Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          VYPE6LLzw8VQF5LrjgjGLpEVC1x4Rtp83g9WlIFF60w=
Subject key identifier:   E1:53:3E:03:09:F9:DA:E3:3C:09:D3:2B:F3:19:76:60:57:94:2A:4C
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       019CAB342F999B532DBAD419BA8DFEA007BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          0BB6
Signing time:             Sun 01 Mar 2026 21:00:49 +0000
Manifest this update:     Sun 01 Mar 2026 21:00:49 +0000
Manifest next update:     Mon 02 Mar 2026 21:00:49 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: LXX3uPaIZ5JRU8Dr2XaZC9QkyYHuYh59pJ4nA3AoP0o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 21:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:34:2f:99:9b:53:2d:ba:d4:19:ba:8d:fe:a0:07:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Mar  1 21:00:49 2026 GMT
            Not After : Mar  2 21:00:49 2026 GMT
        Subject: CN=e1533e0309f9dae33c09d32bf319766057942a4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:b2:25:80:75:07:d4:29:d6:e5:4d:69:3a:8e:
                    6b:9b:53:97:1f:5c:66:13:ce:0f:91:d8:b9:f3:0f:
                    c6:6b:52:c2:ad:0a:73:f3:6e:e6:a2:e8:e1:af:3f:
                    83:ef:2e:f1:21:cc:ca:c7:c4:64:1b:78:16:ca:4d:
                    76:e4:b3:34:65:5d:79:5f:df:1f:dc:4b:e4:29:64:
                    6a:2b:9b:d0:fe:d3:dc:6e:d2:08:d2:50:fd:34:53:
                    a6:3b:49:a1:30:a6:52:35:35:f8:9e:fe:f0:99:58:
                    f8:42:0e:25:ce:8d:c3:23:ad:c0:19:af:2f:e3:1b:
                    6a:e0:31:c5:de:26:90:96:f3:1d:b5:22:a3:7b:ef:
                    0c:bf:fe:b9:8c:b4:3f:15:d3:8c:f4:88:c4:c4:8b:
                    2e:81:e8:ea:15:93:c7:3e:1b:a8:6f:4b:80:bb:06:
                    a0:3c:d5:35:b8:b2:96:0c:a0:9c:79:32:8a:de:b9:
                    89:91:70:38:ad:7b:9a:7f:e7:13:1c:37:78:b0:54:
                    57:de:eb:87:cf:b9:23:10:a1:66:4d:8a:7e:1d:72:
                    1d:ee:b7:59:b3:53:9e:3f:0e:fc:a4:19:b6:18:42:
                    65:ef:17:c8:c6:43:69:c8:25:a0:59:76:1f:02:23:
                    e0:2e:56:54:30:37:08:25:ad:34:e3:b4:5d:23:f5:
                    af:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:53:3E:03:09:F9:DA:E3:3C:09:D3:2B:F3:19:76:60:57:94:2A:4C
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d1:8a:0b:a0:4b:4a:52:ed:03:ab:2b:67:33:a0:4f:9b:b7:43:
         7c:fd:64:75:7d:81:90:b3:3a:a4:c9:f9:c0:be:78:98:87:2e:
         7b:20:6c:7c:b4:3b:74:e1:ca:e0:7b:e2:8d:01:f5:44:c6:ff:
         03:db:16:77:3b:6b:9c:9f:9d:70:41:59:ef:f1:ee:b0:21:67:
         78:2a:21:6d:bb:00:3a:e7:42:cf:fe:a4:00:ad:39:c4:be:5c:
         80:1c:22:38:b9:11:50:b2:59:91:a9:a8:0f:22:64:ee:b6:0e:
         fa:cf:a3:45:4e:48:a1:05:49:e8:db:e2:5c:85:b7:08:8b:2c:
         b5:20:85:21:01:82:c5:7d:59:17:bb:51:42:96:09:54:66:8d:
         2a:b2:3d:8d:37:87:75:d8:f1:50:a6:7b:98:c0:7d:32:ef:f5:
         cf:ee:e5:74:af:c3:39:e2:60:66:9e:cc:44:00:3c:56:e5:60:
         1c:32:84:c0:b3:ae:9a:dd:99:a9:e1:51:f7:86:56:64:62:41:
         ff:81:35:0e:8f:04:db:c6:1e:d5:62:f2:1a:ea:b0:9c:26:b9:
         92:96:62:11:91:a3:eb:0c:bd:eb:bc:79:c8:5b:93:84:6d:94:
         9f:9a:3b:1a:fe:77:ce:2b:7a:7c:f7:e4:55:ae:a2:05:cf:31:
         98:31:b5:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNC+Zm1MtutQZuo3+oAe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjYwMzAxMjEwMDQ5WhcNMjYwMzAyMjEwMDQ5WjAzMTEwLwYDVQQD
EyhlMTUzM2UwMzA5ZjlkYWUzM2MwOWQzMmJmMzE5NzY2MDU3OTQyYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27IlgHUH1CnW5U1pOo5rm1OXH1xm
E84Pkdi58w/Ga1LCrQpz827moujhrz+D7y7xIczKx8RkG3gWyk125LM0ZV15X98f
3EvkKWRqK5vQ/tPcbtII0lD9NFOmO0mhMKZSNTX4nv7wmVj4Qg4lzo3DI63AGa8v
4xtq4DHF3iaQlvMdtSKje+8Mv/65jLQ/FdOM9IjExIsugejqFZPHPhuob0uAuwag
PNU1uLKWDKCceTKK3rmJkXA4rXuaf+cTHDd4sFRX3uuHz7kjEKFmTYp+HXId7rdZ
s1OePw78pBm2GEJl7xfIxkNpyCWgWXYfAiPgLlZUMDcIJa0047RdI/WvBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFTPgMJ+drjPAnTK/MZdmBXlCpMMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0YoLoEtK
Uu0DqytnM6BPm7dDfP1kdX2BkLM6pMn5wL54mIcueyBsfLQ7dOHK4HvijQH1RMb/
A9sWdztrnJ+dcEFZ7/HusCFneCohbbsAOudCz/6kAK05xL5cgBwiOLkRULJZkamo
DyJk7rYO+s+jRU5IoQVJ6NviXIW3CIsstSCFIQGCxX1ZF7tRQpYJVGaNKrI9jTeH
ddjxUKZ7mMB9Mu/1z+7ldK/DOeJgZp7MRAA8VuVgHDKEwLOumt2ZqeFR94ZWZGJB
/4E1Do8E28Ye1WLyGuqwnCa5kpZiEZGj6wy967x5yFuThG2Un5o7Gv53zit6fPfk
Va6iBc8xmDG12Q==
-----END CERTIFICATE-----