Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
File:                     rHI58-_bN5H1vlVSmbXYFpfz0BI.mft (raw, json)
Hash identifier:          3pTkeB/jFOu+ihwZD9ZQeqQ6T2ZwKHgBik5F1v3UmYk=
Subject key identifier:   3A:3C:83:74:E8:06:C7:01:4B:D1:F5:C4:ED:EB:B5:B1:DF:3B:19:41
Authority key identifier: AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12
Certificate issuer:       /CN=ac7239f3efdb3791f5be555299b5d81697f3d012
Certificate serial:       019D2772DA373D3DE8612B89AB16431FE3E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
Manifest number:          1442
Signing time:             Thu 26 Mar 2026 00:02:11 +0000
Manifest this update:     Thu 26 Mar 2026 00:02:11 +0000
Manifest next update:     Fri 27 Mar 2026 00:02:11 +0000
Files and hashes:         1: rHI58-_bN5H1vlVSmbXYFpfz0BI.crl (hash: hsM+TKVGhH0fLHsTFxxzHRN/y7tdAfSq0yFnnFBb+gw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:da:37:3d:3d:e8:61:2b:89:ab:16:43:1f:e3:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac7239f3efdb3791f5be555299b5d81697f3d012
        Validity
            Not Before: Mar 26 00:02:11 2026 GMT
            Not After : Mar 27 00:02:11 2026 GMT
        Subject: CN=3a3c8374e806c7014bd1f5c4edebb5b1df3b1941
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:8a:15:cb:a7:8d:c2:f7:fc:98:1c:f2:be:89:
                    f8:93:62:80:73:57:53:2f:8a:23:04:3f:c0:11:7d:
                    72:ca:3e:92:ed:77:dc:0f:89:50:c2:9d:c0:85:fd:
                    f4:22:7c:cc:85:d9:11:89:74:b3:b3:c1:dd:d6:9d:
                    87:a9:0a:c5:1f:04:e8:5e:c1:ea:89:c0:54:d5:1d:
                    67:c7:18:c2:fb:ed:57:d9:6a:eb:92:ee:8c:cb:41:
                    06:b6:77:4f:ee:0c:e7:66:9c:dd:83:73:e9:63:ec:
                    c7:8d:a5:a6:41:30:0c:1b:05:5b:12:25:35:40:58:
                    51:a5:63:76:37:22:44:ae:e9:4b:ff:a1:ca:2b:01:
                    8d:60:dc:9f:46:56:80:a8:c3:45:67:79:ac:73:4d:
                    e7:e0:d7:41:b6:9c:19:78:35:79:e4:46:cf:a5:c2:
                    43:46:2d:11:87:4a:b2:09:44:8d:79:f5:30:0e:82:
                    23:d1:e7:23:1e:ca:a4:e8:8a:8a:bb:54:b4:75:bf:
                    68:ba:b2:0e:15:2e:87:39:66:95:7d:f0:9b:a1:5b:
                    6a:6c:00:28:f4:8e:71:52:a0:a2:ac:94:0d:3e:ef:
                    d4:35:36:c4:94:a0:90:68:59:a3:c4:18:28:b5:2e:
                    1c:6b:1f:8d:27:e2:3a:5e:51:c3:b8:b9:a4:0b:dc:
                    92:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:3C:83:74:E8:06:C7:01:4B:D1:F5:C4:ED:EB:B5:B1:DF:3B:19:41
            X509v3 Authority Key Identifier:
                keyid:AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:02:85:09:40:36:28:89:c8:4c:60:f9:ed:20:24:55:52:56:
         d1:40:79:4a:b4:cf:4c:96:67:19:40:b2:82:14:28:49:14:b2:
         d2:30:70:98:7f:03:c9:e4:fb:69:39:31:32:f3:17:b7:fd:19:
         3c:71:23:79:3e:61:03:82:c4:69:98:32:ee:4a:13:e9:9b:1d:
         6b:cf:1a:06:26:d8:f3:e1:fd:a7:31:22:72:cc:fb:b7:17:82:
         ca:42:7b:64:83:f8:33:66:b5:76:c7:8c:bb:79:c8:4d:1f:57:
         b9:8d:bb:87:98:05:ad:94:16:da:08:38:0e:d7:9f:46:3d:09:
         de:03:da:49:99:a5:c0:38:04:60:51:65:65:98:38:61:ab:d3:
         3d:79:60:98:07:e4:f9:ea:63:7d:ec:cf:96:1a:72:e9:9a:03:
         b2:61:5f:a3:ff:2d:25:53:6e:e6:f0:a7:28:a5:e8:c2:b3:2c:
         76:b7:1e:1f:26:9b:8e:99:9d:8b:8a:7c:50:70:b6:b6:7d:a0:
         40:d3:00:56:dc:c2:4a:cc:6b:b9:f8:1d:1d:66:b9:a3:b2:8f:
         1f:af:b9:aa:50:fa:e6:e8:df:ca:26:c8:20:8e:a2:27:7a:42:
         43:91:53:7f:dc:a2:cb:5e:86:b1:6a:b1:90:3a:af:0d:d2:0e:
         30:ad:0a:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncto3PT3oYSuJqxZDH+PkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNzIzOWYzZWZkYjM3OTFmNWJlNTU1Mjk5YjVkODE2OTdm
M2QwMTIwHhcNMjYwMzI2MDAwMjExWhcNMjYwMzI3MDAwMjExWjAzMTEwLwYDVQQD
EygzYTNjODM3NGU4MDZjNzAxNGJkMWY1YzRlZGViYjViMWRmM2IxOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYoVy6eNwvf8mBzyvon4k2KAc1dT
L4ojBD/AEX1yyj6S7XfcD4lQwp3Ahf30InzMhdkRiXSzs8Hd1p2HqQrFHwToXsHq
icBU1R1nxxjC++1X2Wrrku6My0EGtndP7gznZpzdg3PpY+zHjaWmQTAMGwVbEiU1
QFhRpWN2NyJErulL/6HKKwGNYNyfRlaAqMNFZ3msc03n4NdBtpwZeDV55EbPpcJD
Ri0Rh0qyCUSNefUwDoIj0ecjHsqk6IqKu1S0db9ourIOFS6HOWaVffCboVtqbAAo
9I5xUqCirJQNPu/UNTbElKCQaFmjxBgotS4cax+NJ+I6XlHDuLmkC9yS1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDo8g3ToBscBS9H1xO3rtbHfOxlBMB8GA1UdIwQY
MBaAFKxyOfPv2zeR9b5VUpm12BaX89ASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQt
Y2NmYzdmMDdiOWNiLzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQtY2NmYzdmMDdiOWNi
LzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARgKFCUA2
KInITGD57SAkVVJW0UB5SrTPTJZnGUCyghQoSRSy0jBwmH8DyeT7aTkxMvMXt/0Z
PHEjeT5hA4LEaZgy7koT6Zsda88aBibY8+H9pzEicsz7txeCykJ7ZIP4M2a1dseM
u3nITR9XuY27h5gFrZQW2gg4DtefRj0J3gPaSZmlwDgEYFFlZZg4YavTPXlgmAfk
+epjfezPlhpy6ZoDsmFfo/8tJVNu5vCnKKXowrMsdrceHyabjpmdi4p8UHC2tn2g
QNMAVtzCSsxrufgdHWa5o7KPH6+5qlD65ujfyibIII6iJ3pCQ5FTf9yiy16GsWqx
kDqvDdIOMK0K5Q==
-----END CERTIFICATE-----