Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
File:                     HpICrmewRlNH1t35D2Ri-ubk5kM.mft (raw, json)
Hash identifier:          6KhVaDs/XzNlwmujeKsaWJMuYN2kNNiRSRYdmwEoBEc=
Subject key identifier:   BF:A2:EE:85:1B:90:82:CE:6B:E3:F6:61:A5:B4:4C:7E:E4:32:B3:C9
Authority key identifier: 1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43
Certificate issuer:       /CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643
Certificate serial:       019D29CE7E5A79EF1E3D6A48A69329CEF614
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
Manifest number:          0D31
Signing time:             Thu 26 Mar 2026 11:01:31 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:31 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:31 +0000
Files and hashes:         1: HpICrmewRlNH1t35D2Ri-ubk5kM.crl (hash: 99SmT7wbVt7mgK/XKxm+G/8zSN3XkbSmI7TQnaqVm80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:7e:5a:79:ef:1e:3d:6a:48:a6:93:29:ce:f6:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643
        Validity
            Not Before: Mar 26 11:01:31 2026 GMT
            Not After : Mar 27 11:01:31 2026 GMT
        Subject: CN=bfa2ee851b9082ce6be3f661a5b44c7ee432b3c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:2b:aa:49:f4:34:c2:94:18:0d:00:75:fc:03:
                    69:df:7a:ec:1f:7f:a6:8c:16:ce:b9:b3:be:36:5e:
                    ef:ea:19:21:ba:ea:01:cd:f9:87:b3:30:f1:8e:2f:
                    2c:96:3f:8a:06:c7:d6:da:96:dd:5a:05:30:c9:bc:
                    c0:45:91:a2:17:43:c5:f6:10:fd:40:42:86:71:d8:
                    85:00:87:68:f5:e8:a8:b8:f2:bc:56:92:ea:ef:5a:
                    7d:37:b1:e4:7d:e1:0a:13:4e:3e:d2:0a:f1:40:24:
                    79:90:fd:12:1e:3c:bb:4a:ef:9e:18:20:d8:e6:a0:
                    a1:82:6c:7c:d2:54:3f:8e:6b:1e:1f:13:fa:b9:49:
                    fc:5c:21:c8:71:07:05:ba:be:1e:0d:0b:8d:1c:34:
                    0f:9e:0e:a9:1b:97:57:08:38:3f:7c:e6:20:30:90:
                    fa:51:34:53:c7:00:c6:14:bc:cd:4b:92:29:69:7e:
                    5c:d1:e8:c1:4b:6a:7e:a5:d6:cd:20:8f:85:e9:b4:
                    76:3e:a8:be:6a:33:17:f7:e9:2b:66:c8:f0:10:15:
                    d5:a7:9f:e4:8e:c9:1b:3a:22:33:7b:00:20:ce:af:
                    28:4a:a3:fb:90:52:e1:02:37:ef:33:f9:12:54:36:
                    8a:3e:c1:2e:7b:9f:c6:a1:3e:17:d7:3d:c0:03:b5:
                    ca:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:A2:EE:85:1B:90:82:CE:6B:E3:F6:61:A5:B4:4C:7E:E4:32:B3:C9
            X509v3 Authority Key Identifier:
                keyid:1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:13:52:b7:b9:5b:1d:16:66:a6:d9:01:43:68:61:09:60:45:
         93:90:17:03:5f:31:0d:51:93:f3:8b:0d:c0:4e:83:0d:98:53:
         3d:38:25:35:14:b9:3c:7e:93:63:5c:d3:0d:70:7b:e6:37:b4:
         8b:8c:2f:29:4c:d0:30:3a:84:a4:d8:51:f3:56:d8:a7:af:f1:
         eb:3f:15:d4:67:cd:f1:ca:9d:16:e0:d0:72:2a:fe:a6:61:63:
         af:59:32:2e:45:5d:9a:fd:9c:12:25:31:8b:28:83:14:54:4c:
         d4:c4:78:9b:48:4f:71:f2:83:0e:13:ec:51:8e:b2:14:5a:3a:
         3d:ab:40:97:cf:68:3e:8b:14:b4:a2:33:d3:52:ed:5a:74:13:
         b8:d0:95:3e:e3:b4:17:c4:57:f9:80:bb:01:d0:71:5d:f6:a6:
         c4:ff:df:4c:b2:ea:55:88:6f:0d:3f:7c:a0:47:0d:d0:51:c4:
         ba:a4:1e:fd:95:4a:01:92:42:25:c5:a9:3d:98:15:e7:a7:bd:
         01:8d:12:f4:c0:b7:96:6a:0c:9c:dc:04:49:13:86:ca:5b:b7:
         6b:8e:d9:dd:8b:71:ef:7b:9b:aa:52:c5:9d:c9:ab:76:a0:f5:
         e9:4a:19:e8:a8:50:a8:7e:31:3a:37:88:a1:17:9e:e3:2b:56:
         fc:50:59:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzn5aee8ePWpIppMpzvYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTIwMmFlNjdiMDQ2NTM0N2Q2ZGRmOTBmNjQ2MmZhZTZl
NGU2NDMwHhcNMjYwMzI2MTEwMTMxWhcNMjYwMzI3MTEwMTMxWjAzMTEwLwYDVQQD
EyhiZmEyZWU4NTFiOTA4MmNlNmJlM2Y2NjFhNWI0NGM3ZWU0MzJiM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCuqSfQ0wpQYDQB1/ANp33rsH3+m
jBbOubO+Nl7v6hkhuuoBzfmHszDxji8slj+KBsfW2pbdWgUwybzARZGiF0PF9hD9
QEKGcdiFAIdo9eiouPK8VpLq71p9N7HkfeEKE04+0grxQCR5kP0SHjy7Su+eGCDY
5qChgmx80lQ/jmseHxP6uUn8XCHIcQcFur4eDQuNHDQPng6pG5dXCDg/fOYgMJD6
UTRTxwDGFLzNS5IpaX5c0ejBS2p+pdbNII+F6bR2Pqi+ajMX9+krZsjwEBXVp5/k
jskbOiIzewAgzq8oSqP7kFLhAjfvM/kSVDaKPsEue5/GoT4X1z3AA7XK1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+i7oUbkILOa+P2YaW0TH7kMrPJMB8GA1UdIwQY
MBaAFB6SAq5nsEZTR9bd+Q9kYvrm5OZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEt
NTQwYTM0OGRkMjIzLzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEtNTQwYTM0OGRkMjIz
LzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXRNSt7lb
HRZmptkBQ2hhCWBFk5AXA18xDVGT84sNwE6DDZhTPTglNRS5PH6TY1zTDXB75je0
i4wvKUzQMDqEpNhR81bYp6/x6z8V1GfN8cqdFuDQcir+pmFjr1kyLkVdmv2cEiUx
iyiDFFRM1MR4m0hPcfKDDhPsUY6yFFo6PatAl89oPosUtKIz01LtWnQTuNCVPuO0
F8RX+YC7AdBxXfamxP/fTLLqVYhvDT98oEcN0FHEuqQe/ZVKAZJCJcWpPZgV56e9
AY0S9MC3lmoMnNwESROGylu3a47Z3Ytx73ubqlLFncmrdqD16UoZ6KhQqH4xOjeI
oRee4ytW/FBZEQ==
-----END CERTIFICATE-----