Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          Gzhl6vXzEwELWkGrE88xKaF9jXQRGP7eK2o/KOYFeMo=
Subject key identifier:   86:DC:09:C2:E2:8A:F5:DF:30:14:A7:EE:1A:8E:52:58:08:85:98:0D
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       019D28BB55F1DE8C2A1EEF351972AFFB88AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          1147
Signing time:             Thu 26 Mar 2026 06:00:58 +0000
Manifest this update:     Thu 26 Mar 2026 06:00:58 +0000
Manifest next update:     Fri 27 Mar 2026 06:00:58 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: /+eEWacGjRbhgbEkrIil5oSNNYWrESAorwBGZdB+SZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:55:f1:de:8c:2a:1e:ef:35:19:72:af:fb:88:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Mar 26 06:00:58 2026 GMT
            Not After : Mar 27 06:00:58 2026 GMT
        Subject: CN=86dc09c2e28af5df3014a7ee1a8e52580885980d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:96:bb:19:6e:f9:4b:cb:e1:0e:f5:da:42:09:
                    d3:bb:3f:f0:fe:7b:5f:00:90:99:e5:a0:ba:94:b1:
                    30:e4:1b:15:cf:37:2f:b1:08:e9:41:59:c5:28:15:
                    c5:89:ab:14:0a:4a:1b:7e:14:6e:79:58:16:ef:aa:
                    5b:87:db:63:c9:99:1c:0a:1e:66:9e:f7:d8:21:33:
                    18:40:57:ca:c6:86:8d:7f:39:e3:14:c4:05:e0:d9:
                    c5:48:9d:e8:3e:f1:2f:ab:91:d5:5f:2b:6f:97:a9:
                    ed:11:53:95:c0:27:95:74:9a:35:bb:4c:ea:6f:57:
                    08:55:e5:ca:e7:2d:5a:e1:84:bf:59:81:d1:9c:f7:
                    25:0f:23:05:1d:ef:a9:1c:13:29:65:a1:41:8c:c6:
                    79:7b:6e:46:15:0b:e5:81:aa:d7:80:e9:14:98:10:
                    04:83:5e:c9:64:11:ae:f3:bd:4c:6c:96:68:3b:10:
                    35:18:d6:a6:39:e0:be:5c:5a:cc:4b:c1:6b:a2:7d:
                    4c:25:ec:42:9b:90:bb:11:9e:39:53:57:0b:e9:70:
                    86:d3:16:37:de:21:5a:03:9c:67:04:04:c9:fb:0e:
                    d9:d3:80:8e:84:0d:06:6d:3e:e5:1b:26:45:c4:b5:
                    34:1a:76:98:38:fa:5a:d3:f6:66:ce:70:06:6e:cd:
                    0f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:DC:09:C2:E2:8A:F5:DF:30:14:A7:EE:1A:8E:52:58:08:85:98:0D
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:80:c8:7f:50:72:3b:62:8c:04:e0:ae:bd:a7:c2:ce:50:28:
         d1:7a:3c:9c:4e:04:2b:b8:d4:fa:cf:84:90:43:95:52:ee:66:
         89:21:8f:cf:de:8a:6d:14:92:43:37:40:0e:ec:af:fc:9c:b9:
         85:e0:b7:2e:06:93:b7:55:e0:3f:90:5e:58:cb:a6:08:03:f5:
         65:74:78:82:b4:18:9c:09:38:c1:01:2d:23:ea:1b:a3:20:5a:
         41:a9:b9:21:f3:d0:0b:01:a6:42:0c:8b:78:d6:27:24:dc:e9:
         f7:c1:e6:22:29:63:88:ea:b2:7e:79:5f:69:6a:f6:40:ca:a9:
         48:05:4d:82:36:c8:c8:92:fc:97:d3:2e:88:6c:b7:6f:12:bd:
         4b:7c:df:72:f5:87:70:e4:52:45:20:dc:5d:44:18:99:c0:50:
         3e:0b:64:20:75:54:6f:fe:8b:e6:e7:71:3c:fb:c0:ad:0a:e6:
         b4:25:22:4e:3e:c5:e2:7c:df:97:45:0a:14:70:d3:00:8c:fe:
         e0:37:a5:59:68:f5:10:19:c4:90:86:be:a7:e2:9b:5f:9a:52:
         e7:a8:d2:e6:4d:11:b2:02:d1:01:f3:37:27:04:92:0a:a2:6a:
         96:6f:e0:1d:2e:48:61:43:0b:74:44:21:24:ae:9f:8d:63:c1:
         eb:42:40:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou1Xx3owqHu81GXKv+4itMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjYwMzI2MDYwMDU4WhcNMjYwMzI3MDYwMDU4WjAzMTEwLwYDVQQD
Eyg4NmRjMDljMmUyOGFmNWRmMzAxNGE3ZWUxYThlNTI1ODA4ODU5ODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpa7GW75S8vhDvXaQgnTuz/w/ntf
AJCZ5aC6lLEw5BsVzzcvsQjpQVnFKBXFiasUCkobfhRueVgW76pbh9tjyZkcCh5m
nvfYITMYQFfKxoaNfznjFMQF4NnFSJ3oPvEvq5HVXytvl6ntEVOVwCeVdJo1u0zq
b1cIVeXK5y1a4YS/WYHRnPclDyMFHe+pHBMpZaFBjMZ5e25GFQvlgarXgOkUmBAE
g17JZBGu871MbJZoOxA1GNamOeC+XFrMS8Fron1MJexCm5C7EZ45U1cL6XCG0xY3
3iFaA5xnBATJ+w7Z04COhA0GbT7lGyZFxLU0GnaYOPpa0/ZmznAGbs0PaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbcCcLiivXfMBSn7hqOUlgIhZgNMB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcIDIf1By
O2KMBOCuvafCzlAo0Xo8nE4EK7jU+s+EkEOVUu5miSGPz96KbRSSQzdADuyv/Jy5
heC3LgaTt1XgP5BeWMumCAP1ZXR4grQYnAk4wQEtI+oboyBaQam5IfPQCwGmQgyL
eNYnJNzp98HmIiljiOqyfnlfaWr2QMqpSAVNgjbIyJL8l9MuiGy3bxK9S3zfcvWH
cORSRSDcXUQYmcBQPgtkIHVUb/6L5udxPPvArQrmtCUiTj7F4nzfl0UKFHDTAIz+
4DelWWj1EBnEkIa+p+KbX5pS56jS5k0RsgLRAfM3JwSSCqJqlm/gHS5IYUMLdEQh
JK6fjWPB60JAMQ==
-----END CERTIFICATE-----