Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
File:                     hVLmDnmh3nUzQ9eBW4cMloDArn8.mft (raw, json)
Hash identifier:          jQzM8jcqgaLZwzuO6oue7AauNEyWoduALTqjVqFWubg=
Subject key identifier:   A9:37:6E:E1:DC:F5:93:CF:36:C9:D3:26:F4:E0:FD:55:74:4E:90:66
Authority key identifier: 85:52:E6:0E:79:A1:DE:75:33:43:D7:81:5B:87:0C:96:80:C0:AE:7F
Certificate issuer:       /CN=8552e60e79a1de753343d7815b870c9680c0ae7f
Certificate serial:       019CAD5939303921B722CC88115408942104
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
Manifest number:          0E18
Signing time:             Mon 02 Mar 2026 07:00:31 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:31 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:31 +0000
Files and hashes:         1: hVLmDnmh3nUzQ9eBW4cMloDArn8.crl (hash: G05wL1ELcDATC9IzP/sxzPxcRwH2o/6wg6Whnpa4+Os=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:39:30:39:21:b7:22:cc:88:11:54:08:94:21:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8552e60e79a1de753343d7815b870c9680c0ae7f
        Validity
            Not Before: Mar  2 07:00:31 2026 GMT
            Not After : Mar  3 07:00:31 2026 GMT
        Subject: CN=a9376ee1dcf593cf36c9d326f4e0fd55744e9066
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:20:e5:ba:72:1d:74:d0:9d:d9:e0:63:cf:d4:
                    52:03:32:87:3c:38:84:b5:d3:59:60:5b:93:58:5a:
                    fb:d6:6e:73:45:a4:1a:3d:5e:d7:02:c5:ec:ff:a8:
                    29:4c:d3:06:bd:ad:f5:10:c9:89:6e:7e:68:03:d7:
                    7c:d5:fd:03:72:9f:20:b3:e1:84:08:cb:d8:3d:c6:
                    76:2b:72:f7:5c:95:88:af:12:0e:c4:71:70:69:fd:
                    0d:b8:5a:0d:f5:d3:58:9e:ee:31:58:ba:8f:c2:b0:
                    06:9c:54:4f:1a:90:c8:ea:4e:6d:b5:ec:ab:57:5f:
                    6a:98:3e:80:a0:71:a3:c5:85:e7:0a:08:10:b9:ee:
                    3b:44:d2:10:a2:8e:e7:32:fb:d7:73:9a:1d:e4:d9:
                    40:28:42:78:ec:59:06:1c:94:21:1b:80:98:9f:74:
                    fd:a3:2a:3b:e1:c0:70:63:46:35:d0:c8:34:44:b1:
                    e4:62:1b:1e:52:6a:c3:1f:f9:61:55:75:42:85:31:
                    c4:38:e3:7b:1c:ca:27:bc:6d:00:d4:9b:27:c1:fd:
                    de:c4:79:2e:a1:2c:65:2f:96:4c:9e:4f:4a:58:4b:
                    73:5b:04:fb:c5:b3:3c:32:34:b6:47:42:6f:03:6d:
                    2d:65:d4:9a:04:31:e8:76:aa:0d:5c:75:ac:7a:d1:
                    5d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:37:6E:E1:DC:F5:93:CF:36:C9:D3:26:F4:E0:FD:55:74:4E:90:66
            X509v3 Authority Key Identifier:
                keyid:85:52:E6:0E:79:A1:DE:75:33:43:D7:81:5B:87:0C:96:80:C0:AE:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:7a:3a:54:cb:6a:0d:4e:db:0e:d7:cf:09:92:73:16:4e:11:
         f3:c2:60:bd:83:d2:27:7b:24:f6:48:3c:73:3f:f0:be:3d:f1:
         fd:97:a5:ea:48:24:cc:08:4f:55:c1:b1:8b:80:56:4d:3a:47:
         c6:bc:88:db:7f:10:65:6b:1d:fb:8c:ba:e5:6f:b4:ee:a2:72:
         c3:0a:c1:9e:9e:9f:0a:ff:54:21:38:20:7a:48:df:97:53:ed:
         86:97:74:40:31:eb:53:a2:59:45:6d:78:ce:fc:6e:b9:d6:ee:
         c6:da:9b:8c:78:9b:1d:e1:b8:f1:df:48:85:58:33:32:cd:54:
         f1:62:36:8a:8d:56:5d:45:f6:e2:5b:83:eb:5c:1d:e3:65:13:
         5d:c4:b1:ce:60:9d:c0:0d:c7:14:33:55:85:54:df:10:d1:44:
         4b:27:34:44:c8:7e:07:ac:74:dd:8d:f7:a0:d1:f3:bb:d3:a0:
         3c:93:db:8b:b9:67:70:f1:a2:10:87:64:ee:a5:3e:2a:7c:20:
         37:0f:96:56:25:b8:e7:79:6e:40:19:ed:48:ad:ff:c3:ae:be:
         8f:a4:18:57:22:c6:6e:3b:8c:49:a7:9e:27:48:d2:8a:c6:44:
         5b:0e:8f:b2:be:4c:a0:86:f2:b9:f8:a7:b9:f9:fd:b8:14:fd:
         f7:51:2d:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWTkwOSG3IsyIEVQIlCEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTJlNjBlNzlhMWRlNzUzMzQzZDc4MTViODcwYzk2ODBj
MGFlN2YwHhcNMjYwMzAyMDcwMDMxWhcNMjYwMzAzMDcwMDMxWjAzMTEwLwYDVQQD
EyhhOTM3NmVlMWRjZjU5M2NmMzZjOWQzMjZmNGUwZmQ1NTc0NGU5MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiDlunIddNCd2eBjz9RSAzKHPDiE
tdNZYFuTWFr71m5zRaQaPV7XAsXs/6gpTNMGva31EMmJbn5oA9d81f0Dcp8gs+GE
CMvYPcZ2K3L3XJWIrxIOxHFwaf0NuFoN9dNYnu4xWLqPwrAGnFRPGpDI6k5tteyr
V19qmD6AoHGjxYXnCggQue47RNIQoo7nMvvXc5od5NlAKEJ47FkGHJQhG4CYn3T9
oyo74cBwY0Y10Mg0RLHkYhseUmrDH/lhVXVChTHEOON7HMonvG0A1Jsnwf3exHku
oSxlL5ZMnk9KWEtzWwT7xbM8MjS2R0JvA20tZdSaBDHodqoNXHWsetFd2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKk3buHc9ZPPNsnTJvTg/VV0TpBmMB8GA1UdIwQY
MBaAFIVS5g55od51M0PXgVuHDJaAwK5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8zNzI0ZDMtMjEyZi00OGJmLWEyYzEt
OWZmYTYwZGI4ZjcxLzEvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8zNzI0ZDMtMjEyZi00OGJmLWEyYzEtOWZmYTYwZGI4Zjcx
LzEvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUXo6VMtq
DU7bDtfPCZJzFk4R88JgvYPSJ3sk9kg8cz/wvj3x/Zel6kgkzAhPVcGxi4BWTTpH
xryI238QZWsd+4y65W+07qJywwrBnp6fCv9UITggekjfl1Pthpd0QDHrU6JZRW14
zvxuudbuxtqbjHibHeG48d9IhVgzMs1U8WI2io1WXUX24luD61wd42UTXcSxzmCd
wA3HFDNVhVTfENFESyc0RMh+B6x03Y33oNHzu9OgPJPbi7lncPGiEIdk7qU+Knwg
Nw+WViW453luQBntSK3/w66+j6QYVyLGbjuMSaeeJ0jSisZEWw6Psr5MoIbyufin
ufn9uBT991Etsg==
-----END CERTIFICATE-----