Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
File:                     hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json)
Hash identifier:          AIhE1f4HqBJuEaikra+BQpVkSIt3iYV5spwdDKXm/GU=
Subject key identifier:   67:B0:5F:8A:CD:EE:72:4E:8A:B9:E3:2E:88:2A:13:F3:33:59:82:82
Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF
Certificate issuer:       /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
Certificate serial:       019CAEA3AF822B3CF8D746AECCA243DB5217
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
Manifest number:          0F27
Signing time:             Mon 02 Mar 2026 13:01:28 +0000
Manifest this update:     Mon 02 Mar 2026 13:01:28 +0000
Manifest next update:     Tue 03 Mar 2026 13:01:28 +0000
Files and hashes:         1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: SSIPw0GGSJfSs9O4at9XaZ/j6L0uVYpZqDffc+SzqMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:a3:af:82:2b:3c:f8:d7:46:ae:cc:a2:43:db:52:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
        Validity
            Not Before: Mar  2 13:01:28 2026 GMT
            Not After : Mar  3 13:01:28 2026 GMT
        Subject: CN=67b05f8acdee724e8ab9e32e882a13f333598282
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d0:7c:7a:16:fc:37:65:c1:e6:69:2c:eb:e2:
                    9e:2a:b1:e0:64:d2:e9:08:50:d6:86:8f:7a:e1:a4:
                    a7:40:08:9a:f8:4b:8c:12:da:94:9f:f2:96:36:9a:
                    77:59:9b:68:6c:c8:db:ca:a3:3b:76:f6:51:9b:33:
                    a6:21:52:93:82:3f:0a:74:af:45:8e:96:77:01:de:
                    1d:97:6b:c9:f4:69:f9:13:4b:74:a8:27:a7:c3:92:
                    d3:1a:04:36:0e:f8:f7:81:42:ad:e1:8e:3e:a6:01:
                    12:f9:50:85:b9:58:8d:34:6f:e5:22:cf:dd:02:b8:
                    6a:0c:61:95:a5:cf:d3:e4:64:bd:bd:a2:91:99:9f:
                    fe:5f:bb:de:ee:a4:e1:b1:1f:47:8b:b1:59:37:f8:
                    c7:5c:82:0c:f4:f7:3a:b2:65:61:6b:b3:31:a8:d5:
                    74:07:87:55:b3:a7:e8:06:3f:8b:64:2a:f2:fa:dd:
                    eb:22:58:f4:5e:20:86:01:db:9c:c3:ab:7c:a1:2c:
                    47:51:a5:b2:2a:e8:a0:0a:4d:4b:2c:37:c9:69:56:
                    d6:02:a8:72:d1:c7:76:79:70:48:60:5a:c9:ca:dc:
                    06:29:28:5a:34:fd:20:9b:5c:8b:dc:7b:8b:70:25:
                    b9:fc:cf:f6:f5:a4:49:aa:77:f6:3d:35:9c:88:91:
                    cd:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:B0:5F:8A:CD:EE:72:4E:8A:B9:E3:2E:88:2A:13:F3:33:59:82:82
            X509v3 Authority Key Identifier:
                keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:9c:db:ac:f4:41:b3:c1:ae:35:f4:c3:f1:cf:4f:64:f0:6e:
         c3:69:1d:a0:23:c1:0c:75:5a:e1:c2:41:f2:70:cd:f4:0b:dd:
         b5:00:07:0a:d3:17:ef:ff:41:16:c1:1a:70:94:6f:00:ae:90:
         11:d3:b5:8c:13:e5:ea:f2:9e:71:c5:6c:74:70:c0:14:9f:24:
         0a:75:d7:da:a3:87:8d:4f:7f:0d:97:eb:4c:d5:0d:90:c1:6a:
         70:44:dd:0e:54:39:0b:dd:31:d7:50:76:80:d8:ee:71:1f:45:
         52:0f:cc:f6:84:e8:a7:41:77:bd:fa:43:d1:ae:ec:ef:fa:2b:
         cf:cd:79:40:8c:f3:9d:6d:55:94:e5:51:e6:29:66:84:5c:1e:
         df:eb:03:2e:6d:da:58:41:ba:e7:4c:e8:80:4b:e5:0b:22:13:
         e9:ce:35:c7:49:d6:68:f4:d8:7e:a5:e8:96:ae:8b:19:0a:c9:
         0d:75:b3:14:d6:66:f1:8a:20:e8:74:55:05:ba:47:06:3d:84:
         89:8f:19:76:7a:4e:e6:89:99:fc:85:55:d4:a7:e6:0c:e0:8a:
         f7:55:db:31:f5:b4:25:77:3f:40:67:d6:52:93:46:2e:52:d0:
         db:91:81:14:0b:f3:36:aa:41:70:d6:6e:6a:4e:71:94:b6:35:
         a9:64:a9:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo6+CKzz410auzKJD21IXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh
MjQ4YWYwHhcNMjYwMzAyMTMwMTI4WhcNMjYwMzAzMTMwMTI4WjAzMTEwLwYDVQQD
Eyg2N2IwNWY4YWNkZWU3MjRlOGFiOWUzMmU4ODJhMTNmMzMzNTk4MjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdB8ehb8N2XB5mks6+KeKrHgZNLp
CFDWho964aSnQAia+EuMEtqUn/KWNpp3WZtobMjbyqM7dvZRmzOmIVKTgj8KdK9F
jpZ3Ad4dl2vJ9Gn5E0t0qCenw5LTGgQ2Dvj3gUKt4Y4+pgES+VCFuViNNG/lIs/d
ArhqDGGVpc/T5GS9vaKRmZ/+X7ve7qThsR9Hi7FZN/jHXIIM9Pc6smVha7MxqNV0
B4dVs6foBj+LZCry+t3rIlj0XiCGAducw6t8oSxHUaWyKuigCk1LLDfJaVbWAqhy
0cd2eXBIYFrJytwGKShaNP0gm1yL3HuLcCW5/M/29aRJqnf2PTWciJHNsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGewX4rN7nJOirnjLogqE/MzWYKCMB8GA1UdIwQY
MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt
ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4
LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfpzbrPRB
s8GuNfTD8c9PZPBuw2kdoCPBDHVa4cJB8nDN9AvdtQAHCtMX7/9BFsEacJRvAK6Q
EdO1jBPl6vKeccVsdHDAFJ8kCnXX2qOHjU9/DZfrTNUNkMFqcETdDlQ5C90x11B2
gNjucR9FUg/M9oTop0F3vfpD0a7s7/orz815QIzznW1VlOVR5ilmhFwe3+sDLm3a
WEG650zogEvlCyIT6c41x0nWaPTYfqXolq6LGQrJDXWzFNZm8Yog6HRVBbpHBj2E
iY8ZdnpO5omZ/IVV1KfmDOCK91XbMfW0JXc/QGfWUpNGLlLQ25GBFAvzNqpBcNZu
ak5xlLY1qWSppA==
-----END CERTIFICATE-----