Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          CCgiTA5Zr41QwzI3C2cvnwLZ1wT6vqzwP9WSwMKZ3JM=
Subject key identifier:   E3:1F:42:FC:96:F2:06:A6:6F:45:AC:C0:9C:DD:93:72:86:E3:1F:AF
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       019CACB49A9AEFF6FA9820FCFA76180E93C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          1845
Signing time:             Mon 02 Mar 2026 04:00:42 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:42 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:42 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: Sgz+DNIGsb3d+mFgHT2MaO1pISrj/ADftBlalv6YVPk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:9a:9a:ef:f6:fa:98:20:fc:fa:76:18:0e:93:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Mar  2 04:00:42 2026 GMT
            Not After : Mar  3 04:00:42 2026 GMT
        Subject: CN=e31f42fc96f206a66f45acc09cdd937286e31faf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:be:5b:dc:93:62:8e:fc:5e:f2:e7:5b:11:18:
                    98:bc:17:45:68:46:5a:a8:9e:7f:97:7b:07:5a:d1:
                    7c:3b:06:83:05:fc:79:24:75:49:b4:07:33:47:11:
                    51:52:bd:97:9b:d2:1a:28:e9:49:2d:81:c5:42:d2:
                    b4:78:66:9e:db:67:d9:c1:f2:23:6e:0a:5b:02:c5:
                    0b:b8:a7:5a:78:22:c3:17:36:1e:c0:c6:97:81:3b:
                    6c:4c:dc:6c:10:fe:72:43:dd:0e:92:6a:1e:42:d0:
                    14:12:f9:22:60:e4:c5:07:a8:ae:b4:ad:cb:24:46:
                    10:05:b0:1d:58:e4:8b:ef:4f:ad:c2:5d:10:7c:51:
                    a5:a4:7d:f2:c0:c0:bd:b8:c3:ca:19:c8:12:c7:1f:
                    12:8f:04:ba:80:f6:02:95:e5:97:35:03:37:46:05:
                    f0:df:d2:72:c8:d7:88:8e:53:56:fd:80:a7:14:97:
                    8e:65:57:4f:4c:c8:28:29:9c:ba:22:e1:ec:30:ec:
                    04:2c:09:38:27:6c:07:25:f2:d3:1c:be:cf:0a:a9:
                    2c:1e:64:8a:45:67:a0:c6:ca:39:94:d1:12:ed:d1:
                    98:30:43:fd:b0:ef:3b:c5:d8:5e:0a:c9:f7:87:0d:
                    e1:c7:37:f4:d6:f4:86:53:3a:5d:03:ae:d7:40:bc:
                    6e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:1F:42:FC:96:F2:06:A6:6F:45:AC:C0:9C:DD:93:72:86:E3:1F:AF
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:d2:1c:64:42:53:86:e8:43:50:0d:06:ae:71:2a:83:95:fd:
         f1:0c:a0:e1:2f:39:31:c4:02:22:a2:a5:28:ed:e2:ce:9c:42:
         0f:e0:2c:e2:72:8b:69:c4:7c:20:a3:c7:5f:3d:4a:a4:3b:05:
         28:e0:67:f9:b6:8d:83:b7:62:97:cb:2e:25:09:37:47:84:89:
         c3:90:09:aa:98:38:8a:46:38:28:15:2d:53:4a:ef:7e:ab:f1:
         b8:2c:33:5c:a3:2c:ff:d7:6e:0a:24:15:16:1f:ec:41:07:d8:
         dd:18:1a:b6:ad:99:05:e2:19:0b:c6:17:61:e7:18:ff:c3:ff:
         e8:3c:fd:d1:ae:90:56:fe:38:0f:e2:a2:6b:97:47:f4:67:e4:
         fb:b8:e3:b5:06:49:9f:27:01:23:ae:02:e3:4a:87:53:98:b1:
         3d:16:06:cb:cf:57:75:ed:5a:be:1c:df:b2:cc:79:bd:96:b4:
         ab:5a:55:32:f3:b4:e1:c1:34:68:0c:a5:a0:73:57:0a:11:2a:
         b2:b6:14:73:88:79:55:ac:3d:97:54:f4:4d:d5:01:45:c1:61:
         26:b4:2b:d6:5e:cb:48:56:d0:64:23:68:e1:01:d2:13:ee:d9:
         3b:cc:1b:1f:12:55:4d:ef:2e:0a:d9:bb:50:43:6b:6a:8a:01:
         b8:74:7a:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystJqa7/b6mCD8+nYYDpPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjYwMzAyMDQwMDQyWhcNMjYwMzAzMDQwMDQyWjAzMTEwLwYDVQQD
EyhlMzFmNDJmYzk2ZjIwNmE2NmY0NWFjYzA5Y2RkOTM3Mjg2ZTMxZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr5b3JNijvxe8udbERiYvBdFaEZa
qJ5/l3sHWtF8OwaDBfx5JHVJtAczRxFRUr2Xm9IaKOlJLYHFQtK0eGae22fZwfIj
bgpbAsULuKdaeCLDFzYewMaXgTtsTNxsEP5yQ90OkmoeQtAUEvkiYOTFB6iutK3L
JEYQBbAdWOSL70+twl0QfFGlpH3ywMC9uMPKGcgSxx8SjwS6gPYCleWXNQM3RgXw
39JyyNeIjlNW/YCnFJeOZVdPTMgoKZy6IuHsMOwELAk4J2wHJfLTHL7PCqksHmSK
RWegxso5lNES7dGYMEP9sO87xdheCsn3hw3hxzf01vSGUzpdA67XQLxuNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMfQvyW8gamb0WswJzdk3KG4x+vMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd9IcZEJT
huhDUA0GrnEqg5X98Qyg4S85McQCIqKlKO3izpxCD+As4nKLacR8IKPHXz1KpDsF
KOBn+baNg7dil8suJQk3R4SJw5AJqpg4ikY4KBUtU0rvfqvxuCwzXKMs/9duCiQV
Fh/sQQfY3Rgatq2ZBeIZC8YXYecY/8P/6Dz90a6QVv44D+Kia5dH9Gfk+7jjtQZJ
nycBI64C40qHU5ixPRYGy89Xde1avhzfssx5vZa0q1pVMvO04cE0aAyloHNXChEq
srYUc4h5Vaw9l1T0TdUBRcFhJrQr1l7LSFbQZCNo4QHSE+7ZO8wbHxJVTe8uCtm7
UENraooBuHR6fg==
-----END CERTIFICATE-----