Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          qmUI0LYT+P+of0qfRRSOqL4mRbFNRiMLOXVdzUXM+PU=
Subject key identifier:   DA:1F:04:DC:AE:87:64:40:AE:5E:1F:90:72:B7:F2:01:B3:03:1F:D2
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       019D9962F7F1D3B91B9A31C7BF8AD491212C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          0892
Signing time:             Fri 17 Apr 2026 03:01:33 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:33 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:33 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: 4CKansP6vmfVOR/rF88afdeYgRoeHHK6bi2RGxVB2FM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:f7:f1:d3:b9:1b:9a:31:c7:bf:8a:d4:91:21:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Apr 17 03:01:33 2026 GMT
            Not After : Apr 18 03:01:33 2026 GMT
        Subject: CN=da1f04dcae876440ae5e1f9072b7f201b3031fd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5c:f8:af:04:b8:d6:7e:fe:75:61:b3:67:48:
                    96:5e:96:0c:54:21:61:45:33:c8:6b:bf:13:a5:1a:
                    3d:8e:b4:72:1c:ab:f7:42:29:c3:82:5d:8a:97:e4:
                    53:d4:2a:cb:67:77:a0:a4:83:f3:3c:4e:82:6d:1b:
                    80:d9:13:03:4b:06:63:08:de:0e:2a:d9:6e:5e:d6:
                    9e:0a:78:63:b7:9d:91:9f:ea:35:9d:f6:c3:dd:1f:
                    5c:74:47:9b:32:16:2c:f7:c3:79:87:97:00:2f:1b:
                    07:50:4b:ce:63:2f:d5:12:13:71:40:55:3a:c6:7e:
                    8f:68:4a:b6:0f:22:22:e7:3b:6a:fe:48:c3:e5:cd:
                    15:65:3c:3d:40:a4:9b:a2:d8:0e:e7:f1:2b:b2:c8:
                    7d:67:0d:29:90:67:7f:7d:0a:91:96:10:00:46:0d:
                    2e:44:a0:50:fb:46:53:48:00:5b:92:93:b1:89:f1:
                    a3:47:1b:cc:a4:f6:69:22:d8:30:c0:e5:8b:fb:88:
                    5a:dd:78:c7:30:ef:de:f0:0c:46:b0:57:b8:71:13:
                    d3:0e:04:d8:cb:36:d2:8f:9a:d7:78:7d:4e:8d:89:
                    47:01:36:5f:48:bd:bb:7b:28:cd:22:9f:e8:59:ce:
                    c5:a7:73:a2:a9:57:6b:86:75:6b:c1:87:c4:4d:10:
                    4b:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:1F:04:DC:AE:87:64:40:AE:5E:1F:90:72:B7:F2:01:B3:03:1F:D2
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:d4:b5:f8:cd:47:7c:e5:ba:ce:18:8b:48:08:a7:08:96:74:
         97:d1:69:1a:fd:77:31:bf:2c:8c:9b:d8:a8:a7:e2:27:2f:cb:
         dd:0f:37:81:11:52:1c:c2:66:e0:cc:77:59:9a:03:d8:0c:be:
         2b:ef:ce:62:19:c2:b4:b4:76:7a:7b:05:f0:3d:e3:6b:e0:e7:
         57:75:45:44:ed:b6:6d:79:c7:9d:5e:9a:75:d0:d9:1d:82:d1:
         c0:78:bc:19:12:43:0c:1c:07:bc:ae:4d:a4:48:49:60:6e:d5:
         43:32:3a:8c:bf:71:e0:32:07:68:f1:8e:29:dc:6d:52:d7:03:
         a5:31:e2:30:44:2b:52:7b:97:1e:0a:09:37:c2:6b:42:b1:53:
         9d:8e:f6:cd:c9:c5:86:1b:d9:10:ff:9e:67:9f:95:d5:de:2e:
         d4:42:fb:42:7b:9d:a8:e0:1b:2e:31:e0:5c:fc:53:db:20:57:
         43:32:25:14:19:a5:bc:15:4c:4f:06:83:a7:06:32:55:6f:de:
         d5:79:50:3b:e5:38:da:bb:13:3d:0a:8a:51:bf:98:8c:6d:2f:
         ab:e2:98:75:1e:e9:5d:88:a9:98:90:60:f5:bf:41:44:a0:dc:
         71:71:a9:62:a7:09:69:45:26:7b:ca:a2:f5:46:94:23:35:5d:
         8e:30:33:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYvfx07kbmjHHv4rUkSEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjYwNDE3MDMwMTMzWhcNMjYwNDE4MDMwMTMzWjAzMTEwLwYDVQQD
EyhkYTFmMDRkY2FlODc2NDQwYWU1ZTFmOTA3MmI3ZjIwMWIzMDMxZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1z4rwS41n7+dWGzZ0iWXpYMVCFh
RTPIa78TpRo9jrRyHKv3QinDgl2Kl+RT1CrLZ3egpIPzPE6CbRuA2RMDSwZjCN4O
KtluXtaeCnhjt52Rn+o1nfbD3R9cdEebMhYs98N5h5cALxsHUEvOYy/VEhNxQFU6
xn6PaEq2DyIi5ztq/kjD5c0VZTw9QKSbotgO5/Erssh9Zw0pkGd/fQqRlhAARg0u
RKBQ+0ZTSABbkpOxifGjRxvMpPZpItgwwOWL+4ha3XjHMO/e8AxGsFe4cRPTDgTY
yzbSj5rXeH1OjYlHATZfSL27eyjNIp/oWc7Fp3OiqVdrhnVrwYfETRBLdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNofBNyuh2RArl4fkHK38gGzAx/SMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADtS1+M1H
fOW6zhiLSAinCJZ0l9FpGv13Mb8sjJvYqKfiJy/L3Q83gRFSHMJm4Mx3WZoD2Ay+
K+/OYhnCtLR2ensF8D3ja+DnV3VFRO22bXnHnV6addDZHYLRwHi8GRJDDBwHvK5N
pEhJYG7VQzI6jL9x4DIHaPGOKdxtUtcDpTHiMEQrUnuXHgoJN8JrQrFTnY72zcnF
hhvZEP+eZ5+V1d4u1EL7QnudqOAbLjHgXPxT2yBXQzIlFBmlvBVMTwaDpwYyVW/e
1XlQO+U42rsTPQqKUb+YjG0vq+KYdR7pXYipmJBg9b9BRKDccXGpYqcJaUUme8qi
9UaUIzVdjjAz0Q==
-----END CERTIFICATE-----