Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
File:                     HjaTxfrT8hak_3rIbO6yOwBDg10.mft (raw, json)
Hash identifier:          8NuqpOG6WN4eoEeeppbbbfbrJsc72gUX7GkNNPUVSJs=
Subject key identifier:   ED:C5:79:9E:2B:9E:A2:BE:2C:76:E5:4C:28:5D:81:C2:4F:AA:8E:B2
Authority key identifier: 1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D
Certificate issuer:       /CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
Certificate serial:       019D284E128DD7C94AADFB2C10B74BD6909E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
Manifest number:          0D52
Signing time:             Thu 26 Mar 2026 04:01:38 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:38 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:38 +0000
Files and hashes:         1: HjaTxfrT8hak_3rIbO6yOwBDg10.crl (hash: CyoDgh+FtKyENOAwvpXlG4X61OC+onxq1S5A9RDxT5w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 04:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:12:8d:d7:c9:4a:ad:fb:2c:10:b7:4b:d6:90:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
        Validity
            Not Before: Mar 26 04:01:38 2026 GMT
            Not After : Mar 27 04:01:38 2026 GMT
        Subject: CN=edc5799e2b9ea2be2c76e54c285d81c24faa8eb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:43:79:b1:76:b9:7c:5c:a3:f5:99:b4:4e:ad:
                    54:e8:26:bc:55:9c:e1:63:4e:95:fe:67:ac:b2:43:
                    31:cd:2b:8b:15:95:ee:d9:62:c6:9e:78:1e:7b:95:
                    d2:7b:81:22:4a:98:76:b9:76:bd:82:78:ae:b2:44:
                    cd:14:d0:76:3f:96:e6:55:75:7f:9f:a9:b2:4b:62:
                    a2:e6:c4:70:cb:79:7c:e3:28:e1:2e:81:35:13:75:
                    6b:75:7d:49:57:67:70:37:e7:8a:e0:e5:cd:63:9b:
                    6b:8c:db:b7:ec:4a:06:94:01:77:27:0e:51:6b:2c:
                    40:bc:36:1b:b8:60:66:a5:41:11:a8:fc:a7:6a:31:
                    38:6d:57:53:25:de:b6:ee:b7:75:b4:78:64:d1:b2:
                    b1:8b:2a:51:a0:f7:b9:dc:a6:44:47:be:9a:32:55:
                    11:9c:99:cb:4f:d6:b1:3e:55:67:da:d8:57:c7:5e:
                    c2:09:2c:20:86:d8:fe:35:6f:28:00:f4:b8:51:38:
                    eb:2d:2b:71:04:0c:aa:8f:65:f8:22:8d:63:46:60:
                    93:71:3c:de:e4:a0:82:ff:48:fd:eb:d8:aa:b9:b6:
                    1a:84:d8:9f:99:43:d6:69:fd:2b:80:b6:35:4b:6f:
                    03:3c:dc:d7:bd:1e:e1:20:30:cf:c3:8f:cf:48:c7:
                    ab:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:C5:79:9E:2B:9E:A2:BE:2C:76:E5:4C:28:5D:81:C2:4F:AA:8E:B2
            X509v3 Authority Key Identifier:
                keyid:1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:fb:eb:1c:bf:26:c3:a5:dd:78:90:e3:85:d6:0f:4c:fc:a3:
         f0:bf:c4:03:a5:53:64:b8:3f:65:e0:97:40:e0:5b:69:9a:da:
         2e:b1:a1:cc:7c:f8:50:4f:a3:61:5c:42:d1:bb:41:2b:b0:d3:
         82:12:1d:07:68:37:10:fe:c1:16:a5:14:5a:76:3a:a5:83:dc:
         f4:27:aa:cd:87:c2:e9:46:e1:b3:c1:7f:94:ec:36:0c:05:57:
         5a:74:6d:5a:2d:19:88:b2:b9:03:af:95:3f:e9:c3:d2:09:a1:
         da:f0:65:1c:ab:d0:40:e1:9a:93:69:7d:9a:aa:07:0c:fe:ef:
         0c:41:d0:62:13:c6:01:bc:10:cc:71:1c:57:0f:71:c5:9c:7a:
         72:9c:d6:f1:22:5f:1b:79:3f:f2:6e:dd:36:26:e3:53:5b:26:
         05:4b:44:cd:d5:91:d3:d0:b4:30:5c:0f:62:da:72:c4:3a:2b:
         82:6d:c9:18:5b:80:3b:c7:a1:63:de:f0:42:0a:15:91:8f:8e:
         fa:0a:5d:38:6a:19:39:29:15:f9:54:b3:63:65:2e:de:f8:01:
         0c:e2:f8:e5:f7:e2:10:10:37:a6:a6:2a:58:84:31:1e:5c:41:
         a0:8f:6a:bd:16:be:49:35:df:1e:9a:25:07:ee:fc:8c:c8:cd:
         e3:8f:8c:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oThKN18lKrfssELdL1pCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzY5M2M1ZmFkM2YyMTZhNGZmN2FjODZjZWViMjNiMDA0
MzgzNWQwHhcNMjYwMzI2MDQwMTM4WhcNMjYwMzI3MDQwMTM4WjAzMTEwLwYDVQQD
EyhlZGM1Nzk5ZTJiOWVhMmJlMmM3NmU1NGMyODVkODFjMjRmYWE4ZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUN5sXa5fFyj9Zm0Tq1U6Ca8VZzh
Y06V/messkMxzSuLFZXu2WLGnngee5XSe4EiSph2uXa9gniuskTNFNB2P5bmVXV/
n6myS2Ki5sRwy3l84yjhLoE1E3VrdX1JV2dwN+eK4OXNY5trjNu37EoGlAF3Jw5R
ayxAvDYbuGBmpUERqPynajE4bVdTJd627rd1tHhk0bKxiypRoPe53KZER76aMlUR
nJnLT9axPlVn2thXx17CCSwghtj+NW8oAPS4UTjrLStxBAyqj2X4Io1jRmCTcTze
5KCC/0j969iqubYahNifmUPWaf0rgLY1S28DPNzXvR7hIDDPw4/PSMerpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3FeZ4rnqK+LHblTChdgcJPqo6yMB8GA1UdIwQY
MBaAFB42k8X60/IWpP96yGzusjsAQ4NdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQt
NDIxMTUxOGQ5OGE0LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQtNDIxMTUxOGQ5OGE0
LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhvvrHL8m
w6XdeJDjhdYPTPyj8L/EA6VTZLg/ZeCXQOBbaZraLrGhzHz4UE+jYVxC0btBK7DT
ghIdB2g3EP7BFqUUWnY6pYPc9CeqzYfC6Ubhs8F/lOw2DAVXWnRtWi0ZiLK5A6+V
P+nD0gmh2vBlHKvQQOGak2l9mqoHDP7vDEHQYhPGAbwQzHEcVw9xxZx6cpzW8SJf
G3k/8m7dNibjU1smBUtEzdWR09C0MFwPYtpyxDorgm3JGFuAO8ehY97wQgoVkY+O
+gpdOGoZOSkV+VSzY2Uu3vgBDOL45ffiEBA3pqYqWIQxHlxBoI9qvRa+STXfHpol
B+78jMjN44+MNA==
-----END CERTIFICATE-----