Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
File:                     hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft (raw, json)
Hash identifier:          gGjoUPFR9ElUxmbfDk6Pu+6iA8+eljMPeVJdDN7OPpA=
Subject key identifier:   EC:27:0F:67:11:DE:8B:4A:A9:3D:F9:AA:3E:7C:5C:AF:DA:0D:46:BD
Authority key identifier: 85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4
Certificate issuer:       /CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
Certificate serial:       019D28F201F5A9FB0576BBF98BBDF6605CE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 07:00:41 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:41 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:41 +0000
Files and hashes:         1: hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl (hash: NmNyvNNMv/OHmP+vx50HiU6y5vWy77BOdt7UrFlB+vs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:01:f5:a9:fb:05:76:bb:f9:8b:bd:f6:60:5c:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
        Validity
            Not Before: Mar 26 07:00:41 2026 GMT
            Not After : Mar 27 07:00:41 2026 GMT
        Subject: CN=ec270f6711de8b4aa93df9aa3e7c5cafda0d46bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c9:d6:8d:50:2f:db:51:01:be:d5:d6:91:61:
                    cb:6a:e4:30:b0:b0:1d:20:90:43:d2:2c:91:13:76:
                    fe:1a:cb:0b:5e:71:aa:10:25:d3:ab:ec:4e:b8:6c:
                    81:5f:13:bc:c8:5a:77:8f:8f:4b:96:02:99:03:a2:
                    d7:33:bd:d5:1e:0b:2f:60:db:09:f0:37:bd:8a:68:
                    ba:2b:a6:e9:e9:81:93:cb:c2:4c:1d:a0:f0:31:61:
                    5e:70:c7:71:3e:94:65:5d:1c:61:14:ee:33:5c:d1:
                    63:cc:82:be:d3:df:79:4a:fe:89:46:26:0e:78:d3:
                    ec:07:29:12:89:bf:a9:46:5f:9a:bd:54:a7:c0:80:
                    f1:ab:7c:27:fe:a9:e0:ad:ff:f0:ea:b8:bc:ab:87:
                    c2:1a:ff:57:61:8d:11:d4:90:3e:25:7c:16:7e:01:
                    64:e8:1d:0f:e6:8e:65:d3:d6:12:85:e0:46:7a:3a:
                    29:72:40:da:49:20:9e:3d:cb:ba:c8:6a:db:f7:e8:
                    90:cd:4d:e2:4c:5b:aa:1e:d1:75:28:ce:bc:ef:79:
                    89:21:1a:f0:dd:a9:df:a1:9a:c8:cc:97:f8:b0:9a:
                    5f:5d:d6:3c:68:9b:90:d6:56:1a:31:2b:02:8e:64:
                    55:c6:e3:3c:58:38:40:20:3e:cb:25:62:25:22:27:
                    0d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:27:0F:67:11:DE:8B:4A:A9:3D:F9:AA:3E:7C:5C:AF:DA:0D:46:BD
            X509v3 Authority Key Identifier:
                keyid:85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:04:d4:99:13:86:88:6b:00:bc:1b:d6:8d:ad:3d:f6:0b:e5:
         dc:49:46:1f:f8:be:89:21:71:b8:1b:36:5d:6b:71:30:df:b9:
         30:81:5e:4e:d2:cf:ec:50:db:b6:76:56:98:12:23:cc:13:12:
         6d:d3:9d:6b:b8:3e:7f:29:20:fb:00:03:cc:84:6f:96:ca:fc:
         97:a7:f7:81:7c:00:9c:f2:23:7f:92:a8:cb:5d:bf:2b:9e:d5:
         ae:e0:31:9a:65:3e:d3:28:16:2e:c2:9e:20:a3:ed:d3:5a:bc:
         ab:d1:82:fb:48:56:a9:ec:b7:53:28:01:f1:d4:15:ff:73:c6:
         c9:16:99:eb:5b:cc:5e:65:7c:6d:ab:fb:02:c9:34:61:07:e0:
         04:81:2c:0a:49:c8:d6:96:84:47:ab:fc:c4:51:a2:fb:3f:d9:
         45:ae:37:10:4e:98:37:f5:70:41:f9:0c:40:ce:af:34:e7:c7:
         27:7e:f0:d0:6d:2a:55:2e:e5:e7:4a:ab:9c:85:6d:f9:b2:c3:
         d1:40:ea:39:96:19:69:8e:dd:32:83:06:ce:5a:98:30:95:a4:
         92:37:3f:c2:f1:db:e3:52:53:e6:95:5c:1b:08:d1:d0:53:63:
         6b:f0:6f:b4:72:63:a6:5f:fd:a4:4e:ad:23:2d:d2:01:ce:b3:
         29:d6:11:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8gH1qfsFdrv5i732YFziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDEyM2U0Y2UyYjgwZWJmMTJlNDNmZWU0YjFjMThjNWM3
M2QzYjQwHhcNMjYwMzI2MDcwMDQxWhcNMjYwMzI3MDcwMDQxWjAzMTEwLwYDVQQD
EyhlYzI3MGY2NzExZGU4YjRhYTkzZGY5YWEzZTdjNWNhZmRhMGQ0NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8nWjVAv21EBvtXWkWHLauQwsLAd
IJBD0iyRE3b+GssLXnGqECXTq+xOuGyBXxO8yFp3j49LlgKZA6LXM73VHgsvYNsJ
8De9imi6K6bp6YGTy8JMHaDwMWFecMdxPpRlXRxhFO4zXNFjzIK+0995Sv6JRiYO
eNPsBykSib+pRl+avVSnwIDxq3wn/qngrf/w6ri8q4fCGv9XYY0R1JA+JXwWfgFk
6B0P5o5l09YSheBGejopckDaSSCePcu6yGrb9+iQzU3iTFuqHtF1KM6873mJIRrw
3anfoZrIzJf4sJpfXdY8aJuQ1lYaMSsCjmRVxuM8WDhAID7LJWIlIicN1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOwnD2cR3otKqT35qj58XK/aDUa9MB8GA1UdIwQY
MBaAFIUBI+TOK4Dr8S5D/uSxwYxcc9O0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEt
MTYzMjBkMDE0YzA0LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEtMTYzMjBkMDE0YzA0
LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjwTUmROG
iGsAvBvWja099gvl3ElGH/i+iSFxuBs2XWtxMN+5MIFeTtLP7FDbtnZWmBIjzBMS
bdOda7g+fykg+wADzIRvlsr8l6f3gXwAnPIjf5Koy12/K57VruAxmmU+0ygWLsKe
IKPt01q8q9GC+0hWqey3UygB8dQV/3PGyRaZ61vMXmV8bav7Ask0YQfgBIEsCknI
1paER6v8xFGi+z/ZRa43EE6YN/VwQfkMQM6vNOfHJ37w0G0qVS7l50qrnIVt+bLD
0UDqOZYZaY7dMoMGzlqYMJWkkjc/wvHb41JT5pVcGwjR0FNja/BvtHJjpl/9pE6t
Iy3SAc6zKdYRzA==
-----END CERTIFICATE-----