Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File:                     hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier:          GHDd37nF8d22Ke5bpxGRIMPAM+XivvcpjASTKZxuiJI=
Subject key identifier:   26:50:66:46:85:4C:3C:61:E8:74:5C:FC:F4:59:DC:D2:19:5C:53:56
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer:       /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial:       019CABD9028FC8192C7C70CC85427630D13F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number:          0BED
Signing time:             Mon 02 Mar 2026 00:00:51 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:51 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:51 +0000
Files and hashes:         1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: BWxVzDC9nGr23jckfguWP4FxQJzAsvvi+RxZLgNc56o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:02:8f:c8:19:2c:7c:70:cc:85:42:76:30:d1:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
        Validity
            Not Before: Mar  2 00:00:51 2026 GMT
            Not After : Mar  3 00:00:51 2026 GMT
        Subject: CN=26506646854c3c61e8745cfcf459dcd2195c5356
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:7c:22:f6:cd:67:21:66:68:ac:f2:90:c3:58:
                    c1:76:74:97:4a:bd:54:da:2f:de:d0:cd:66:33:c8:
                    4a:11:e7:e8:ee:e5:b4:5a:26:bb:24:cf:0e:28:ab:
                    fa:95:b3:1d:81:36:8b:59:8e:89:aa:a3:78:30:02:
                    45:ba:8b:5e:97:4f:8e:b5:3f:fd:a5:78:5d:31:4f:
                    cc:76:c3:0a:66:9a:07:50:f9:13:f3:9d:58:7f:5f:
                    18:ca:e2:8b:87:57:4f:a8:e4:cd:94:28:9d:e9:cd:
                    b1:e0:41:a0:55:7a:e2:77:bb:0b:b3:9b:cb:e5:82:
                    cc:9a:45:56:75:ad:d0:5e:e3:a6:f0:f2:0c:01:b8:
                    02:6d:42:03:28:4f:28:6d:22:5d:17:d2:10:04:c7:
                    f5:20:92:38:79:9a:d2:04:af:10:77:61:2d:57:41:
                    b5:05:1e:c6:48:16:70:e7:55:5f:44:1b:42:72:69:
                    35:24:e2:91:2a:07:75:c0:c8:bf:f7:1d:40:e1:16:
                    f8:3c:56:35:4f:06:2c:b8:32:ac:a3:37:6d:a0:92:
                    d5:d7:6b:d8:e6:c7:7d:d8:69:56:82:d3:1d:f3:4d:
                    ce:7b:21:c5:d5:a3:68:0d:b7:71:78:cc:6f:e5:f4:
                    cb:b6:32:a1:5e:b6:3f:e7:f5:97:07:ae:6f:05:00:
                    7f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:50:66:46:85:4C:3C:61:E8:74:5C:FC:F4:59:DC:D2:19:5C:53:56
            X509v3 Authority Key Identifier:
                keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:6f:07:87:b0:e6:86:97:7d:e3:47:d2:f5:1f:fc:45:bf:c0:
         80:12:fd:d7:1f:9c:db:aa:be:43:36:44:1b:ba:e0:11:67:43:
         b7:72:1b:79:31:b8:40:2c:00:c4:3a:14:2d:a5:c2:ed:53:af:
         f5:04:6c:d7:43:98:c8:fd:1a:8d:08:87:19:b0:b7:32:df:54:
         20:e1:d4:8b:58:d1:f6:9e:cb:7c:de:2c:7b:3e:46:a4:8b:09:
         34:0d:00:2f:31:e4:ec:3c:91:a6:b9:06:fa:a5:57:b9:a0:7e:
         e4:eb:d6:52:5b:4d:9c:26:e4:38:66:53:fe:49:4e:be:fc:fb:
         98:37:d4:2f:bb:5a:8b:ab:ba:49:c8:9e:95:eb:ff:fa:fb:ce:
         c3:34:15:d5:78:a0:e1:eb:40:39:28:9e:9e:fc:f0:cc:34:aa:
         b3:6b:c2:e8:27:6f:64:f8:02:53:83:03:d1:c0:08:37:92:b8:
         d2:f3:12:7e:8f:31:2c:d5:a4:f1:3e:80:5e:5d:85:2e:9d:4e:
         a1:79:8a:1a:12:2a:80:9d:92:af:35:34:97:55:ff:ed:f6:6f:
         b8:30:65:41:2b:5e:41:a1:9d:1f:c6:11:8f:77:1c:fc:dc:ef:
         20:9c:e2:a7:47:d2:d8:06:12:ec:04:2d:67:84:5a:ca:5a:44:
         e3:b4:d1:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2QKPyBksfHDMhUJ2MNE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjYwMzAyMDAwMDUxWhcNMjYwMzAzMDAwMDUxWjAzMTEwLwYDVQQD
EygyNjUwNjY0Njg1NGMzYzYxZTg3NDVjZmNmNDU5ZGNkMjE5NWM1MzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXwi9s1nIWZorPKQw1jBdnSXSr1U
2i/e0M1mM8hKEefo7uW0Wia7JM8OKKv6lbMdgTaLWY6JqqN4MAJFuotel0+OtT/9
pXhdMU/MdsMKZpoHUPkT851Yf18YyuKLh1dPqOTNlCid6c2x4EGgVXrid7sLs5vL
5YLMmkVWda3QXuOm8PIMAbgCbUIDKE8obSJdF9IQBMf1IJI4eZrSBK8Qd2EtV0G1
BR7GSBZw51VfRBtCcmk1JOKRKgd1wMi/9x1A4Rb4PFY1TwYsuDKsozdtoJLV12vY
5sd92GlWgtMd803OeyHF1aNoDbdxeMxv5fTLtjKhXrY/5/WXB65vBQB/RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZQZkaFTDxh6HRc/PRZ3NIZXFNWMB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbG8Hh7Dm
hpd940fS9R/8Rb/AgBL91x+c26q+QzZEG7rgEWdDt3IbeTG4QCwAxDoULaXC7VOv
9QRs10OYyP0ajQiHGbC3Mt9UIOHUi1jR9p7LfN4sez5GpIsJNA0ALzHk7DyRprkG
+qVXuaB+5OvWUltNnCbkOGZT/klOvvz7mDfUL7tai6u6Scielev/+vvOwzQV1Xig
4etAOSienvzwzDSqs2vC6CdvZPgCU4MD0cAIN5K40vMSfo8xLNWk8T6AXl2FLp1O
oXmKGhIqgJ2SrzU0l1X/7fZvuDBlQSteQaGdH8YRj3cc/NzvIJzip0fS2AYS7AQt
Z4RaylpE47TROg==
-----END CERTIFICATE-----