Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
File:                     hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json)
Hash identifier:          UvqGSI0q/wXqMX9ggwzJN8T5Odap4jWLucgaZa/KHFs=
Subject key identifier:   1C:24:24:B5:5D:CC:0F:43:DF:2F:50:0D:BD:D2:88:7B:A7:AB:FF:EC
Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF
Certificate issuer:       /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
Certificate serial:       019D9C2D131365293C3BA30E426380947946
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
Manifest number:          0FA2
Signing time:             Fri 17 Apr 2026 16:01:32 +0000
Manifest this update:     Fri 17 Apr 2026 16:01:32 +0000
Manifest next update:     Sat 18 Apr 2026 16:01:32 +0000
Files and hashes:         1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: F8+8PSDTE8H3d1PHh0SeC1YaOb4J+SO1GqS9/PywwGA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:2d:13:13:65:29:3c:3b:a3:0e:42:63:80:94:79:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
        Validity
            Not Before: Apr 17 16:01:32 2026 GMT
            Not After : Apr 18 16:01:32 2026 GMT
        Subject: CN=1c2424b55dcc0f43df2f500dbdd2887ba7abffec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:94:66:86:bb:5f:ca:d5:9e:43:e6:4d:3e:05:
                    37:51:3b:70:3f:c2:34:cf:f7:48:e5:78:46:9a:55:
                    ca:d8:d5:e7:67:8f:e0:8d:29:b7:16:8a:fa:ca:5b:
                    a9:c4:3f:3c:4e:c3:9e:29:6a:58:3a:ce:55:1f:58:
                    1f:77:bf:e8:92:0c:15:d2:7b:57:51:27:38:b9:74:
                    ec:ad:b8:f6:b1:da:90:32:fe:d6:4c:95:9d:74:c2:
                    be:80:f1:32:15:82:e5:b3:46:35:ec:ef:d5:2a:6b:
                    ad:74:49:23:f0:6f:7b:3e:4b:e8:93:ef:d1:01:2e:
                    1e:86:af:b6:43:ff:ac:8e:df:64:05:24:1d:90:7c:
                    d9:46:a0:84:9b:f8:60:94:b0:14:f7:c4:d4:e0:e9:
                    14:ed:4d:fc:9f:6f:89:3c:6a:32:db:6d:a9:23:f5:
                    ad:23:78:4a:b0:ed:94:a5:cf:a9:9e:85:ac:3d:b4:
                    da:85:a8:c0:7e:e2:5d:de:a9:c2:14:68:a9:b0:19:
                    b9:9d:3d:a2:2e:8f:d3:13:45:ef:86:e4:b2:60:fe:
                    7f:9c:af:71:6a:d8:11:49:3c:58:c8:2a:c2:16:90:
                    60:79:5e:3c:79:45:f4:0c:d1:b2:6c:5f:11:98:48:
                    ec:79:22:a9:42:f1:14:39:1b:aa:31:7d:3c:96:5d:
                    a2:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:24:24:B5:5D:CC:0F:43:DF:2F:50:0D:BD:D2:88:7B:A7:AB:FF:EC
            X509v3 Authority Key Identifier:
                keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:f5:54:3d:1f:96:4e:d1:d3:41:00:22:16:54:cd:1a:06:f3:
         42:be:f9:eb:7b:c2:88:8c:15:da:b3:2c:49:c7:75:2f:80:0f:
         d0:f8:16:23:df:58:79:1f:e5:5b:73:d3:99:7b:24:c9:67:27:
         a7:85:bf:ba:49:ea:22:e9:84:24:45:dd:8c:6b:65:b2:78:82:
         b9:ad:d0:33:0e:03:34:90:59:88:b6:00:5e:68:ba:f9:ee:1e:
         79:95:8e:aa:26:c4:d2:d9:80:2f:db:2d:cc:2a:f3:07:37:55:
         0a:22:99:55:28:e2:d3:4e:3a:6e:78:a6:26:b0:55:03:c5:b5:
         59:4b:ec:4c:90:31:d4:45:58:73:63:05:ee:40:bf:1e:4b:90:
         83:ac:37:9d:6c:d9:1d:1e:6b:88:91:2e:e3:91:95:4a:b4:bd:
         0d:cc:c6:62:c1:6b:82:e9:4c:c1:c7:aa:cb:77:60:11:1b:4f:
         91:5b:1e:85:11:91:d3:f7:77:62:9b:8f:ab:97:71:0c:40:3d:
         04:70:a2:f7:c5:b5:9e:ee:7c:f1:25:88:e4:f3:1a:e0:5e:2e:
         10:73:0d:c0:71:d0:1f:a6:8f:ae:bb:72:a3:1a:11:9f:55:f6:
         e1:42:62:0a:2a:cc:6b:5a:13:2b:5b:78:24:20:1f:77:f3:98:
         95:28:4e:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLRMTZSk8O6MOQmOAlHlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh
MjQ4YWYwHhcNMjYwNDE3MTYwMTMyWhcNMjYwNDE4MTYwMTMyWjAzMTEwLwYDVQQD
EygxYzI0MjRiNTVkY2MwZjQzZGYyZjUwMGRiZGQyODg3YmE3YWJmZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5RmhrtfytWeQ+ZNPgU3UTtwP8I0
z/dI5XhGmlXK2NXnZ4/gjSm3For6ylupxD88TsOeKWpYOs5VH1gfd7/okgwV0ntX
USc4uXTsrbj2sdqQMv7WTJWddMK+gPEyFYLls0Y17O/VKmutdEkj8G97Pkvok+/R
AS4ehq+2Q/+sjt9kBSQdkHzZRqCEm/hglLAU98TU4OkU7U38n2+JPGoy222pI/Wt
I3hKsO2Upc+pnoWsPbTahajAfuJd3qnCFGipsBm5nT2iLo/TE0XvhuSyYP5/nK9x
atgRSTxYyCrCFpBgeV48eUX0DNGybF8RmEjseSKpQvEUORuqMX08ll2i2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwkJLVdzA9D3y9QDb3SiHunq//sMB8GA1UdIwQY
MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt
ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4
LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOvVUPR+W
TtHTQQAiFlTNGgbzQr7563vCiIwV2rMsScd1L4AP0PgWI99YeR/lW3PTmXskyWcn
p4W/uknqIumEJEXdjGtlsniCua3QMw4DNJBZiLYAXmi6+e4eeZWOqibE0tmAL9st
zCrzBzdVCiKZVSji0046bnimJrBVA8W1WUvsTJAx1EVYc2MF7kC/HkuQg6w3nWzZ
HR5riJEu45GVSrS9DczGYsFrgulMwceqy3dgERtPkVsehRGR0/d3YpuPq5dxDEA9
BHCi98W1nu588SWI5PMa4F4uEHMNwHHQH6aPrrtyoxoRn1X24UJiCirMa1oTK1t4
JCAfd/OYlShO3Q==
-----END CERTIFICATE-----