Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
File:                     HhkRubtcij4eK4pRFl-KcaCSxo0.mft (raw, json)
Hash identifier:          W/PnO6c3Abkyhre4xZMJDbUC6E/cdive891FjQtgDoA=
Subject key identifier:   AC:88:6A:AA:EE:7C:22:14:0D:FD:B7:4B:53:E0:16:E6:F0:F2:09:B7
Authority key identifier: 1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D
Certificate issuer:       /CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
Certificate serial:       019D9A3E86AFDE6FECC82381805537946667
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
Manifest number:          147A
Signing time:             Fri 17 Apr 2026 07:01:22 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:22 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:22 +0000
Files and hashes:         1: HhkRubtcij4eK4pRFl-KcaCSxo0.crl (hash: ZSdjj2sOBTIJBsGQdw7THYnU9clN4ns90cuoPqcE/SA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 06:59:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:86:af:de:6f:ec:c8:23:81:80:55:37:94:66:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
        Validity
            Not Before: Apr 17 07:01:22 2026 GMT
            Not After : Apr 18 07:01:22 2026 GMT
        Subject: CN=ac886aaaee7c22140dfdb74b53e016e6f0f209b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d2:7b:c3:68:ef:d8:ab:b4:43:79:4d:56:2b:
                    63:36:c1:3c:f4:27:3f:89:29:c1:ab:4d:ec:5c:8a:
                    55:1d:74:98:53:97:4e:1a:3d:3c:95:18:1c:e4:15:
                    ea:6a:34:74:be:2c:a9:56:a4:bd:94:ab:7c:d9:b8:
                    52:4b:bb:d7:f6:0f:8d:88:17:45:cf:77:2a:26:e6:
                    bc:b2:83:65:24:73:3e:7a:88:c6:de:ee:c8:5f:73:
                    e7:90:1a:7a:80:04:ed:ea:91:18:cf:ca:bb:2f:23:
                    a4:29:65:53:6e:f6:5d:68:79:a4:e4:e5:03:bd:0b:
                    96:ac:57:19:2d:01:7e:7b:08:fe:81:f9:6f:91:a8:
                    e1:13:04:b7:b4:74:d9:27:4d:87:1b:cc:aa:e4:7f:
                    d8:59:8b:56:58:4b:93:00:61:99:30:0d:92:8d:ac:
                    4a:73:00:3c:99:ef:ac:58:69:70:c8:6d:f9:4e:40:
                    df:81:87:6a:74:65:0a:5b:4e:77:b5:68:8f:72:06:
                    75:5d:bb:bf:14:99:13:67:75:74:17:01:4e:fe:68:
                    8d:20:c0:78:0d:04:db:e3:98:86:27:bb:ba:ed:18:
                    f3:29:9e:8c:51:e3:09:a7:82:28:a3:e9:d1:d8:87:
                    48:27:11:59:ca:9d:43:a2:45:e6:85:66:95:2a:7f:
                    27:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:88:6A:AA:EE:7C:22:14:0D:FD:B7:4B:53:E0:16:E6:F0:F2:09:B7
            X509v3 Authority Key Identifier:
                keyid:1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:36:2f:d4:fa:ba:7e:67:36:c8:2c:68:14:14:b5:79:7c:b2:
         bb:88:3a:48:95:80:fc:ab:ce:67:63:03:d2:b1:09:c9:1f:7f:
         c7:94:05:80:71:cb:48:9f:b2:34:21:c3:78:37:eb:1e:85:3d:
         c9:5a:53:24:17:59:9a:08:64:d2:9d:9a:96:55:77:db:4b:f8:
         da:9b:5a:64:04:41:24:4a:a5:05:b9:03:45:37:62:71:af:26:
         74:51:5a:b4:1f:35:98:4f:36:60:e7:2d:b9:8e:1d:a8:12:48:
         b1:69:ee:ae:3a:d3:e0:0b:0b:bc:76:03:bb:87:c6:46:6a:dc:
         83:22:50:0a:ba:22:16:05:6f:f4:20:90:7f:95:84:da:92:7b:
         d0:7e:6f:a6:64:6b:7d:0d:ae:14:8b:d6:b5:fc:5a:bc:ac:e5:
         66:dc:39:e6:55:50:7c:a9:56:27:00:81:6c:c3:1d:c9:18:5b:
         27:4e:74:cc:1a:b8:23:f1:26:cc:90:d1:a8:11:6f:43:e0:ac:
         73:53:96:79:d7:08:a7:ee:ab:9d:11:f0:d1:fe:27:1a:87:ac:
         05:66:80:40:cf:29:6b:fe:01:43:69:09:27:3e:62:38:18:38:
         ec:cb:b3:3a:ce:c4:aa:c5:45:c6:df:e2:3a:63:99:36:ff:1e:
         54:80:b0:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPoav3m/syCOBgFU3lGZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTkxMWI5YmI1YzhhM2UxZTJiOGE1MTE2NWY4YTcxYTA5
MmM2OGQwHhcNMjYwNDE3MDcwMTIyWhcNMjYwNDE4MDcwMTIyWjAzMTEwLwYDVQQD
EyhhYzg4NmFhYWVlN2MyMjE0MGRmZGI3NGI1M2UwMTZlNmYwZjIwOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptJ7w2jv2Ku0Q3lNVitjNsE89Cc/
iSnBq03sXIpVHXSYU5dOGj08lRgc5BXqajR0viypVqS9lKt82bhSS7vX9g+NiBdF
z3cqJua8soNlJHM+eojG3u7IX3PnkBp6gATt6pEYz8q7LyOkKWVTbvZdaHmk5OUD
vQuWrFcZLQF+ewj+gflvkajhEwS3tHTZJ02HG8yq5H/YWYtWWEuTAGGZMA2SjaxK
cwA8me+sWGlwyG35TkDfgYdqdGUKW053tWiPcgZ1Xbu/FJkTZ3V0FwFO/miNIMB4
DQTb45iGJ7u67RjzKZ6MUeMJp4Ioo+nR2IdIJxFZyp1DokXmhWaVKn8nZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyIaqrufCIUDf23S1PgFubw8gm3MB8GA1UdIwQY
MBaAFB4ZEbm7XIo+HiuKURZfinGgksaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQt
Yjc2ODZiOTA2MWE1LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQtYjc2ODZiOTA2MWE1
LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIjYv1Pq6
fmc2yCxoFBS1eXyyu4g6SJWA/KvOZ2MD0rEJyR9/x5QFgHHLSJ+yNCHDeDfrHoU9
yVpTJBdZmghk0p2allV320v42ptaZARBJEqlBbkDRTdica8mdFFatB81mE82YOct
uY4dqBJIsWnurjrT4AsLvHYDu4fGRmrcgyJQCroiFgVv9CCQf5WE2pJ70H5vpmRr
fQ2uFIvWtfxavKzlZtw55lVQfKlWJwCBbMMdyRhbJ050zBq4I/EmzJDRqBFvQ+Cs
c1OWedcIp+6rnRHw0f4nGoesBWaAQM8pa/4BQ2kJJz5iOBg47MuzOs7EqsVFxt/i
OmOZNv8eVICwiQ==
-----END CERTIFICATE-----