Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
File:                     HjaTxfrT8hak_3rIbO6yOwBDg10.mft (raw, json)
Hash identifier:          wIEi4oXOChr73KjwthMyYnxAUfCW1Ryg/8+GKt7SV/Y=
Subject key identifier:   52:16:44:C0:15:6C:EF:15:E1:03:56:85:31:1E:B9:05:38:66:7E:EE
Authority key identifier: 1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D
Certificate issuer:       /CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
Certificate serial:       019CACB4680670112F4F7280717BE00A84FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
Manifest number:          0D12
Signing time:             Mon 02 Mar 2026 04:00:30 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:30 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:30 +0000
Files and hashes:         1: HjaTxfrT8hak_3rIbO6yOwBDg10.crl (hash: LOfIm0IjJsMsuV6wQte5M8b3AKAlKm5Nq+KZd/hJWa8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 04:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:68:06:70:11:2f:4f:72:80:71:7b:e0:0a:84:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
        Validity
            Not Before: Mar  2 04:00:30 2026 GMT
            Not After : Mar  3 04:00:30 2026 GMT
        Subject: CN=521644c0156cef15e1035685311eb90538667eee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:21:fa:d6:e6:8c:4f:e1:4f:db:bc:45:c1:50:
                    52:c7:7d:1f:7d:cb:30:e9:7d:89:2d:6d:a7:ab:b4:
                    06:9b:c3:73:05:ad:a6:9a:ad:e8:da:bc:d4:16:aa:
                    12:f1:22:4b:b7:fe:6a:ad:ab:95:bf:20:a5:ce:b0:
                    02:0b:93:78:ed:04:56:fd:21:46:8a:0f:d1:42:f2:
                    12:f2:0d:8b:03:70:89:5b:0d:39:12:d0:50:48:8c:
                    3c:43:79:4b:0d:98:f1:85:b6:0f:61:59:a8:c7:e7:
                    c4:e9:07:54:75:96:bd:8e:43:09:60:90:f2:a3:3d:
                    54:25:84:23:b1:8c:74:3e:e3:6f:89:6e:2c:ee:be:
                    dc:a8:9b:9e:95:a7:45:fa:3a:65:18:15:45:1f:12:
                    0a:d0:00:6d:57:a3:11:c2:1e:7b:33:a9:28:eb:ca:
                    b9:5b:a1:e8:2b:f2:92:5c:cb:03:21:7c:fe:c6:9c:
                    5e:90:7e:d0:8a:d2:4d:42:d6:f1:11:76:23:a2:5b:
                    85:01:3f:5e:8c:e4:79:4c:bb:f3:8a:34:3c:15:9d:
                    03:7b:c0:04:32:47:8d:e7:1e:57:9c:dc:06:6b:08:
                    50:10:ea:78:d0:22:5b:76:5b:c6:ae:e6:e9:1e:28:
                    43:75:0a:43:cd:16:58:da:14:f0:24:a5:41:37:fc:
                    52:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:16:44:C0:15:6C:EF:15:E1:03:56:85:31:1E:B9:05:38:66:7E:EE
            X509v3 Authority Key Identifier:
                keyid:1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:49:91:2b:34:aa:b3:4f:21:a6:72:6d:e0:1e:ff:14:66:4b:
         d3:2e:b8:86:fe:e1:f5:0b:f9:43:0d:26:34:2a:ea:3b:8e:f1:
         b8:3e:09:53:3a:ba:74:88:81:d4:2e:96:61:9a:06:30:39:6f:
         04:7d:63:88:5d:af:4c:30:a8:77:aa:43:c2:29:17:35:8e:39:
         5d:9f:32:90:c0:96:49:dd:db:91:6f:9f:df:20:34:a1:a2:a1:
         fe:98:ec:5f:0d:04:e2:54:0f:6d:57:f9:eb:aa:44:6d:67:1c:
         fd:33:90:0c:a9:3b:9d:d1:bf:fb:37:c4:66:ed:c8:f1:5e:ef:
         28:a7:ff:8a:fb:a6:c7:93:c2:59:d0:e7:fa:2b:e8:c7:f0:db:
         4b:cc:3f:f3:70:3b:dc:4a:37:17:27:7c:fa:de:8d:05:96:b8:
         51:0d:d2:08:17:40:b7:38:69:f1:60:ea:b6:e3:17:1a:bd:42:
         e3:02:ed:a8:79:cb:b1:f7:38:94:4f:b3:46:79:bf:10:2f:f4:
         bc:33:82:67:95:42:12:17:9f:fb:3f:36:40:27:d8:93:8d:8a:
         21:5e:e8:6c:80:ee:b4:af:e6:21:ad:1c:3f:bc:72:29:e6:e2:
         e8:b5:75:13:15:2a:6a:79:e1:d0:8c:1d:d2:0f:61:44:75:ea:
         bd:f8:9f:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystGgGcBEvT3KAcXvgCoT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzY5M2M1ZmFkM2YyMTZhNGZmN2FjODZjZWViMjNiMDA0
MzgzNWQwHhcNMjYwMzAyMDQwMDMwWhcNMjYwMzAzMDQwMDMwWjAzMTEwLwYDVQQD
Eyg1MjE2NDRjMDE1NmNlZjE1ZTEwMzU2ODUzMTFlYjkwNTM4NjY3ZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyH61uaMT+FP27xFwVBSx30ffcsw
6X2JLW2nq7QGm8NzBa2mmq3o2rzUFqoS8SJLt/5qrauVvyClzrACC5N47QRW/SFG
ig/RQvIS8g2LA3CJWw05EtBQSIw8Q3lLDZjxhbYPYVmox+fE6QdUdZa9jkMJYJDy
oz1UJYQjsYx0PuNviW4s7r7cqJueladF+jplGBVFHxIK0ABtV6MRwh57M6ko68q5
W6HoK/KSXMsDIXz+xpxekH7QitJNQtbxEXYjoluFAT9ejOR5TLvzijQ8FZ0De8AE
MkeN5x5XnNwGawhQEOp40CJbdlvGrubpHihDdQpDzRZY2hTwJKVBN/xSgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIWRMAVbO8V4QNWhTEeuQU4Zn7uMB8GA1UdIwQY
MBaAFB42k8X60/IWpP96yGzusjsAQ4NdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQt
NDIxMTUxOGQ5OGE0LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQtNDIxMTUxOGQ5OGE0
LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPUmRKzSq
s08hpnJt4B7/FGZL0y64hv7h9Qv5Qw0mNCrqO47xuD4JUzq6dIiB1C6WYZoGMDlv
BH1jiF2vTDCod6pDwikXNY45XZ8ykMCWSd3bkW+f3yA0oaKh/pjsXw0E4lQPbVf5
66pEbWcc/TOQDKk7ndG/+zfEZu3I8V7vKKf/ivumx5PCWdDn+ivox/DbS8w/83A7
3Eo3Fyd8+t6NBZa4UQ3SCBdAtzhp8WDqtuMXGr1C4wLtqHnLsfc4lE+zRnm/EC/0
vDOCZ5VCEhef+z82QCfYk42KIV7obIDutK/mIa0cP7xyKebi6LV1ExUqannh0Iwd
0g9hRHXqvfifnQ==
-----END CERTIFICATE-----