Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
File:                     hqSVrmh0HnnVjjiGviqoeMSME7Y.mft (raw, json)
Hash identifier:          Y+pkYdESSRIeXk7wA+6LpPOwAP4fsNWOHv5ltZQDoAc=
Subject key identifier:   69:67:93:79:D8:4B:C0:6A:C2:21:7D:9C:73:5E:27:CC:A2:BD:51:48
Authority key identifier: 86:A4:95:AE:68:74:1E:79:D5:8E:38:86:BE:2A:A8:78:C4:8C:13:B6
Certificate issuer:       /CN=86a495ae68741e79d58e3886be2aa878c48c13b6
Certificate serial:       019D3375DEADA1EE25ACED9EA19C86DF9F2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
Manifest number:          1889
Signing time:             Sat 28 Mar 2026 08:00:55 +0000
Manifest this update:     Sat 28 Mar 2026 08:00:55 +0000
Manifest next update:     Sun 29 Mar 2026 08:00:55 +0000
Files and hashes:         1: hqSVrmh0HnnVjjiGviqoeMSME7Y.crl (hash: zW6beqXq4lnZbZim9bMIHOt8v2LeYdXuBdZX5QIQ0a8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 08:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:75:de:ad:a1:ee:25:ac:ed:9e:a1:9c:86:df:9f:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86a495ae68741e79d58e3886be2aa878c48c13b6
        Validity
            Not Before: Mar 28 08:00:55 2026 GMT
            Not After : Mar 29 08:00:55 2026 GMT
        Subject: CN=69679379d84bc06ac2217d9c735e27cca2bd5148
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:cd:bb:aa:55:28:14:a7:41:13:09:8d:b8:2e:
                    39:d8:79:62:49:eb:3f:56:b5:56:63:fc:12:52:65:
                    02:c8:2d:dc:e6:d0:25:12:77:95:43:a9:5f:d0:d7:
                    80:44:60:35:1b:6e:1c:8f:0c:5a:62:ac:9f:46:a4:
                    59:47:f1:19:e1:f4:0d:7b:86:39:9e:e6:bd:13:35:
                    9a:2a:47:96:17:cf:09:9c:b2:15:7f:89:78:85:0c:
                    42:f5:99:d7:dd:ac:ad:60:f7:26:99:c2:90:c7:22:
                    55:c6:2d:dd:e4:9c:3f:ef:2b:07:0e:e7:5e:53:02:
                    8f:5a:df:1e:ff:d0:d4:43:d7:7a:16:25:63:0d:ff:
                    aa:4d:7f:4b:b8:6e:25:55:d0:b1:3a:13:99:4d:da:
                    99:3e:e8:93:9d:27:f7:4d:c0:1c:55:d0:fa:ff:38:
                    a4:8f:46:3c:65:3f:b1:b9:a1:ac:12:fd:ad:f8:13:
                    25:8a:38:31:90:73:ec:db:70:8e:25:d0:8d:0b:c0:
                    b7:e5:c0:68:ce:4c:b7:c8:0f:e5:84:0e:33:9f:92:
                    89:6f:7e:02:27:d8:d8:7b:e3:24:3e:30:ae:8b:bf:
                    c7:96:07:67:6f:2a:0a:7d:0b:f5:4f:55:cc:e8:f1:
                    03:55:10:85:d3:53:42:16:70:23:f6:3b:3e:83:c6:
                    51:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:67:93:79:D8:4B:C0:6A:C2:21:7D:9C:73:5E:27:CC:A2:BD:51:48
            X509v3 Authority Key Identifier:
                keyid:86:A4:95:AE:68:74:1E:79:D5:8E:38:86:BE:2A:A8:78:C4:8C:13:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:47:34:cd:f4:47:71:a6:02:5d:81:99:46:92:df:4f:98:0b:
         38:e4:eb:42:04:ee:b3:0a:c1:0b:59:5c:91:13:cf:dd:a6:25:
         2c:b2:6c:70:e9:81:97:e2:a0:c0:e6:31:00:35:16:b0:4a:88:
         75:29:ec:3e:a0:cd:13:9c:42:e7:cc:02:17:91:8a:63:4c:a8:
         df:2e:05:41:6c:0f:c9:dc:70:2b:86:6a:29:26:99:50:1a:76:
         0b:b2:72:df:36:fd:42:12:37:01:75:34:0c:d5:94:7b:ad:18:
         bd:c8:48:19:bb:8f:a7:b6:83:37:a3:ee:69:25:11:43:ad:d0:
         fb:0b:9d:3c:21:27:42:48:4b:e2:14:af:0a:ab:b2:24:e1:35:
         19:3c:03:9d:fa:dd:43:d5:1f:48:22:5d:08:f2:8b:e6:a6:14:
         6b:cf:3c:e7:bb:d3:87:a7:9d:f6:86:af:00:a9:73:47:d0:1a:
         5b:08:40:ee:1f:1d:b2:ab:ee:12:6d:a4:4a:fc:6d:b8:6f:6f:
         0e:a4:fa:6a:2b:a1:38:46:47:f0:23:8f:f1:26:66:5a:7b:97:
         b0:ae:27:9d:86:12:f1:6a:be:82:4b:61:5c:3b:cb:fc:f9:af:
         2e:53:7d:e8:75:84:bd:80:dc:92:51:c5:3a:69:da:21:cc:bd:
         03:79:99:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zdd6toe4lrO2eoZyG358sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTQ5NWFlNjg3NDFlNzlkNThlMzg4NmJlMmFhODc4YzQ4
YzEzYjYwHhcNMjYwMzI4MDgwMDU1WhcNMjYwMzI5MDgwMDU1WjAzMTEwLwYDVQQD
Eyg2OTY3OTM3OWQ4NGJjMDZhYzIyMTdkOWM3MzVlMjdjY2EyYmQ1MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw827qlUoFKdBEwmNuC452HliSes/
VrVWY/wSUmUCyC3c5tAlEneVQ6lf0NeARGA1G24cjwxaYqyfRqRZR/EZ4fQNe4Y5
nua9EzWaKkeWF88JnLIVf4l4hQxC9ZnX3aytYPcmmcKQxyJVxi3d5Jw/7ysHDude
UwKPWt8e/9DUQ9d6FiVjDf+qTX9LuG4lVdCxOhOZTdqZPuiTnSf3TcAcVdD6/zik
j0Y8ZT+xuaGsEv2t+BMlijgxkHPs23COJdCNC8C35cBozky3yA/lhA4zn5KJb34C
J9jYe+MkPjCui7/HlgdnbyoKfQv1T1XM6PEDVRCF01NCFnAj9js+g8ZRCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlnk3nYS8BqwiF9nHNeJ8yivVFIMB8GA1UdIwQY
MBaAFIakla5odB551Y44hr4qqHjEjBO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xNWMzOWMtZjdkNC00YTFmLWE0OWEt
NDkxOGIwMjc0MmM3LzEvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xNWMzOWMtZjdkNC00YTFmLWE0OWEtNDkxOGIwMjc0MmM3
LzEvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz0c0zfRH
caYCXYGZRpLfT5gLOOTrQgTuswrBC1lckRPP3aYlLLJscOmBl+KgwOYxADUWsEqI
dSnsPqDNE5xC58wCF5GKY0yo3y4FQWwPydxwK4ZqKSaZUBp2C7Jy3zb9QhI3AXU0
DNWUe60YvchIGbuPp7aDN6PuaSURQ63Q+wudPCEnQkhL4hSvCquyJOE1GTwDnfrd
Q9UfSCJdCPKL5qYUa88857vTh6ed9oavAKlzR9AaWwhA7h8dsqvuEm2kSvxtuG9v
DqT6aiuhOEZH8COP8SZmWnuXsK4nnYYS8Wq+gkthXDvL/PmvLlN96HWEvYDcklHF
OmnaIcy9A3mZ2Q==
-----END CERTIFICATE-----