a5:87:a1:18:35:c0:19:32:56:78:a0:
                    27:f1:52:24:17:e3:06:05:8c:46:03:36:ad:71:60:
                    64:79:43:e2:25:b1:a9:dd:ce:61:b1:96:27:10:f8:
                    8e:eb:a8:67:e7:c3:3d:04:20:f4:be:4e:42:1c:7e:
                    eb:ee:34:89:3c:5a:f5:27:13:97:03:ca:0d:a8:06:
                    3c:8d:04:20:27:db:2a:40:db:50:5f:9c:d3:7a:be:
                    57:a8:53:29:9a:5b:db:0c:57:a1:16:32:d6:20:77:
                    6d:fe:c1:4b:e2:2a:91:65:c0:ba:4b:16:7e:64:63:
                    62:39:ae:81:46:9d:0a:6c:46:e6:a9:a7:1e:94:c2:
                    e6:50:f5:b9:31:1d:dd:9c:1f:c4:5f:4e:38:65:64:
                    96:40:ce:8a:e7:6c:e9:3e:74:f8:e8:ef:4f:63:10:
                    32:f5:ad:a3:26:2e:80:b6:4a:c8:36:c2:de:43:32:
                    70:69:ce:1c:bc:20:1d:6f:b6:17:63:fe:c4:83:30:
                    7f:de:f2:9b:b5:86:18:de:63:0d:04:c2:e7:95:66:
                    ab:fd:28:61:96:21:52:fd:fc:bc:a1:ea:77:57:9f:
                    d8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:87:7E:7E:5C:3C:3D:71:7A:2D:64:25:5A:F1:68:5A:0F:B2:F9:D4
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:e4:cd:57:6d:d1:75:7c:39:5b:e8:b6:91:b2:8b:12:11:09:
         18:32:62:a4:5d:88:18:b0:c1:b2:0b:cc:e1:85:c3:75:b6:b0:
         5f:d3:7c:fd:24:0e:cf:a4:41:8f:11:c1:40:69:87:bb:96:a2:
         54:55:50:bc:95:ae:cb:6c:f7:fb:5d:3f:4d:0d:1e:6a:0d:4c:
         ab:30:84:b4:b4:bb:bc:75:82:c0:2f:be:f5:17:ba:84:f8:fa:
         80:c2:eb:54:0d:f2:f2:4a:c9:31:e2:2d:d0:15:0d:1b:3c:8a:
         57:e4:4c:5d:02:72:a5:6b:12:20:78:6e:74:27:0d:b4:61:1f:
         95:f8:5f:50:41:0b:2f:5e:22:f9:9a:22:ba:4d:7c:e7:9d:50:
         93:19:21:ed:e1:33:fe:ac:93:57:10:2e:b7:06:bf:68:12:22:
         19:cc:77:5d:44:c5:22:d3:76:f2:09:1a:f8:18:9d:aa:fb:c3:
         b6:77:cd:df:ba:1c:e1:ff:bb:fc:f3:61:91:94:c0:3c:34:d5:
         9e:29:20:85:64:20:d9:8a:f5:fe:85:5f:c7:11:51:95:c2:cf:
         c3:e0:c4:5b:c4:cf:ee:0b:f5:50:97:1a:51:91:e5:13:2e:f0:
         f5:79:57:04:18:52:55:7b:c6:3e:76:73:43:80:73:fd:9b:25:
         65:09:f7:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aq9h8MI55mw7WmdtIHqEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjYwNDE3MDkwMDQ2WhcNMjYwNDE4MDkwMDQ2WjAzMTEwLwYDVQQD
Eyg3Mzg3N2U3ZTVjM2MzZDcxN2EyZDY0MjU1YWYxNjg1YTBmYjJmOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF+j0udCUDYi32XDJFr5Dr+HJOCa
c4K2mj6CDcf4B2/mpYehGDXAGTJWeKAn8VIkF+MGBYxGAzatcWBkeUPiJbGp3c5h
sZYnEPiO66hn58M9BCD0vk5CHH7r7jSJPFr1JxOXA8oNqAY8jQQgJ9sqQNtQX5zT
er5XqFMpmlvbDFehFjLWIHdt/sFL4iqRZcC6SxZ+ZGNiOa6BRp0KbEbmqacelMLm
UPW5MR3dnB/EX044ZWSWQM6K52zpPnT46O9PYxAy9a2jJi6AtkrINsLeQzJwac4c
vCAdb7YXY/7EgzB/3vKbtYYY3mMNBMLnlWar/ShhliFS/fy8oep3V5/Y3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOHfn5cPD1xei1kJVrxaFoPsvnUMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiOTNV23R
dXw5W+i2kbKLEhEJGDJipF2IGLDBsgvM4YXDdbawX9N8/SQOz6RBjxHBQGmHu5ai
VFVQvJWuy2z3+10/TQ0eag1MqzCEtLS7vHWCwC++9Re6hPj6gMLrVA3y8krJMeIt
0BUNGzyKV+RMXQJypWsSIHhudCcNtGEflfhfUEELL14i+Zoiuk18551Qkxkh7eEz
/qyTVxAutwa/aBIiGcx3XUTFItN28gka+BidqvvDtnfN37oc4f+7/PNhkZTAPDTV
nikghWQg2Yr1/oVfxxFRlcLPw+DEW8TP7gv1UJcaUZHlEy7w9XlXBBhSVXvGPnZz
Q4Bz/ZslZQn3Gg==
-----END CERTIFICATE-----