Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          aTRKiZZWfScS9xzH0iYTQ9iw3GIYyPJLomOmdccMaBI=
Subject key identifier:   F7:D1:D9:0F:26:58:42:88:1B:C0:E6:89:8B:7F:5B:CC:C7:01:13:72
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       019CAD5A2D0C33F171D8C837558C77C6EF7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          1414
Signing time:             Mon 02 Mar 2026 07:01:33 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:33 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:33 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: hnd2hFh3FBDI2ZMV/OsEiAInDGoIeY/2mMiU+ZlkY7k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:2d:0c:33:f1:71:d8:c8:37:55:8c:77:c6:ef:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Mar  2 07:01:33 2026 GMT
            Not After : Mar  3 07:01:33 2026 GMT
        Subject: CN=f7d1d90f265842881bc0e6898b7f5bccc7011372
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:52:e0:cb:42:76:2d:a1:30:c5:1c:8f:69:a2:
                    79:19:c2:de:8d:47:0d:92:e9:92:4e:95:74:99:25:
                    94:3e:bb:8e:a9:87:e1:0e:be:a0:f6:54:70:8f:70:
                    36:27:e1:88:ca:6c:15:9d:34:92:76:66:80:06:08:
                    69:50:b0:7a:42:7d:52:6d:46:c9:34:49:e4:ae:35:
                    35:66:e9:b5:f2:b4:ac:ed:d6:fa:cb:9d:3d:7d:d3:
                    fa:2a:38:2e:1a:39:7e:cd:b3:6b:f7:ed:36:72:44:
                    8c:83:bf:a3:20:0e:2b:bb:7a:05:12:32:77:dd:1a:
                    fe:ad:5a:ce:e7:81:f3:56:12:9b:9f:62:d1:58:24:
                    61:6d:4f:78:c2:2a:f8:2d:e5:b5:75:ae:15:4c:22:
                    d0:ab:a4:65:4e:24:f1:6f:60:97:85:42:73:02:a4:
                    49:b8:5b:a1:ae:6a:4a:bd:30:91:22:9d:a0:af:9a:
                    12:56:08:23:dc:d4:94:13:2c:13:dc:2d:75:ab:91:
                    ff:62:f3:a8:9b:40:0b:1a:77:8d:75:d0:88:fc:7e:
                    c3:90:7c:19:f8:c0:4e:19:b4:17:a3:ea:c8:0f:c5:
                    60:81:19:1b:d5:30:01:1d:a2:9a:fa:6d:29:12:64:
                    a0:57:2a:fa:d0:a7:cc:9f:2f:76:34:dc:95:e0:70:
                    c1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:D1:D9:0F:26:58:42:88:1B:C0:E6:89:8B:7F:5B:CC:C7:01:13:72
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:33:92:10:46:58:c6:32:4b:1a:95:9d:0e:bd:50:c0:7c:b7:
         c0:7d:a8:f7:57:aa:bb:eb:2c:29:df:36:89:23:be:62:51:7f:
         53:f5:fa:52:9c:b7:c9:26:07:9a:ff:76:a2:29:2c:83:30:fe:
         40:b7:02:1c:eb:c8:37:29:75:50:a7:40:01:87:ed:6f:0a:fe:
         ee:23:d8:2c:f9:8b:d2:9b:6b:07:48:64:d8:f9:66:a5:d9:fc:
         ec:6b:e5:ea:b6:95:05:39:b0:8e:c9:9c:53:ff:bc:59:aa:d3:
         33:1f:e7:28:bf:a3:0b:74:8d:55:56:d6:62:0d:85:19:2b:1c:
         10:eb:63:ad:bd:fd:d9:89:07:40:95:50:62:c1:62:43:91:93:
         18:54:9b:d8:55:f3:26:2d:bf:01:13:94:47:d9:2d:1f:34:a2:
         55:78:3c:29:cc:a7:ec:3f:2a:13:1c:74:bb:82:f3:2b:b5:4c:
         4d:5b:e9:2d:d0:08:33:0e:f2:bc:11:88:a0:f2:81:b4:9e:9b:
         0f:5b:bd:71:34:7a:10:54:24:c8:3b:70:b1:d3:71:a5:3a:d2:
         6f:8b:a0:0a:a8:0b:bf:6d:cf:77:16:2c:fe:71:b1:70:97:26:
         28:99:76:a5:cb:fd:c1:89:b5:66:71:93:9d:1c:0e:1a:e5:04:
         35:84:a4:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWi0MM/Fx2Mg3VYx3xu96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjYwMzAyMDcwMTMzWhcNMjYwMzAzMDcwMTMzWjAzMTEwLwYDVQQD
EyhmN2QxZDkwZjI2NTg0Mjg4MWJjMGU2ODk4YjdmNWJjY2M3MDExMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVLgy0J2LaEwxRyPaaJ5GcLejUcN
kumSTpV0mSWUPruOqYfhDr6g9lRwj3A2J+GIymwVnTSSdmaABghpULB6Qn1SbUbJ
NEnkrjU1Zum18rSs7db6y509fdP6KjguGjl+zbNr9+02ckSMg7+jIA4ru3oFEjJ3
3Rr+rVrO54HzVhKbn2LRWCRhbU94wir4LeW1da4VTCLQq6RlTiTxb2CXhUJzAqRJ
uFuhrmpKvTCRIp2gr5oSVggj3NSUEywT3C11q5H/YvOom0ALGneNddCI/H7DkHwZ
+MBOGbQXo+rID8VggRkb1TABHaKa+m0pEmSgVyr60KfMny92NNyV4HDBxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfR2Q8mWEKIG8DmiYt/W8zHARNyMB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACDOSEEZY
xjJLGpWdDr1QwHy3wH2o91equ+ssKd82iSO+YlF/U/X6Upy3ySYHmv92oiksgzD+
QLcCHOvINyl1UKdAAYftbwr+7iPYLPmL0ptrB0hk2Plmpdn87Gvl6raVBTmwjsmc
U/+8WarTMx/nKL+jC3SNVVbWYg2FGSscEOtjrb392YkHQJVQYsFiQ5GTGFSb2FXz
Ji2/AROUR9ktHzSiVXg8Kcyn7D8qExx0u4LzK7VMTVvpLdAIMw7yvBGIoPKBtJ6b
D1u9cTR6EFQkyDtwsdNxpTrSb4ugCqgLv23PdxYs/nGxcJcmKJl2pcv9wYm1ZnGT
nRwOGuUENYSkWw==
-----END CERTIFICATE-----