Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft
File:                     hRRRk1wYRkb4aHgjivsKDVqwut4.mft (raw, json)
Hash identifier:          tt2w3xVW2XuQJe1zdH5vSBFVLKfsVvk0O9D3hefSei8=
Subject key identifier:   33:78:EC:64:50:9C:6D:DE:B6:C6:70:1C:57:6F:FF:78:38:4D:94:BE
Authority key identifier: 85:14:51:93:5C:18:46:46:F8:68:78:23:8A:FB:0A:0D:5A:B0:BA:DE
Certificate issuer:       /CN=851451935c184646f86878238afb0a0d5ab0bade
Certificate serial:       019D2704A798DC5D47C1EC69684E676A6330
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft
Manifest number:          0235
Signing time:             Wed 25 Mar 2026 22:01:49 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:49 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:49 +0000
Files and hashes:         1: hRRRk1wYRkb4aHgjivsKDVqwut4.crl (hash: 3lUhu4CnkSumve2arh7ouHL+IlMdAnrE9z0Dozj6BCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:a7:98:dc:5d:47:c1:ec:69:68:4e:67:6a:63:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851451935c184646f86878238afb0a0d5ab0bade
        Validity
            Not Before: Mar 25 22:01:49 2026 GMT
            Not After : Mar 26 22:01:49 2026 GMT
        Subject: CN=3378ec64509c6ddeb6c6701c576fff78384d94be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:eb:0f:8c:bf:4f:78:11:ac:93:81:b6:51:c1:
                    37:00:de:b5:bb:06:49:a1:87:ef:c4:29:ee:43:7f:
                    1f:8c:ed:14:7f:9a:ed:bc:5c:9a:db:b3:37:d2:eb:
                    7c:af:6c:dc:d1:77:8d:a6:82:9b:9c:d1:10:a3:39:
                    e3:dc:11:a6:27:b9:b5:fe:25:6b:70:5f:f2:ec:61:
                    88:ac:c9:10:93:92:e6:87:fd:58:0d:22:bf:51:9c:
                    94:21:4a:f6:b6:df:e3:f5:2f:a5:f3:f2:8f:c9:d0:
                    96:67:7c:34:31:5a:ee:9c:84:17:33:26:70:fe:cd:
                    59:d0:e7:4e:4e:f6:39:f1:b3:2b:7c:6e:6c:1f:46:
                    ea:29:3c:ab:d3:f4:37:16:30:f7:3d:8c:e2:43:84:
                    9a:4a:ad:d9:4e:f0:c3:8e:33:02:df:ac:b4:01:07:
                    31:92:82:a6:29:4c:77:d4:c6:49:2e:5a:94:2a:48:
                    2e:b7:c6:58:c3:78:6a:75:dd:56:09:69:c4:63:75:
                    7f:8c:3d:38:33:8d:d8:e8:74:3d:a2:95:db:97:8d:
                    a0:66:b3:97:27:00:70:8e:be:2f:7e:70:6c:e9:e7:
                    43:8f:c8:78:0a:97:22:6b:9b:48:5d:ec:16:ed:93:
                    fb:73:09:f5:2d:48:f4:32:a4:1e:ac:c9:b1:ee:af:
                    0b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:78:EC:64:50:9C:6D:DE:B6:C6:70:1C:57:6F:FF:78:38:4D:94:BE
            X509v3 Authority Key Identifier:
                keyid:85:14:51:93:5C:18:46:46:F8:68:78:23:8A:FB:0A:0D:5A:B0:BA:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:0c:cf:4a:b6:72:37:86:4b:ce:9f:54:12:76:fe:9d:c0:48:
         89:8f:47:2f:a8:d8:ba:11:d8:f4:b6:98:3e:3a:f2:4b:98:eb:
         b8:38:c4:3d:e3:da:0b:a0:d6:87:28:08:20:02:54:e7:04:7a:
         1c:10:95:62:29:06:9a:7b:d4:da:ab:64:8f:81:2d:c3:c2:c2:
         76:b1:93:90:35:72:4a:5f:4d:b7:1d:26:b5:6f:eb:d5:5d:60:
         90:73:29:04:67:5d:4b:e6:72:1d:25:31:6b:47:24:5c:2c:36:
         79:31:39:d2:14:d7:30:46:e6:1e:d0:14:e0:ed:9f:6f:ec:ad:
         66:5c:ee:83:c9:04:cf:c3:2d:1e:25:88:98:23:66:8d:58:81:
         bc:77:ce:22:2d:16:a8:12:b3:30:36:fd:2d:91:b0:ab:86:8f:
         03:7a:f8:fd:db:bb:3a:a3:c8:80:35:f7:4c:0f:51:bc:a5:c2:
         c6:fc:50:1a:1d:fb:a3:c5:54:ad:a1:c1:8a:9d:c2:a3:4c:c1:
         85:4e:1b:57:84:c7:c2:e9:4d:7c:b2:72:29:78:06:e9:99:a7:
         64:4a:78:5e:0a:3f:56:57:e3:a4:18:8c:df:99:fe:ab:ab:4f:
         fc:b7:1c:0c:f1:eb:3e:95:8e:3c:7a:23:80:49:7d:a9:7e:cf:
         75:28:f1:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBKeY3F1HwexpaE5namMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MTQ1MTkzNWMxODQ2NDZmODY4NzgyMzhhZmIwYTBkNWFi
MGJhZGUwHhcNMjYwMzI1MjIwMTQ5WhcNMjYwMzI2MjIwMTQ5WjAzMTEwLwYDVQQD
EygzMzc4ZWM2NDUwOWM2ZGRlYjZjNjcwMWM1NzZmZmY3ODM4NGQ5NGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+sPjL9PeBGsk4G2UcE3AN61uwZJ
oYfvxCnuQ38fjO0Uf5rtvFya27M30ut8r2zc0XeNpoKbnNEQoznj3BGmJ7m1/iVr
cF/y7GGIrMkQk5Lmh/1YDSK/UZyUIUr2tt/j9S+l8/KPydCWZ3w0MVrunIQXMyZw
/s1Z0OdOTvY58bMrfG5sH0bqKTyr0/Q3FjD3PYziQ4SaSq3ZTvDDjjMC36y0AQcx
koKmKUx31MZJLlqUKkgut8ZYw3hqdd1WCWnEY3V/jD04M43Y6HQ9opXbl42gZrOX
JwBwjr4vfnBs6edDj8h4Cpcia5tIXewW7ZP7cwn1LUj0MqQerMmx7q8LdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDN47GRQnG3etsZwHFdv/3g4TZS+MB8GA1UdIwQY
MBaAFIUUUZNcGEZG+Gh4I4r7Cg1asLreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kYjY5YjMtNzgxZS00Y2I5LTllZGYt
NmRkNmE5YzU1ZjU3LzEvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kYjY5YjMtNzgxZS00Y2I5LTllZGYtNmRkNmE5YzU1ZjU3
LzEvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADgzPSrZy
N4ZLzp9UEnb+ncBIiY9HL6jYuhHY9LaYPjryS5jruDjEPePaC6DWhygIIAJU5wR6
HBCVYikGmnvU2qtkj4Etw8LCdrGTkDVySl9Ntx0mtW/r1V1gkHMpBGddS+ZyHSUx
a0ckXCw2eTE50hTXMEbmHtAU4O2fb+ytZlzug8kEz8MtHiWImCNmjViBvHfOIi0W
qBKzMDb9LZGwq4aPA3r4/du7OqPIgDX3TA9RvKXCxvxQGh37o8VUraHBip3Co0zB
hU4bV4THwulNfLJyKXgG6ZmnZEp4Xgo/VlfjpBiM35n+q6tP/LccDPHrPpWOPHoj
gEl9qX7PdSjxSA==
-----END CERTIFICATE-----