Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          BozFIVoBmT40uS8oRCGGh2AjXzUNP3ZBGI4o/5ddfhQ=
Subject key identifier:   02:93:1F:33:1F:A2:BC:00:38:AF:BD:72:12:FD:1E:E7:59:95:69:A1
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       019CADC7DF19C0FD5F6C13FA12C04D039C06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 09:01:22 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:22 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:22 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: ah1DZe+JBzcJl6uxc8fWp/xJm82by7if2Nk9IwumX38=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:df:19:c0:fd:5f:6c:13:fa:12:c0:4d:03:9c:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Mar  2 09:01:22 2026 GMT
            Not After : Mar  3 09:01:22 2026 GMT
        Subject: CN=02931f331fa2bc0038afbd7212fd1ee7599569a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:44:ae:fc:86:88:86:55:a7:a0:2d:7c:c0:8c:
                    7e:74:34:c9:43:66:4a:70:66:3d:76:ac:ee:eb:62:
                    b1:ce:b7:84:f9:0e:92:26:9e:af:22:b8:2e:a0:4c:
                    bb:36:89:d5:c6:ae:a5:89:b9:70:8d:7b:68:9c:21:
                    ae:5b:74:eb:60:5f:a1:61:ba:c4:62:36:bb:41:5d:
                    11:da:6c:98:69:df:48:cd:6d:17:90:d2:84:ab:2f:
                    51:70:ca:1e:21:0b:94:9f:bd:4d:b9:9c:1a:9f:88:
                    2c:95:67:7d:ab:fb:d3:fd:c0:36:67:6f:7f:88:6a:
                    40:74:87:05:60:95:c1:2a:ce:3b:7b:ca:34:13:7b:
                    ef:77:fd:c3:20:06:5c:4c:3f:f1:94:4c:c8:4a:6d:
                    fa:45:bc:83:3f:24:91:ab:a3:f9:64:8c:c7:23:60:
                    d1:a3:55:f2:3a:3a:d2:0a:e5:39:41:b0:c4:e9:bb:
                    69:49:c9:fe:6d:6a:e8:a6:4f:31:c2:63:b1:7f:68:
                    1a:0e:ec:c8:c3:a2:f7:41:99:31:76:46:16:04:31:
                    b6:8e:3f:ae:83:58:63:65:6a:b2:b0:74:bd:31:8f:
                    ec:dc:59:80:a9:b3:26:42:01:28:86:ba:ad:58:d6:
                    f8:17:72:96:fe:56:bb:0a:36:dd:fb:23:a4:00:44:
                    07:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:93:1F:33:1F:A2:BC:00:38:AF:BD:72:12:FD:1E:E7:59:95:69:A1
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:bc:0e:48:a2:6d:ef:bb:aa:bf:b6:67:ea:7c:e4:a6:9c:45:
         24:68:a4:fd:f5:37:2e:ef:88:56:82:8e:6b:bd:7d:c6:2a:d7:
         5c:44:63:de:72:2f:f9:b0:2e:89:50:e2:81:40:ea:32:0e:84:
         62:cc:ff:83:c3:58:1f:a7:77:91:ab:47:d4:3d:ea:8b:20:96:
         48:d3:5b:b9:a3:8b:9b:f6:4d:04:14:0a:20:3b:56:cd:46:60:
         46:0f:2c:ab:b3:e3:19:b0:7a:fc:7e:45:64:cb:aa:00:ba:98:
         b0:4e:08:5d:82:f3:9c:ed:fb:03:fb:88:eb:bc:a0:f9:b7:6a:
         3e:56:4e:c3:18:12:9c:b8:5e:78:c0:f7:cf:63:af:9c:9f:ff:
         d7:73:d1:f4:a2:45:9e:03:ce:8a:b0:07:fb:35:fd:08:34:c8:
         95:96:67:81:57:41:ab:22:72:75:64:81:e5:bb:70:7d:71:0b:
         dc:b6:ca:b1:71:dc:57:78:85:2c:61:74:ae:95:3b:3c:48:de:
         e7:ae:da:16:94:ea:db:e6:22:f0:ef:c4:2f:5a:1c:28:3a:02:
         83:b9:3e:0f:9e:a3:c7:5f:f7:0a:1b:ee:3d:c7:82:d5:ed:e9:
         81:ec:77:31:35:97:67:fc:a8:b7:52:4c:60:7f:1f:f1:ac:7d:
         12:e1:8b:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx98ZwP1fbBP6EsBNA5wGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjYwMzAyMDkwMTIyWhcNMjYwMzAzMDkwMTIyWjAzMTEwLwYDVQQD
EygwMjkzMWYzMzFmYTJiYzAwMzhhZmJkNzIxMmZkMWVlNzU5OTU2OWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0Su/IaIhlWnoC18wIx+dDTJQ2ZK
cGY9dqzu62KxzreE+Q6SJp6vIrguoEy7NonVxq6liblwjXtonCGuW3TrYF+hYbrE
Yja7QV0R2myYad9IzW0XkNKEqy9RcMoeIQuUn71NuZwan4gslWd9q/vT/cA2Z29/
iGpAdIcFYJXBKs47e8o0E3vvd/3DIAZcTD/xlEzISm36RbyDPySRq6P5ZIzHI2DR
o1XyOjrSCuU5QbDE6btpScn+bWropk8xwmOxf2gaDuzIw6L3QZkxdkYWBDG2jj+u
g1hjZWqysHS9MY/s3FmAqbMmQgEohrqtWNb4F3KW/la7Cjbd+yOkAEQHnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKTHzMforwAOK+9chL9HudZlWmhMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ7wOSKJt
77uqv7Zn6nzkppxFJGik/fU3Lu+IVoKOa719xirXXERj3nIv+bAuiVDigUDqMg6E
Ysz/g8NYH6d3katH1D3qiyCWSNNbuaOLm/ZNBBQKIDtWzUZgRg8sq7PjGbB6/H5F
ZMuqALqYsE4IXYLznO37A/uI67yg+bdqPlZOwxgSnLheeMD3z2OvnJ//13PR9KJF
ngPOirAH+zX9CDTIlZZngVdBqyJydWSB5btwfXEL3LbKsXHcV3iFLGF0rpU7PEje
567aFpTq2+Yi8O/EL1ocKDoCg7k+D56jx1/3ChvuPceC1e3pgex3MTWXZ/yot1JM
YH8f8ax9EuGLCA==
-----END CERTIFICATE-----