Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          Ge3b12sxOhJ2k5qDJomt1kADD/cKhLkMBYFM4WvCLrE=
Subject key identifier:   A7:A9:65:8C:18:7A:44:BB:3F:79:79:88:F3:9C:4E:A6:66:0F:EE:17
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       019D28F2FB50FF69B44AAC6E9280AB512336
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0D64
Signing time:             Thu 26 Mar 2026 07:01:45 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:45 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:45 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: bct8xqUYjsNmWQylT7kC7iUjWJ5pX86kjLtJuDsGNiI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:fb:50:ff:69:b4:4a:ac:6e:92:80:ab:51:23:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: Mar 26 07:01:45 2026 GMT
            Not After : Mar 27 07:01:45 2026 GMT
        Subject: CN=a7a9658c187a44bb3f797988f39c4ea6660fee17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:8d:5e:32:14:7f:2b:b0:ae:43:58:c3:57:18:
                    a8:23:f5:90:8d:76:98:2d:ae:dc:85:34:52:cb:fa:
                    9c:cc:e9:f7:23:63:c4:04:bc:75:93:3a:c6:df:3a:
                    0d:97:0b:0a:76:3f:b0:cd:3f:59:0f:d6:ff:13:f5:
                    cd:6b:69:3b:c7:c9:e0:cd:51:05:a9:01:ed:d9:bd:
                    d1:93:a2:ff:56:79:10:8b:5a:bf:14:6c:28:9e:c3:
                    e7:c0:9f:76:14:2e:7c:a7:49:de:e6:32:c2:90:32:
                    66:24:ac:14:76:13:d1:8c:90:4c:5b:cb:cd:33:01:
                    66:ae:8d:44:eb:3a:3d:48:a2:af:45:c9:5d:b6:88:
                    27:21:41:91:16:e5:cc:99:93:58:59:9d:d7:d6:69:
                    fa:fb:0d:d5:7a:66:09:c8:fd:aa:db:3f:a6:9d:a0:
                    10:b3:9b:87:10:67:bf:6d:6c:bb:90:33:ff:1d:ad:
                    a2:8c:8a:a4:c2:19:fb:db:bd:9c:46:21:3f:88:3a:
                    bf:f0:34:6b:98:0d:62:c5:7d:3b:fa:bd:cd:c9:f3:
                    b0:46:e2:e2:0e:03:7a:54:54:5d:c6:dc:c8:ec:b7:
                    3a:f0:eb:ba:a4:e7:0a:30:be:0c:8c:c3:fa:e2:56:
                    90:2e:6d:1b:50:e0:b8:76:4a:af:da:ce:5b:9c:14:
                    c2:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:A9:65:8C:18:7A:44:BB:3F:79:79:88:F3:9C:4E:A6:66:0F:EE:17
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:b9:dd:05:f9:dc:dd:7c:0e:02:4e:e5:8d:c7:26:6c:55:67:
         c0:75:ef:0e:00:b2:4b:cf:2c:38:7d:72:d3:ca:9b:17:6b:3a:
         33:8c:a6:0f:e9:ad:6e:52:9f:0a:06:be:57:fc:43:c4:27:b9:
         95:c5:f1:69:4c:40:c2:07:ed:4c:ce:98:38:d4:7a:6c:ad:18:
         1c:ca:7a:ac:ab:c0:bb:fc:d6:e4:22:03:a4:de:08:aa:9f:77:
         99:e7:8b:81:c1:e9:8a:ad:61:da:5d:7f:76:f8:43:b9:68:dc:
         7c:88:c8:76:1f:87:77:0c:5a:a6:66:14:59:29:20:27:e8:ef:
         60:a1:03:dd:37:a9:78:16:52:ef:2a:fe:2c:d0:b5:c6:a0:e8:
         13:09:2b:eb:5a:cf:01:18:43:e6:b4:ee:80:c7:2e:70:27:c6:
         07:de:4c:24:d9:da:a9:d5:4e:56:db:c8:9f:04:f9:8e:76:91:
         77:0a:20:af:27:71:95:64:5f:97:7c:23:97:d0:77:69:0f:64:
         58:92:d1:72:f6:cc:c3:9a:1f:6b:b8:82:fd:1a:ba:07:cc:87:
         37:3d:d1:1d:79:34:81:a9:ef:b6:ca:1c:68:f3:74:42:c2:3a:
         40:e1:48:ef:a8:90:df:6f:58:0c:b5:ba:07:a1:f1:bc:23:81:
         84:81:00:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8vtQ/2m0SqxukoCrUSM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjYwMzI2MDcwMTQ1WhcNMjYwMzI3MDcwMTQ1WjAzMTEwLwYDVQQD
EyhhN2E5NjU4YzE4N2E0NGJiM2Y3OTc5ODhmMzljNGVhNjY2MGZlZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs41eMhR/K7CuQ1jDVxioI/WQjXaY
La7chTRSy/qczOn3I2PEBLx1kzrG3zoNlwsKdj+wzT9ZD9b/E/XNa2k7x8ngzVEF
qQHt2b3Rk6L/VnkQi1q/FGwonsPnwJ92FC58p0ne5jLCkDJmJKwUdhPRjJBMW8vN
MwFmro1E6zo9SKKvRcldtognIUGRFuXMmZNYWZ3X1mn6+w3VemYJyP2q2z+mnaAQ
s5uHEGe/bWy7kDP/Ha2ijIqkwhn7272cRiE/iDq/8DRrmA1ixX07+r3NyfOwRuLi
DgN6VFRdxtzI7Lc68Ou6pOcKML4MjMP64laQLm0bUOC4dkqv2s5bnBTCOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKepZYwYekS7P3l5iPOcTqZmD+4XMB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLndBfnc
3XwOAk7ljccmbFVnwHXvDgCyS88sOH1y08qbF2s6M4ymD+mtblKfCga+V/xDxCe5
lcXxaUxAwgftTM6YONR6bK0YHMp6rKvAu/zW5CIDpN4Iqp93meeLgcHpiq1h2l1/
dvhDuWjcfIjIdh+HdwxapmYUWSkgJ+jvYKED3TepeBZS7yr+LNC1xqDoEwkr61rP
ARhD5rTugMcucCfGB95MJNnaqdVOVtvInwT5jnaRdwogrydxlWRfl3wjl9B3aQ9k
WJLRcvbMw5ofa7iC/Rq6B8yHNz3RHXk0ganvtsocaPN0QsI6QOFI76iQ329YDLW6
B6HxvCOBhIEAgw==
-----END CERTIFICATE-----