Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft
File:                     hgLiX_EiDtSqju94wzpyKrWIP40.mft (raw, json)
Hash identifier:          B+8k+1CinF3CsfVd6aMl+cLWb2ZtS+k+qERO4qOle6k=
Subject key identifier:   6E:22:D6:DC:40:6B:06:31:10:A7:40:37:B4:37:21:56:D1:BE:06:DA
Authority key identifier: 86:02:E2:5F:F1:22:0E:D4:AA:8E:EF:78:C3:3A:72:2A:B5:88:3F:8D
Certificate issuer:       /CN=8602e25ff1220ed4aa8eef78c33a722ab5883f8d
Certificate serial:       019D2AE0DC16B40078272E59F7B4517CABA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft
Manifest number:          033C
Signing time:             Thu 26 Mar 2026 16:01:12 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:12 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:12 +0000
Files and hashes:         1: hgLiX_EiDtSqju94wzpyKrWIP40.crl (hash: ZQjp0qEVbHmepREXMHvsgWYrre3UCc+i+4Z5XrASCCk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:dc:16:b4:00:78:27:2e:59:f7:b4:51:7c:ab:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8602e25ff1220ed4aa8eef78c33a722ab5883f8d
        Validity
            Not Before: Mar 26 16:01:12 2026 GMT
            Not After : Mar 27 16:01:12 2026 GMT
        Subject: CN=6e22d6dc406b063110a74037b4372156d1be06da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:33:2b:ae:2b:59:9d:25:4c:af:27:cb:6a:98:
                    44:6e:46:a8:3e:fa:11:ca:5c:b2:ec:2a:37:19:50:
                    56:47:19:d6:d9:f9:51:04:45:24:8d:c0:4a:4c:04:
                    11:9c:13:0f:95:c5:1b:1f:1e:17:fe:ec:85:50:bd:
                    1e:e7:65:2a:98:3b:53:04:41:ff:31:8f:97:68:6b:
                    e6:ae:62:d2:49:fb:6e:13:72:d3:23:ff:df:cc:f9:
                    28:d8:35:44:05:4d:47:2d:ec:d6:59:85:fe:b4:32:
                    db:26:af:c4:9a:a3:2e:cf:33:c2:7f:e7:40:7c:e6:
                    a0:e7:36:11:58:7c:e3:f7:99:23:bc:58:49:b8:e9:
                    73:90:81:1d:54:fc:8c:5b:77:48:bc:68:ea:88:90:
                    90:67:f0:29:68:8c:26:3e:36:fd:ac:62:48:ed:38:
                    09:0b:14:bd:22:4c:0a:05:ce:55:e4:20:c0:cd:85:
                    4e:a3:b7:f0:c9:89:73:26:13:55:df:f6:55:be:c7:
                    08:bc:76:00:a4:9d:6c:ff:30:bd:dc:d7:ee:1a:64:
                    a0:12:f5:a1:d0:a4:d6:1b:38:30:40:80:7d:5e:d0:
                    1f:44:9f:f0:98:15:43:4f:b7:49:67:3d:c2:cb:d6:
                    36:9f:52:20:54:34:e2:55:39:8c:61:0d:d8:86:d0:
                    5c:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:22:D6:DC:40:6B:06:31:10:A7:40:37:B4:37:21:56:D1:BE:06:DA
            X509v3 Authority Key Identifier:
                keyid:86:02:E2:5F:F1:22:0E:D4:AA:8E:EF:78:C3:3A:72:2A:B5:88:3F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:a2:92:ef:3c:1f:5e:56:05:f3:24:9b:c3:b5:fd:e8:a2:e9:
         b5:d9:e3:c6:2b:30:32:38:af:d1:9f:ec:a6:e1:29:52:63:1a:
         84:8a:b4:66:31:4e:20:aa:65:21:8f:ba:82:e5:78:15:5c:d9:
         0c:d3:c0:d1:ec:bc:3d:54:39:f6:6a:a8:64:9d:0b:9d:85:02:
         ea:b0:72:51:e8:7b:d9:88:fa:f6:f5:2b:3f:0f:67:35:13:4a:
         0d:ea:08:55:58:6d:8b:4c:a1:71:50:d6:98:a1:84:bc:52:5a:
         39:7d:f3:df:15:de:df:32:87:41:ca:38:1e:fc:6d:8b:18:c7:
         b9:01:72:c0:9c:44:a0:83:7d:50:b8:54:7f:37:ce:25:16:47:
         a4:03:2e:b2:24:66:2e:fa:2d:93:ed:c8:50:1d:5e:1e:c9:70:
         3b:c8:a9:33:2f:d8:1b:f7:35:bf:83:24:14:de:1b:b1:99:9f:
         52:7c:79:0b:b2:8f:a5:fc:2b:9c:8a:23:76:5b:72:c7:1c:bd:
         87:04:cf:9d:d5:21:8e:ff:05:03:81:97:3b:9e:ae:f1:bf:a5:
         e3:f3:b9:3a:a1:cb:f5:2c:10:b8:bd:08:57:35:9b:cb:a3:be:
         f7:11:e2:41:b2:4e:d0:f1:9b:5d:77:37:3f:1e:02:62:6d:9c:
         90:3b:c6:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4NwWtAB4Jy5Z97RRfKugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MDJlMjVmZjEyMjBlZDRhYThlZWY3OGMzM2E3MjJhYjU4
ODNmOGQwHhcNMjYwMzI2MTYwMTEyWhcNMjYwMzI3MTYwMTEyWjAzMTEwLwYDVQQD
Eyg2ZTIyZDZkYzQwNmIwNjMxMTBhNzQwMzdiNDM3MjE1NmQxYmUwNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDMrritZnSVMryfLaphEbkaoPvoR
ylyy7Co3GVBWRxnW2flRBEUkjcBKTAQRnBMPlcUbHx4X/uyFUL0e52UqmDtTBEH/
MY+XaGvmrmLSSftuE3LTI//fzPko2DVEBU1HLezWWYX+tDLbJq/EmqMuzzPCf+dA
fOag5zYRWHzj95kjvFhJuOlzkIEdVPyMW3dIvGjqiJCQZ/ApaIwmPjb9rGJI7TgJ
CxS9IkwKBc5V5CDAzYVOo7fwyYlzJhNV3/ZVvscIvHYApJ1s/zC93NfuGmSgEvWh
0KTWGzgwQIB9XtAfRJ/wmBVDT7dJZz3Cy9Y2n1IgVDTiVTmMYQ3YhtBc3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG4i1txAawYxEKdAN7Q3IVbRvgbaMB8GA1UdIwQY
MBaAFIYC4l/xIg7Uqo7veMM6ciq1iD+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jMmUzODAtZjk1NS00ZmViLTllZjgt
NDgxZjQ1N2UxYjg5LzEvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jMmUzODAtZjk1NS00ZmViLTllZjgtNDgxZjQ1N2UxYjg5
LzEvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ6KS7zwf
XlYF8ySbw7X96KLptdnjxiswMjiv0Z/spuEpUmMahIq0ZjFOIKplIY+6guV4FVzZ
DNPA0ey8PVQ59mqoZJ0LnYUC6rByUeh72Yj69vUrPw9nNRNKDeoIVVhti0yhcVDW
mKGEvFJaOX3z3xXe3zKHQco4HvxtixjHuQFywJxEoIN9ULhUfzfOJRZHpAMusiRm
Lvotk+3IUB1eHslwO8ipMy/YG/c1v4MkFN4bsZmfUnx5C7KPpfwrnIojdltyxxy9
hwTPndUhjv8FA4GXO56u8b+l4/O5OqHL9SwQuL0IVzWby6O+9xHiQbJO0PGbXXc3
Px4CYm2ckDvGqQ==
-----END CERTIFICATE-----