Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
File:                     hheg4tbmBy6I03dN18z78HochjI.mft (raw, json)
Hash identifier:          FUXzpFxBVOmVZPPGoiAT9mC14gfh8GMBj7fu6StlMKw=
Subject key identifier:   4E:43:01:C5:08:B1:AE:26:39:F9:B3:4C:C5:19:95:3F:B6:DE:61:EB
Authority key identifier: 86:17:A0:E2:D6:E6:07:2E:88:D3:77:4D:D7:CC:FB:F0:7A:1C:86:32
Certificate issuer:       /CN=8617a0e2d6e6072e88d3774dd7ccfbf07a1c8632
Certificate serial:       019D2A3C4F1E9B63353E448E18F62507397E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
Manifest number:          1479
Signing time:             Thu 26 Mar 2026 13:01:28 +0000
Manifest this update:     Thu 26 Mar 2026 13:01:28 +0000
Manifest next update:     Fri 27 Mar 2026 13:01:28 +0000
Files and hashes:         1: hheg4tbmBy6I03dN18z78HochjI.crl (hash: gLDciZmgGSjhqSeCwC0DbAvUHhDR9JRb4HqlwLc1Z/w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3c:4f:1e:9b:63:35:3e:44:8e:18:f6:25:07:39:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8617a0e2d6e6072e88d3774dd7ccfbf07a1c8632
        Validity
            Not Before: Mar 26 13:01:28 2026 GMT
            Not After : Mar 27 13:01:28 2026 GMT
        Subject: CN=4e4301c508b1ae2639f9b34cc519953fb6de61eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:2b:5b:9d:47:07:b4:e2:70:37:70:2d:c4:68:
                    49:aa:84:b9:f0:4a:62:45:68:1a:8c:af:7e:2d:df:
                    7a:02:d7:76:2f:69:b2:c5:fe:6a:e8:e5:0e:da:ed:
                    3f:74:ad:df:cb:11:e5:bb:66:37:42:d3:e8:dd:ed:
                    ec:29:87:1f:9f:e2:6a:b1:38:1b:dd:cb:e3:be:07:
                    27:44:bd:4d:b7:fd:ce:94:3a:cb:c7:56:ae:0d:16:
                    53:a9:8f:5a:c0:f9:91:d7:ff:4f:ab:be:9c:6f:98:
                    fe:6a:51:11:c6:d9:2b:b0:98:8d:b8:ea:ea:bf:0c:
                    ba:ba:21:38:ce:2f:8e:59:a6:18:cf:54:e5:9a:ce:
                    66:0d:d8:d7:d6:4c:b7:ce:07:04:ef:1b:54:16:b0:
                    3d:ed:15:fc:68:4a:09:e9:e5:62:c9:6d:b4:4e:20:
                    76:b9:bf:69:df:9d:e4:84:97:b6:48:b9:28:79:56:
                    03:9d:06:7c:4c:85:38:b6:da:94:25:29:4f:52:86:
                    66:31:62:4d:ae:21:4a:25:c2:15:05:75:b2:ff:24:
                    f8:d4:be:b1:d7:a9:64:13:66:c1:2c:9d:0b:4f:95:
                    ae:e3:22:30:43:a2:07:54:c6:48:5c:9e:ec:07:ee:
                    53:a3:39:a4:29:3b:1f:15:d0:85:9e:f8:6c:53:b7:
                    36:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:43:01:C5:08:B1:AE:26:39:F9:B3:4C:C5:19:95:3F:B6:DE:61:EB
            X509v3 Authority Key Identifier:
                keyid:86:17:A0:E2:D6:E6:07:2E:88:D3:77:4D:D7:CC:FB:F0:7A:1C:86:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:c5:f6:33:22:16:f9:9f:e1:db:fb:70:3a:cf:97:ab:d8:a5:
         94:5c:3c:8e:a6:2a:15:48:41:c2:45:7b:27:7d:c9:03:33:0b:
         ba:82:60:97:80:82:39:31:88:ab:83:42:40:a9:a7:91:25:ac:
         85:37:04:5e:a3:cb:17:f5:ec:c1:ea:d6:79:42:2d:e4:55:e3:
         c3:22:53:9d:25:68:6f:16:99:45:f4:e2:60:e8:71:4f:1c:63:
         78:e2:89:2d:4d:ab:86:8c:d8:e5:ca:91:48:a6:25:5d:2e:c2:
         72:64:e0:93:cc:30:17:ac:ff:ad:42:89:c3:8a:b1:fe:b5:bb:
         72:dc:68:b9:a5:fb:ba:72:38:12:57:ca:60:ca:40:43:88:a3:
         1b:de:6b:37:31:0c:5b:4f:59:85:5f:cc:09:a4:c7:25:f0:2a:
         27:3f:9b:f1:d1:39:f5:77:c8:63:43:a9:68:20:23:67:0f:38:
         99:c7:27:43:c9:f4:cb:ec:e4:af:f6:1a:98:b1:e1:99:bf:90:
         3c:99:76:5b:f8:05:1f:cb:7f:1b:4e:6e:b4:c9:71:2d:10:1d:
         11:19:00:28:2c:51:e9:d1:71:16:f6:53:c7:e8:8d:d8:8b:2d:
         8f:69:52:16:04:ed:a4:ef:22:cf:5e:b4:b5:0f:c6:77:b7:f7:
         2c:28:0d:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qPE8em2M1PkSOGPYlBzl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTdhMGUyZDZlNjA3MmU4OGQzNzc0ZGQ3Y2NmYmYwN2Ex
Yzg2MzIwHhcNMjYwMzI2MTMwMTI4WhcNMjYwMzI3MTMwMTI4WjAzMTEwLwYDVQQD
Eyg0ZTQzMDFjNTA4YjFhZTI2MzlmOWIzNGNjNTE5OTUzZmI2ZGU2MWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkitbnUcHtOJwN3AtxGhJqoS58Epi
RWgajK9+Ld96Atd2L2myxf5q6OUO2u0/dK3fyxHlu2Y3QtPo3e3sKYcfn+JqsTgb
3cvjvgcnRL1Nt/3OlDrLx1auDRZTqY9awPmR1/9Pq76cb5j+alERxtkrsJiNuOrq
vwy6uiE4zi+OWaYYz1Tlms5mDdjX1ky3zgcE7xtUFrA97RX8aEoJ6eViyW20TiB2
ub9p353khJe2SLkoeVYDnQZ8TIU4ttqUJSlPUoZmMWJNriFKJcIVBXWy/yT41L6x
16lkE2bBLJ0LT5Wu4yIwQ6IHVMZIXJ7sB+5TozmkKTsfFdCFnvhsU7c2QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5DAcUIsa4mOfmzTMUZlT+23mHrMB8GA1UdIwQY
MBaAFIYXoOLW5gcuiNN3TdfM+/B6HIYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yZDE4YWYtNTg5Mi00MDdmLWI5Njgt
ZWJkYzMyYTZhYjI3LzEvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yZDE4YWYtNTg5Mi00MDdmLWI5NjgtZWJkYzMyYTZhYjI3
LzEvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMMX2MyIW
+Z/h2/twOs+Xq9illFw8jqYqFUhBwkV7J33JAzMLuoJgl4CCOTGIq4NCQKmnkSWs
hTcEXqPLF/XswerWeUIt5FXjwyJTnSVobxaZRfTiYOhxTxxjeOKJLU2rhozY5cqR
SKYlXS7CcmTgk8wwF6z/rUKJw4qx/rW7ctxouaX7unI4ElfKYMpAQ4ijG95rNzEM
W09ZhV/MCaTHJfAqJz+b8dE59XfIY0OpaCAjZw84mccnQ8n0y+zkr/YamLHhmb+Q
PJl2W/gFH8t/G05utMlxLRAdERkAKCxR6dFxFvZTx+iN2Istj2lSFgTtpO8iz160
tQ/Gd7f3LCgNVw==
-----END CERTIFICATE-----