Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          O2zh3SiOPJao5dZxQwBNTlsBwM7whXblVtl2Dg7XGVk=
Subject key identifier:   79:C6:AD:B2:20:C0:A2:D6:79:BF:46:26:35:D3:78:94:A0:84:7E:7A
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       019D329A6BF832457B380AEDE9E5FC127A79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          0D02
Signing time:             Sat 28 Mar 2026 04:01:13 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:13 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:13 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: CEGRQggNHjymSpjxZvhVxh6OQP/cwOjqw3wURUZ0MHM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:6b:f8:32:45:7b:38:0a:ed:e9:e5:fc:12:7a:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Mar 28 04:01:13 2026 GMT
            Not After : Mar 29 04:01:13 2026 GMT
        Subject: CN=79c6adb220c0a2d679bf462635d37894a0847e7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:50:6a:5e:76:5c:39:3c:c3:c4:6b:6b:c1:d6:
                    d9:79:fe:d0:61:42:91:74:7f:7f:8e:71:31:d3:fa:
                    10:5f:b8:cf:74:e5:29:23:63:56:f5:7d:2d:c3:58:
                    f2:d4:73:f5:94:26:35:5a:bb:6b:99:8b:98:a1:f1:
                    0d:1b:2c:ce:f6:b5:ea:ab:9e:ef:57:5d:d7:97:cf:
                    6b:b6:80:5c:76:7b:cb:87:fd:82:af:a5:64:21:94:
                    94:df:1a:c1:a6:6a:9d:5a:8b:be:ac:7f:2e:ce:27:
                    c4:1e:0a:f4:5a:ef:57:0b:e0:99:4a:ee:6a:60:77:
                    08:9b:ff:d1:fd:15:da:06:19:70:21:76:21:8e:4f:
                    86:af:ee:6e:ae:a1:96:8e:d5:fc:5d:4b:32:6a:b0:
                    cb:4d:d9:96:13:e0:41:d3:64:b0:e2:e0:e3:c3:36:
                    e7:76:91:2e:5f:c7:53:88:25:ea:17:3d:57:cd:4a:
                    09:a2:af:e1:bd:33:64:69:ce:6f:68:c1:4d:c6:87:
                    fa:30:45:d1:85:d3:9d:73:a5:71:7d:dc:8f:69:78:
                    1c:ab:24:f4:52:16:5b:96:99:29:f1:1e:35:29:19:
                    77:a1:43:f2:cc:41:9b:61:08:cb:8f:06:2f:8a:a2:
                    09:89:54:1c:37:fc:38:53:3e:fb:25:0b:ee:ff:b7:
                    c8:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:C6:AD:B2:20:C0:A2:D6:79:BF:46:26:35:D3:78:94:A0:84:7E:7A
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:e2:15:04:0f:d6:44:cf:84:6f:f9:5d:18:9d:9d:fb:c9:10:
         1b:d4:21:10:fa:c6:60:09:30:2c:08:31:32:c1:d3:4f:ae:e9:
         56:1c:a6:cb:69:30:ac:ec:5b:ef:ac:57:b1:ca:e8:65:58:5f:
         fd:d4:10:56:a9:6e:c4:26:28:80:6f:33:2f:08:cf:2e:e9:c1:
         0c:b9:02:80:e6:51:90:3f:78:01:33:7d:21:dd:f4:3e:35:cf:
         b5:62:05:0f:77:f8:72:3a:d2:93:39:17:e0:af:7a:a5:79:0c:
         b6:21:f1:1e:f6:bc:cd:e0:4a:9a:57:59:a5:0a:c4:2b:2c:50:
         ca:9d:3c:f0:fa:f0:9d:87:55:33:b4:cc:0d:2b:2d:38:98:57:
         36:7f:60:48:42:34:b0:2d:6b:6e:a0:77:c0:8f:88:76:fd:d4:
         bc:a4:e3:af:39:e9:96:02:2e:21:03:a8:53:78:40:1b:f7:11:
         ca:8c:81:52:b6:dd:bb:56:68:df:f3:d8:68:fb:59:20:49:49:
         28:a3:d0:73:b6:5a:06:45:a0:b7:27:69:8b:d2:6c:f1:77:a9:
         bc:f8:60:68:e8:68:af:17:53:61:69:63:49:7d:74:06:8e:39:
         e5:44:4e:bf:71:eb:89:6b:87:50:a6:a4:55:c8:4b:97:ad:b1:
         29:13:f9:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymmv4MkV7OArt6eX8Enp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjYwMzI4MDQwMTEzWhcNMjYwMzI5MDQwMTEzWjAzMTEwLwYDVQQD
Eyg3OWM2YWRiMjIwYzBhMmQ2NzliZjQ2MjYzNWQzNzg5NGEwODQ3ZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolBqXnZcOTzDxGtrwdbZef7QYUKR
dH9/jnEx0/oQX7jPdOUpI2NW9X0tw1jy1HP1lCY1WrtrmYuYofENGyzO9rXqq57v
V13Xl89rtoBcdnvLh/2Cr6VkIZSU3xrBpmqdWou+rH8uzifEHgr0Wu9XC+CZSu5q
YHcIm//R/RXaBhlwIXYhjk+Gr+5urqGWjtX8XUsyarDLTdmWE+BB02Sw4uDjwzbn
dpEuX8dTiCXqFz1XzUoJoq/hvTNkac5vaMFNxof6MEXRhdOdc6VxfdyPaXgcqyT0
UhZblpkp8R41KRl3oUPyzEGbYQjLjwYviqIJiVQcN/w4Uz77JQvu/7fI1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHnGrbIgwKLWeb9GJjXTeJSghH56MB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWuIVBA/W
RM+Eb/ldGJ2d+8kQG9QhEPrGYAkwLAgxMsHTT67pVhymy2kwrOxb76xXscroZVhf
/dQQVqluxCYogG8zLwjPLunBDLkCgOZRkD94ATN9Id30PjXPtWIFD3f4cjrSkzkX
4K96pXkMtiHxHva8zeBKmldZpQrEKyxQyp088PrwnYdVM7TMDSstOJhXNn9gSEI0
sC1rbqB3wI+Idv3UvKTjrznplgIuIQOoU3hAG/cRyoyBUrbdu1Zo3/PYaPtZIElJ
KKPQc7ZaBkWgtydpi9Js8XepvPhgaOhorxdTYWljSX10Bo455UROv3HriWuHUKak
VchLl62xKRP51Q==
-----END CERTIFICATE-----