Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          ORdrvJP1AZT4nKsXQOFr1QbzzgreMAmwrR/25/yPZmQ=
Subject key identifier:   6A:40:2C:16:63:70:61:F0:1F:46:EE:A3:C0:63:7D:46:F5:AB:52:77
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       019CABD97CB201693C1877D4DA8522735889
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          0817
Signing time:             Mon 02 Mar 2026 00:01:22 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:22 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:22 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: Uzn+BX4i9NVCmGHbXJijwoYUXvtApfZSUJqVJ3laQgc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:7c:b2:01:69:3c:18:77:d4:da:85:22:73:58:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Mar  2 00:01:22 2026 GMT
            Not After : Mar  3 00:01:22 2026 GMT
        Subject: CN=6a402c16637061f01f46eea3c0637d46f5ab5277
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:96:1b:a9:4a:da:3a:99:d4:a2:c8:41:70:d0:
                    c9:71:52:3f:3c:d1:16:49:b7:09:66:23:73:89:c2:
                    38:5f:c9:8e:94:ae:c7:34:6f:6f:95:50:0a:58:cf:
                    9d:83:ca:ca:00:91:c7:be:0b:8f:30:f9:76:78:56:
                    9f:4c:ea:46:81:66:fc:30:5d:fe:5d:b3:e8:e8:70:
                    96:23:ee:61:37:bb:27:06:9a:c7:52:72:ca:05:33:
                    23:9b:4b:f8:4c:cd:a0:88:24:fe:9a:30:c3:6d:b6:
                    dd:df:53:93:41:ff:86:a8:4d:94:58:67:92:42:81:
                    de:cd:95:5a:a2:a7:7b:0e:64:80:30:cc:8c:e9:27:
                    33:ab:d2:1d:3f:1e:ff:a3:f6:f1:2a:d0:50:e3:4d:
                    9d:cd:94:b1:68:e6:51:44:09:f6:d0:e5:4e:73:32:
                    4e:ef:4f:15:29:05:25:6d:f1:0b:43:d7:18:9e:fc:
                    61:e7:83:a2:f9:8e:08:8c:b5:fe:87:82:6f:f0:49:
                    a6:03:de:28:8a:8e:1c:90:cc:5a:55:b0:12:8a:b9:
                    74:aa:e0:1b:63:a3:25:e3:48:5b:d7:21:53:00:0c:
                    f2:c7:30:c5:ff:54:ad:09:63:91:a9:43:8e:08:b9:
                    4f:06:29:69:fe:12:2c:87:f1:9a:d8:5e:5c:cd:6d:
                    1a:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:40:2C:16:63:70:61:F0:1F:46:EE:A3:C0:63:7D:46:F5:AB:52:77
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:e1:00:61:43:10:30:15:00:bc:38:f7:98:08:76:67:ec:13:
         19:6b:14:f9:3a:4e:e7:2b:b0:77:5f:a1:96:e2:5b:c1:97:2c:
         a7:71:e0:10:c7:fb:e5:7d:9c:3e:0b:b8:ec:d6:ac:9e:4c:b6:
         f1:09:79:b9:a4:2e:b1:ba:8f:ce:8c:0f:c4:6d:b4:3c:70:1f:
         26:8a:7d:be:05:ca:7e:08:fb:27:2b:75:10:d0:30:95:aa:9f:
         20:ab:93:2c:a0:07:78:a5:08:18:72:a1:f6:9e:b3:4c:d5:57:
         a5:61:14:a3:c6:26:00:f1:b2:b7:b6:3c:f5:20:f8:a8:2b:6a:
         b7:27:a5:83:cd:8d:bc:14:93:1b:c3:32:07:bb:c3:b3:1a:a3:
         53:b4:f1:55:32:be:1b:2f:34:57:9c:93:eb:c1:82:8d:f5:8b:
         ef:6e:de:95:9e:48:aa:13:fe:1a:e4:93:9d:b5:28:0d:4d:16:
         81:c7:2b:b4:2b:64:07:e9:74:1b:20:dd:b9:df:80:b7:4a:1e:
         1c:a4:e9:77:2e:f2:25:f1:3e:0f:88:e4:88:d7:e4:6b:6e:27:
         31:93:9f:e4:76:76:41:c6:8a:37:8b:0b:71:1f:9f:cb:43:dc:
         dd:32:18:7b:1b:02:10:f8:c2:9b:6a:60:ae:e8:0e:a3:55:e1:
         69:6f:e7:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2XyyAWk8GHfU2oUic1iJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjYwMzAyMDAwMTIyWhcNMjYwMzAzMDAwMTIyWjAzMTEwLwYDVQQD
Eyg2YTQwMmMxNjYzNzA2MWYwMWY0NmVlYTNjMDYzN2Q0NmY1YWI1Mjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZYbqUraOpnUoshBcNDJcVI/PNEW
SbcJZiNzicI4X8mOlK7HNG9vlVAKWM+dg8rKAJHHvguPMPl2eFafTOpGgWb8MF3+
XbPo6HCWI+5hN7snBprHUnLKBTMjm0v4TM2giCT+mjDDbbbd31OTQf+GqE2UWGeS
QoHezZVaoqd7DmSAMMyM6Sczq9IdPx7/o/bxKtBQ402dzZSxaOZRRAn20OVOczJO
708VKQUlbfELQ9cYnvxh54Oi+Y4IjLX+h4Jv8EmmA94oio4ckMxaVbASirl0quAb
Y6Ml40hb1yFTAAzyxzDF/1StCWORqUOOCLlPBilp/hIsh/Ga2F5czW0a6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGpALBZjcGHwH0buo8BjfUb1q1J3MB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO+EAYUMQ
MBUAvDj3mAh2Z+wTGWsU+TpO5yuwd1+hluJbwZcsp3HgEMf75X2cPgu47Nasnky2
8Ql5uaQusbqPzowPxG20PHAfJop9vgXKfgj7Jyt1ENAwlaqfIKuTLKAHeKUIGHKh
9p6zTNVXpWEUo8YmAPGyt7Y89SD4qCtqtyelg82NvBSTG8MyB7vDsxqjU7TxVTK+
Gy80V5yT68GCjfWL727elZ5IqhP+GuSTnbUoDU0WgccrtCtkB+l0GyDdud+At0oe
HKTpdy7yJfE+D4jkiNfka24nMZOf5HZ2QcaKN4sLcR+fy0Pc3TIYexsCEPjCm2pg
rugOo1XhaW/neA==
-----END CERTIFICATE-----