Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          fqZ6M9bn4YdRUXKFlDK7ds2Yb8gVkc2Qqydl1rq3xHY=
Subject key identifier:   25:F9:E3:B0:0C:F5:25:36:34:F9:AD:B2:7D:45:08:38:27:E1:EC:F5
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       019CA97C657BF1507581A3804FE289732F52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0D8F
Signing time:             Sun 01 Mar 2026 13:00:27 +0000
Manifest this update:     Sun 01 Mar 2026 13:00:27 +0000
Manifest next update:     Mon 02 Mar 2026 13:00:27 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: 9l9p0+kDxRSC6uMihbjT2VwJZyFcs41Bo0Dbv+GZGPk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7c:65:7b:f1:50:75:81:a3:80:4f:e2:89:73:2f:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Mar  1 13:00:27 2026 GMT
            Not After : Mar  2 13:00:27 2026 GMT
        Subject: CN=25f9e3b00cf5253634f9adb27d45083827e1ecf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:80:91:b7:2b:bf:64:ed:45:8c:b9:44:97:67:
                    5e:53:92:9c:a9:1a:b6:7b:d5:41:90:be:65:d2:d7:
                    d7:ce:41:59:14:b0:25:f0:7c:9b:92:b6:68:29:f2:
                    8b:83:39:d3:a8:8e:ab:24:92:a1:5e:53:85:05:2e:
                    43:7d:22:11:8f:dc:5f:ea:1a:b3:ac:1f:f0:3b:f1:
                    45:81:f6:71:d8:63:c2:dd:af:f6:2e:23:23:7d:de:
                    61:25:c8:cf:67:26:f2:24:e5:c9:1b:32:1f:5f:bc:
                    91:c2:45:e6:33:8d:a0:b7:6d:d7:46:f8:ad:dd:a1:
                    2e:7f:da:06:37:40:c8:e2:be:28:25:0c:13:57:d4:
                    0f:64:39:0a:5e:56:20:ef:95:6c:d2:02:d9:c5:00:
                    be:8e:9f:45:1e:9e:74:b1:9c:5b:bb:71:43:42:ab:
                    c3:ec:29:bd:eb:05:e3:c4:ae:a9:f3:51:bf:8f:4e:
                    2d:67:e8:ee:1e:18:3f:70:88:98:1a:90:d7:85:62:
                    57:49:e5:c9:c4:15:00:89:c0:68:b5:aa:4d:32:fa:
                    62:a6:bd:c0:38:62:e6:d7:5c:e3:79:6b:ef:71:a6:
                    6a:b0:af:96:15:bb:35:d5:d4:1c:0e:e7:dc:d5:63:
                    35:06:83:71:f9:03:26:3b:c0:97:88:5e:e5:30:a5:
                    64:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:F9:E3:B0:0C:F5:25:36:34:F9:AD:B2:7D:45:08:38:27:E1:EC:F5
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:27:38:78:55:52:bc:97:b4:95:46:88:7e:69:da:3b:9b:2a:
         5e:df:cb:94:b8:0f:17:d0:2e:e2:3d:1b:b0:30:99:be:17:07:
         35:05:c7:1c:c1:1e:da:23:e3:4f:2b:6e:f8:bb:1b:60:ad:d1:
         c5:67:d1:de:c2:2d:61:b1:81:79:42:7b:8c:e1:57:2e:3b:cb:
         fb:07:77:83:ce:97:1a:e8:a4:57:4f:db:33:84:0b:72:a5:cf:
         6d:13:c0:81:c2:0f:3d:f5:ba:f0:6a:74:2b:42:7f:91:0e:ad:
         52:b7:1a:b3:8c:30:53:71:c7:4f:c4:a8:32:13:41:03:c9:5f:
         73:a2:97:ee:a6:27:a4:7c:39:10:f2:8a:09:b2:21:93:6b:66:
         f9:65:05:91:61:cd:c6:ed:64:08:04:66:f1:80:6d:65:35:a2:
         0b:53:bd:19:48:50:04:5a:0e:4e:e6:bf:de:8e:12:52:67:67:
         70:b3:0e:c4:af:f5:df:e9:67:86:fb:e1:94:aa:38:84:05:53:
         e6:a2:78:6b:6f:a3:ae:01:e4:f4:19:8c:1d:09:d1:1a:af:b0:
         94:e6:28:d7:a3:5e:73:63:2e:42:cc:3b:cf:ef:87:ce:6c:de:
         af:9f:84:09:ef:24:29:a6:73:eb:7b:e4:a4:5a:d7:8a:bd:da:
         9b:5a:0f:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfGV78VB1gaOAT+KJcy9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjYwMzAxMTMwMDI3WhcNMjYwMzAyMTMwMDI3WjAzMTEwLwYDVQQD
EygyNWY5ZTNiMDBjZjUyNTM2MzRmOWFkYjI3ZDQ1MDgzODI3ZTFlY2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oCRtyu/ZO1FjLlEl2deU5KcqRq2
e9VBkL5l0tfXzkFZFLAl8HybkrZoKfKLgznTqI6rJJKhXlOFBS5DfSIRj9xf6hqz
rB/wO/FFgfZx2GPC3a/2LiMjfd5hJcjPZybyJOXJGzIfX7yRwkXmM42gt23XRvit
3aEuf9oGN0DI4r4oJQwTV9QPZDkKXlYg75Vs0gLZxQC+jp9FHp50sZxbu3FDQqvD
7Cm96wXjxK6p81G/j04tZ+juHhg/cIiYGpDXhWJXSeXJxBUAicBotapNMvpipr3A
OGLm11zjeWvvcaZqsK+WFbs11dQcDufc1WM1BoNx+QMmO8CXiF7lMKVkqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCX547AM9SU2NPmtsn1FCDgn4ez1MB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFCc4eFVS
vJe0lUaIfmnaO5sqXt/LlLgPF9Au4j0bsDCZvhcHNQXHHMEe2iPjTytu+LsbYK3R
xWfR3sItYbGBeUJ7jOFXLjvL+wd3g86XGuikV0/bM4QLcqXPbRPAgcIPPfW68Gp0
K0J/kQ6tUrcas4wwU3HHT8SoMhNBA8lfc6KX7qYnpHw5EPKKCbIhk2tm+WUFkWHN
xu1kCARm8YBtZTWiC1O9GUhQBFoOTua/3o4SUmdncLMOxK/13+lnhvvhlKo4hAVT
5qJ4a2+jrgHk9BmMHQnRGq+wlOYo16Nec2MuQsw7z++Hzmzer5+ECe8kKaZz63vk
pFrXir3am1oP4A==
-----END CERTIFICATE-----