Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
File:                     HhkRubtcij4eK4pRFl-KcaCSxo0.mft (raw, json)
Hash identifier:          Gi9m6N+SgboVdS3Bo7WAQ1xr/nA5aJA22dUBwLG+1l4=
Subject key identifier:   D6:F8:5C:DE:49:FA:74:2C:68:15:CE:57:2C:0C:85:BB:DF:07:65:0D
Authority key identifier: 1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D
Certificate issuer:       /CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
Certificate serial:       019D31F53A138B619653A54EFD599FEF60D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
Manifest number:          1444
Signing time:             Sat 28 Mar 2026 01:00:47 +0000
Manifest this update:     Sat 28 Mar 2026 01:00:47 +0000
Manifest next update:     Sun 29 Mar 2026 01:00:47 +0000
Files and hashes:         1: HhkRubtcij4eK4pRFl-KcaCSxo0.crl (hash: eiDhc7sVLFaPzD+jijsILD/gNoLPQ3D/78TaQbxXSuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:31:f5:3a:13:8b:61:96:53:a5:4e:fd:59:9f:ef:60:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
        Validity
            Not Before: Mar 28 01:00:47 2026 GMT
            Not After : Mar 29 01:00:47 2026 GMT
        Subject: CN=d6f85cde49fa742c6815ce572c0c85bbdf07650d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0c:1a:0d:7e:e4:82:d6:41:31:55:0d:27:0c:
                    b9:b5:53:36:c7:57:2d:01:f0:ff:55:05:b2:03:20:
                    fe:72:d0:69:2c:13:91:9d:ca:70:76:cc:dd:b1:bb:
                    c9:71:60:d1:94:d3:e4:77:2b:17:71:94:78:a2:61:
                    ec:43:48:97:d7:57:ea:a7:c7:cf:f7:2a:9c:a7:a1:
                    2f:f0:ba:4e:29:e9:f7:e3:87:0c:9b:2c:17:fe:5f:
                    9c:77:f9:1b:97:6d:d9:fe:4b:37:38:30:f0:61:f1:
                    da:d1:df:30:f1:73:83:8c:a6:14:32:d1:83:a0:02:
                    d9:05:a9:1f:73:f8:78:b6:53:31:65:b6:f6:d7:a1:
                    4c:d5:fb:94:7a:b0:c1:b7:a9:8b:97:fc:f6:00:b2:
                    a3:45:8e:31:6f:57:34:63:df:c4:7a:9b:dc:53:08:
                    70:38:78:11:f2:7a:dc:f1:f3:cd:5e:45:5e:cd:9e:
                    f7:3d:6d:15:0a:7a:cb:4a:b2:07:78:21:f3:1a:a8:
                    f7:d3:87:61:2f:9f:5f:ff:63:87:32:af:0c:0d:c7:
                    d6:fc:e5:37:ad:5a:a7:a4:b9:24:1b:a7:ee:fe:4a:
                    60:eb:1a:fe:8f:17:c7:d4:e8:8f:9e:ce:46:1c:b2:
                    d9:79:f3:ca:0f:af:6b:17:af:47:9e:7c:d0:2f:60:
                    a5:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:F8:5C:DE:49:FA:74:2C:68:15:CE:57:2C:0C:85:BB:DF:07:65:0D
            X509v3 Authority Key Identifier:
                keyid:1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:21:6a:32:a5:83:5f:9f:06:8d:78:85:e5:f8:69:ad:b3:33:
         d8:e2:13:cf:73:e8:dc:b3:71:35:c9:f6:7f:d2:8e:1d:4d:7d:
         28:ed:00:41:1a:36:ac:cf:47:7f:90:8b:ef:4f:e2:67:71:14:
         28:f3:03:3c:98:fc:2d:21:f5:1f:2d:ab:0a:b6:08:34:81:ef:
         b0:ea:74:ec:28:11:38:a8:e1:c0:9e:c4:9d:8c:fe:f6:e7:89:
         b0:62:7c:fc:02:0b:a2:85:e2:1f:7a:08:e0:7d:81:73:6a:a3:
         39:85:86:4e:a9:78:21:d9:11:47:4e:dc:1f:2e:90:55:ac:9e:
         9d:42:2b:dc:d4:49:de:40:91:60:1b:0b:92:75:eb:fe:4e:ff:
         57:99:7e:b4:c7:90:1f:a0:e2:1f:8b:df:c2:2a:21:5e:61:59:
         98:7d:93:31:ff:b7:31:96:5d:d2:9d:4f:72:b4:af:1d:92:fd:
         32:12:be:64:7c:7f:29:12:3a:6e:8f:ed:e5:53:de:3a:5d:e9:
         06:cb:00:0c:69:03:d4:31:cd:78:40:17:25:5b:03:a3:d3:54:
         5d:b2:f5:db:e6:a4:a2:93:4a:02:30:1d:c1:85:36:c0:a8:f1:
         38:0c:25:8e:f4:a4:66:de:85:4d:de:73:c3:17:b9:a1:f4:09:
         f7:40:31:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0x9ToTi2GWU6VO/Vmf72DQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTkxMWI5YmI1YzhhM2UxZTJiOGE1MTE2NWY4YTcxYTA5
MmM2OGQwHhcNMjYwMzI4MDEwMDQ3WhcNMjYwMzI5MDEwMDQ3WjAzMTEwLwYDVQQD
EyhkNmY4NWNkZTQ5ZmE3NDJjNjgxNWNlNTcyYzBjODViYmRmMDc2NTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgwaDX7kgtZBMVUNJwy5tVM2x1ct
AfD/VQWyAyD+ctBpLBORncpwdszdsbvJcWDRlNPkdysXcZR4omHsQ0iX11fqp8fP
9yqcp6Ev8LpOKen344cMmywX/l+cd/kbl23Z/ks3ODDwYfHa0d8w8XODjKYUMtGD
oALZBakfc/h4tlMxZbb216FM1fuUerDBt6mLl/z2ALKjRY4xb1c0Y9/EepvcUwhw
OHgR8nrc8fPNXkVezZ73PW0VCnrLSrIHeCHzGqj304dhL59f/2OHMq8MDcfW/OU3
rVqnpLkkG6fu/kpg6xr+jxfH1OiPns5GHLLZefPKD69rF69HnnzQL2ClQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNb4XN5J+nQsaBXOVywMhbvfB2UNMB8GA1UdIwQY
MBaAFB4ZEbm7XIo+HiuKURZfinGgksaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQt
Yjc2ODZiOTA2MWE1LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQtYjc2ODZiOTA2MWE1
LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHyFqMqWD
X58GjXiF5fhprbMz2OITz3Po3LNxNcn2f9KOHU19KO0AQRo2rM9Hf5CL70/iZ3EU
KPMDPJj8LSH1Hy2rCrYINIHvsOp07CgROKjhwJ7EnYz+9ueJsGJ8/AILooXiH3oI
4H2Bc2qjOYWGTql4IdkRR07cHy6QVayenUIr3NRJ3kCRYBsLknXr/k7/V5l+tMeQ
H6DiH4vfwiohXmFZmH2TMf+3MZZd0p1PcrSvHZL9MhK+ZHx/KRI6bo/t5VPeOl3p
BssADGkD1DHNeEAXJVsDo9NUXbL12+akopNKAjAdwYU2wKjxOAwljvSkZt6FTd5z
wxe5ofQJ90Axcw==
-----END CERTIFICATE-----