Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File:                     HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier:          mdEzhOgYx+tfNOSTKnFQkUTPAq+i7oPDRuUmWaM+RQQ=
Subject key identifier:   11:6B:8F:35:C8:37:56:08:9C:6A:CA:F9:A7:EA:4A:A3:31:F0:1F:B7
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer:       /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial:       019D9C2CA456DBF106E1A824D978A64BA693
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number:          0A82
Signing time:             Fri 17 Apr 2026 16:01:04 +0000
Manifest this update:     Fri 17 Apr 2026 16:01:04 +0000
Manifest next update:     Sat 18 Apr 2026 16:01:04 +0000
Files and hashes:         1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: 04zrZiBOnpp7TJW29ZIAYKWuR3oCePKX/zZKsCA8YEM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:2c:a4:56:db:f1:06:e1:a8:24:d9:78:a6:4b:a6:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
        Validity
            Not Before: Apr 17 16:01:04 2026 GMT
            Not After : Apr 18 16:01:04 2026 GMT
        Subject: CN=116b8f35c83756089c6acaf9a7ea4aa331f01fb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:89:05:c2:db:50:6d:9b:ac:9f:63:d1:4b:36:
                    ef:75:ec:f1:20:50:f8:dc:7e:4f:9f:5b:14:95:af:
                    50:d0:c1:4d:4a:47:a3:59:5c:a7:f5:be:b0:ff:0d:
                    68:6c:bc:43:d9:1c:ca:9e:16:e0:18:93:14:b3:b0:
                    df:82:a3:57:0c:6e:e0:85:90:ee:7a:18:e6:d9:ca:
                    2d:e8:f2:f4:22:8b:3f:9f:73:4c:7c:2f:c0:3a:ba:
                    e1:50:e7:8a:70:88:b8:90:f6:5b:f2:f6:33:e7:0b:
                    c7:bf:0e:49:47:73:01:ff:2c:26:6b:46:6e:c8:02:
                    23:48:b7:72:fc:63:5c:c3:3f:0a:21:b9:9d:dd:c7:
                    ec:33:39:e6:ad:ec:82:db:d0:52:1e:34:6d:5c:78:
                    58:0f:21:4a:ec:ee:63:d1:aa:1e:55:91:ca:a2:1b:
                    27:56:f9:e7:3b:e9:96:16:f7:37:de:a4:98:4c:d1:
                    b5:20:4a:36:13:6f:42:de:5a:76:e5:93:00:1f:50:
                    7e:96:dd:14:7d:fd:57:90:cd:87:e3:ba:49:0b:cb:
                    73:00:47:41:77:b8:2f:46:c5:60:0b:bc:65:04:8b:
                    5b:e9:42:4a:b5:0f:2d:2c:ac:29:1b:71:80:b2:97:
                    d4:de:76:c3:79:dc:ef:f6:8d:10:46:e2:30:fc:b7:
                    d1:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:6B:8F:35:C8:37:56:08:9C:6A:CA:F9:A7:EA:4A:A3:31:F0:1F:B7
            X509v3 Authority Key Identifier:
                keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:43:63:37:c3:e6:a3:b9:18:d1:2b:c6:94:0a:0e:19:12:e2:
         17:31:1f:67:bd:a5:4c:54:20:03:8c:84:7a:ff:ae:d3:f1:d9:
         95:90:28:58:e6:c7:07:a3:88:91:36:3a:5d:ad:95:cd:c1:a1:
         8e:da:8c:ea:fc:50:1d:ce:93:9e:92:69:a1:7a:85:1c:fd:ed:
         90:d2:2f:01:4d:b3:68:7d:9d:04:72:71:f3:22:5a:b0:b5:6b:
         5a:24:b1:21:4f:8f:7b:42:81:59:20:52:8b:ad:63:7f:0c:72:
         4a:0b:ce:84:a5:29:e0:d5:1e:a5:41:7d:90:ed:20:c6:0c:05:
         90:03:38:74:ad:39:2a:52:98:48:c0:c3:40:5b:8c:59:f6:35:
         18:2a:cb:28:17:d7:14:a2:ee:97:51:f6:39:13:3f:15:b9:29:
         92:1a:94:51:4f:2a:43:fe:26:c3:46:2e:5f:9a:8a:05:b2:55:
         e9:85:82:e2:71:4c:8d:ea:05:21:93:32:b0:e1:da:a4:f4:eb:
         af:47:d2:0b:3e:05:c6:43:53:d3:c4:50:68:df:a4:b3:dd:3c:
         d2:22:13:43:0d:fc:37:c5:0f:57:00:87:01:12:37:8a:5a:c4:
         1e:c2:a0:aa:c3:77:08:a1:38:0b:ed:3f:cd:90:c7:1a:b3:ce:
         cd:cd:c7:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLKRW2/EG4agk2XimS6aTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjYwNDE3MTYwMTA0WhcNMjYwNDE4MTYwMTA0WjAzMTEwLwYDVQQD
EygxMTZiOGYzNWM4Mzc1NjA4OWM2YWNhZjlhN2VhNGFhMzMxZjAxZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IkFwttQbZusn2PRSzbvdezxIFD4
3H5Pn1sUla9Q0MFNSkejWVyn9b6w/w1obLxD2RzKnhbgGJMUs7DfgqNXDG7ghZDu
ehjm2cot6PL0Ios/n3NMfC/AOrrhUOeKcIi4kPZb8vYz5wvHvw5JR3MB/ywma0Zu
yAIjSLdy/GNcwz8KIbmd3cfsMznmreyC29BSHjRtXHhYDyFK7O5j0aoeVZHKohsn
VvnnO+mWFvc33qSYTNG1IEo2E29C3lp25ZMAH1B+lt0Uff1XkM2H47pJC8tzAEdB
d7gvRsVgC7xlBItb6UJKtQ8tLKwpG3GAspfU3nbDedzv9o0QRuIw/LfRrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBFrjzXIN1YInGrK+afqSqMx8B+3MB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAukNjN8Pm
o7kY0SvGlAoOGRLiFzEfZ72lTFQgA4yEev+u0/HZlZAoWObHB6OIkTY6Xa2VzcGh
jtqM6vxQHc6TnpJpoXqFHP3tkNIvAU2zaH2dBHJx8yJasLVrWiSxIU+Pe0KBWSBS
i61jfwxySgvOhKUp4NUepUF9kO0gxgwFkAM4dK05KlKYSMDDQFuMWfY1GCrLKBfX
FKLul1H2ORM/FbkpkhqUUU8qQ/4mw0YuX5qKBbJV6YWC4nFMjeoFIZMysOHapPTr
r0fSCz4FxkNT08RQaN+ks9080iITQw38N8UPVwCHARI3ilrEHsKgqsN3CKE4C+0/
zZDHGrPOzc3H0w==
-----END CERTIFICATE-----