Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          X/P1wI/6WkxnPBss7MDRhA3DRnNzqyWO9/IoJb8+hAc=
Subject key identifier:   03:A7:87:BA:20:66:1B:08:70:8E:50:6A:96:B5:D6:4D:2F:02:C3:9A
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       019D26CCF7C94DD742A5DA5CAB36B6FA79B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          0BF6
Signing time:             Wed 25 Mar 2026 21:01:00 +0000
Manifest this update:     Wed 25 Mar 2026 21:01:00 +0000
Manifest next update:     Thu 26 Mar 2026 21:01:00 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: SHMEPhA6wZ4rXRHlpYEgG3E7KBlP4nP3CH7Ail2xulA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:cc:f7:c9:4d:d7:42:a5:da:5c:ab:36:b6:fa:79:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Mar 25 21:01:00 2026 GMT
            Not After : Mar 26 21:01:00 2026 GMT
        Subject: CN=03a787ba20661b08708e506a96b5d64d2f02c39a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ed:a9:dc:bd:1a:9c:ba:8a:60:ce:fe:93:e1:
                    77:b6:99:b1:89:c0:9f:f2:80:b9:08:53:1d:70:df:
                    14:16:ea:0b:98:04:d0:ad:09:da:3a:14:c3:71:4e:
                    2b:d8:be:11:29:4a:ac:5b:50:d3:b1:d4:c0:5b:27:
                    c7:58:6c:dc:1f:b3:ae:18:cb:7e:cc:a6:ca:72:7a:
                    37:76:97:c7:04:6c:bc:85:d3:32:ef:8c:56:34:69:
                    8c:2a:85:0b:83:07:f5:3b:ef:d6:d8:66:8b:0f:0b:
                    a4:2a:96:0d:0a:57:0f:76:00:94:db:7b:ff:e7:33:
                    a6:01:e2:f6:65:36:06:7c:25:a2:8c:2a:fe:46:58:
                    3c:33:24:46:a4:42:1b:e0:e7:2a:80:cb:c0:bd:d7:
                    27:62:63:cc:14:be:c6:64:f5:7c:1b:9e:a3:fd:f8:
                    ea:cc:02:2f:aa:a9:84:85:ce:05:98:99:07:de:5a:
                    bf:28:57:9c:20:64:c1:cd:fb:76:70:84:5a:3d:d0:
                    93:15:17:f9:70:31:a2:51:7f:55:2a:5a:ed:c4:eb:
                    b4:14:b0:37:c6:0d:a6:d2:c4:d0:fd:de:91:d9:6e:
                    a6:c1:60:66:97:4a:13:6f:2c:73:2b:3e:1e:dd:30:
                    9c:69:9e:b5:c5:28:18:c9:7b:f1:1a:8a:ed:1f:bc:
                    bf:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:A7:87:BA:20:66:1B:08:70:8E:50:6A:96:B5:D6:4D:2F:02:C3:9A
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:e1:88:ed:7b:d6:cc:82:9d:6c:d0:5f:0c:05:34:b6:00:bd:
         35:cb:18:0b:c1:11:77:38:cb:e7:75:bf:d3:0d:1d:64:ca:ff:
         e1:67:29:65:4b:55:15:c0:3d:83:91:ce:f7:9e:db:8b:ab:b9:
         84:ae:b3:02:14:e8:11:c2:ae:20:38:19:d7:a5:0f:96:1c:f6:
         52:45:35:0d:2c:bc:da:cf:8e:3c:cf:d3:45:a4:16:66:99:db:
         cd:ca:48:ef:61:fa:de:1f:e9:dd:1f:79:a0:be:06:71:5f:92:
         55:3a:90:4d:db:7c:07:58:a0:9a:f6:c5:fe:7d:17:21:27:41:
         05:fe:92:4b:28:ea:75:9d:53:c6:15:c3:17:25:37:0f:5f:7d:
         a1:99:81:6b:7d:9a:5b:cb:8d:b8:c4:22:9e:ca:f0:7e:e0:a5:
         4b:3b:7c:05:5b:57:bc:3e:e0:af:4e:b6:18:f4:f3:2b:a9:a8:
         f2:fe:45:da:25:c4:67:6a:07:3a:3d:16:66:d9:d7:51:b9:3a:
         66:ff:6d:e6:e2:33:20:52:83:92:35:ad:16:1c:24:f2:4a:77:
         62:f7:15:91:4f:1d:e1:e2:14:e4:b1:78:81:23:69:9f:fe:8f:
         9a:34:de:74:b9:dd:7d:8a:93:5d:cf:7b:5b:31:bf:79:b7:b7:
         88:c5:b9:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzPfJTddCpdpcqza2+nm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjYwMzI1MjEwMTAwWhcNMjYwMzI2MjEwMTAwWjAzMTEwLwYDVQQD
EygwM2E3ODdiYTIwNjYxYjA4NzA4ZTUwNmE5NmI1ZDY0ZDJmMDJjMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+2p3L0anLqKYM7+k+F3tpmxicCf
8oC5CFMdcN8UFuoLmATQrQnaOhTDcU4r2L4RKUqsW1DTsdTAWyfHWGzcH7OuGMt+
zKbKcno3dpfHBGy8hdMy74xWNGmMKoULgwf1O+/W2GaLDwukKpYNClcPdgCU23v/
5zOmAeL2ZTYGfCWijCr+Rlg8MyRGpEIb4OcqgMvAvdcnYmPMFL7GZPV8G56j/fjq
zAIvqqmEhc4FmJkH3lq/KFecIGTBzft2cIRaPdCTFRf5cDGiUX9VKlrtxOu0FLA3
xg2m0sTQ/d6R2W6mwWBml0oTbyxzKz4e3TCcaZ61xSgYyXvxGortH7y/SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAOnh7ogZhsIcI5Qapa11k0vAsOaMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkuGI7XvW
zIKdbNBfDAU0tgC9NcsYC8ERdzjL53W/0w0dZMr/4WcpZUtVFcA9g5HO957bi6u5
hK6zAhToEcKuIDgZ16UPlhz2UkU1DSy82s+OPM/TRaQWZpnbzcpI72H63h/p3R95
oL4GcV+SVTqQTdt8B1igmvbF/n0XISdBBf6SSyjqdZ1TxhXDFyU3D199oZmBa32a
W8uNuMQinsrwfuClSzt8BVtXvD7gr062GPTzK6mo8v5F2iXEZ2oHOj0WZtnXUbk6
Zv9t5uIzIFKDkjWtFhwk8kp3YvcVkU8d4eIU5LF4gSNpn/6PmjTedLndfYqTXc97
WzG/ebe3iMW5aA==
-----END CERTIFICATE-----