Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          c6Ew1QDbCLIW+yhJ7JNH6T9wCcg6sSdSUKQOLolXdKs=
Subject key identifier:   F7:A8:59:5C:67:2A:C4:B2:16:2D:D9:B0:E2:86:BB:84:9C:F6:1D:6F
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       019CAB6B218FF2136614E0BE972A2F8DB2AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:00:50 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:50 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:50 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: lu8HwkYKJc8tKi2MukixreNqE/g0EGvNghwMzUWemtE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:21:8f:f2:13:66:14:e0:be:97:2a:2f:8d:b2:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Mar  1 22:00:50 2026 GMT
            Not After : Mar  2 22:00:50 2026 GMT
        Subject: CN=f7a8595c672ac4b2162dd9b0e286bb849cf61d6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:1e:ef:9c:07:a4:5f:4e:2e:f6:77:be:16:b1:
                    ff:ac:48:0b:ed:8e:c4:87:f9:ca:db:5a:1f:77:fc:
                    bd:46:30:8a:b6:c2:ba:18:70:a2:1b:30:c7:5e:48:
                    de:3f:70:e7:db:cc:8f:e5:12:d1:d9:2c:f6:07:6a:
                    0f:ae:88:b0:c9:ff:d3:cc:28:e4:65:87:39:7c:7d:
                    93:d3:ff:c3:d1:bf:a9:83:8d:ad:da:02:79:8f:4e:
                    0a:ef:78:14:5e:16:40:1e:d7:de:b5:5a:fd:96:40:
                    2d:61:1f:f9:2e:6c:a3:e6:66:d2:3f:7c:dd:33:cd:
                    cf:d1:41:f9:6b:98:9d:a1:64:9a:26:53:6e:8e:2e:
                    79:bd:48:a7:7f:2d:18:f2:f4:49:a4:6a:60:85:69:
                    34:56:e0:18:92:4b:8f:1a:70:b0:dd:e8:8b:e6:34:
                    9e:fb:53:51:b3:41:54:48:7a:1a:2a:63:04:75:5c:
                    92:64:f9:2c:bd:6f:4b:0e:25:fc:3c:d1:0d:8f:f2:
                    28:67:01:c2:96:2f:9e:51:d8:1c:2e:17:a3:ee:90:
                    da:4d:5a:2f:e1:6d:8b:0e:df:a7:8a:a2:3c:e0:63:
                    c8:9f:15:e2:92:bf:3b:79:b3:d0:33:d1:93:e6:4b:
                    cf:96:2e:6a:08:03:4a:2c:65:fe:89:39:63:cf:45:
                    05:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:A8:59:5C:67:2A:C4:B2:16:2D:D9:B0:E2:86:BB:84:9C:F6:1D:6F
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:d4:7f:c1:ca:a9:c8:fd:9d:31:61:48:77:a2:dd:8a:bb:34:
         fc:78:2f:ca:97:e8:d6:c7:17:08:5e:cf:20:f9:5c:17:50:5e:
         42:d0:2e:7b:b1:6c:7a:19:e4:2f:bf:4d:5b:4e:64:e0:d0:10:
         ae:9b:59:0b:20:f8:33:f3:b4:01:7c:d5:ad:41:55:28:92:22:
         14:ab:e9:f9:d3:dc:bf:ba:91:19:87:12:14:67:58:59:44:07:
         70:1f:49:ae:cb:47:97:50:15:da:36:99:b5:da:e0:bd:b0:db:
         e0:c3:cb:d0:92:20:d5:46:32:05:b2:61:91:b4:8a:19:a5:f4:
         8a:da:8b:83:e6:82:1c:2f:05:a4:7b:f9:64:c2:6e:3e:3a:b2:
         3f:62:25:45:48:a7:fa:35:f9:f6:76:c3:d0:41:a7:a4:6d:ad:
         4a:fe:c3:97:84:12:3b:2c:5a:b1:f3:a0:df:58:dc:77:fa:87:
         48:4b:cb:d6:77:dd:b3:0e:6d:bd:4e:64:f1:d5:97:f2:21:1e:
         40:bb:c0:47:a4:01:de:f0:4f:d6:38:01:57:ba:66:01:32:ef:
         07:f8:43:a0:33:6c:de:91:88:78:51:52:cc:76:47:19:3c:2d:
         ff:df:69:78:b1:bc:63:cb:30:b0:9f:4e:e0:b8:8a:72:1b:2a:
         df:3a:57:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrayGP8hNmFOC+lyovjbKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjYwMzAxMjIwMDUwWhcNMjYwMzAyMjIwMDUwWjAzMTEwLwYDVQQD
EyhmN2E4NTk1YzY3MmFjNGIyMTYyZGQ5YjBlMjg2YmI4NDljZjYxZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh7vnAekX04u9ne+FrH/rEgL7Y7E
h/nK21ofd/y9RjCKtsK6GHCiGzDHXkjeP3Dn28yP5RLR2Sz2B2oProiwyf/TzCjk
ZYc5fH2T0//D0b+pg42t2gJ5j04K73gUXhZAHtfetVr9lkAtYR/5Lmyj5mbSP3zd
M83P0UH5a5idoWSaJlNuji55vUinfy0Y8vRJpGpghWk0VuAYkkuPGnCw3eiL5jSe
+1NRs0FUSHoaKmMEdVySZPksvW9LDiX8PNENj/IoZwHCli+eUdgcLhej7pDaTVov
4W2LDt+niqI84GPInxXikr87ebPQM9GT5kvPli5qCANKLGX+iTljz0UFRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPeoWVxnKsSyFi3ZsOKGu4Sc9h1vMB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXNR/wcqp
yP2dMWFId6Ldirs0/Hgvypfo1scXCF7PIPlcF1BeQtAue7FsehnkL79NW05k4NAQ
rptZCyD4M/O0AXzVrUFVKJIiFKvp+dPcv7qRGYcSFGdYWUQHcB9JrstHl1AV2jaZ
tdrgvbDb4MPL0JIg1UYyBbJhkbSKGaX0itqLg+aCHC8FpHv5ZMJuPjqyP2IlRUin
+jX59nbD0EGnpG2tSv7Dl4QSOyxasfOg31jcd/qHSEvL1nfdsw5tvU5k8dWX8iEe
QLvAR6QB3vBP1jgBV7pmATLvB/hDoDNs3pGIeFFSzHZHGTwt/99peLG8Y8swsJ9O
4LiKchsq3zpXvg==
-----END CERTIFICATE-----