Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
File:                     hwCTRBAfUQ52oqserOnpp9kuTtU.mft (raw, json)
Hash identifier:          1Wb7Su4O59dm0Gc6FF/GvmvbWy+63P8pt8jokvpAmeY=
Subject key identifier:   16:17:84:28:66:D6:D2:25:C1:43:43:D1:2B:18:B5:6D:BF:6A:58:17
Authority key identifier: 87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5
Certificate issuer:       /CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
Certificate serial:       019D2704052B31EB95F1F4DC74766EDB1901
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
Manifest number:          0AE8
Signing time:             Wed 25 Mar 2026 22:01:07 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:07 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:07 +0000
Files and hashes:         1: hwCTRBAfUQ52oqserOnpp9kuTtU.crl (hash: WxO45SfStwBed8w4HSWquERbVxmFx0MJJSbMyN3jaEE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:05:2b:31:eb:95:f1:f4:dc:74:76:6e:db:19:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
        Validity
            Not Before: Mar 25 22:01:07 2026 GMT
            Not After : Mar 26 22:01:07 2026 GMT
        Subject: CN=1617842866d6d225c14343d12b18b56dbf6a5817
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:96:99:c4:67:de:18:22:85:d3:e6:46:f2:1b:
                    03:ec:42:23:f4:59:90:dc:06:4a:14:6d:a2:dc:46:
                    1f:38:53:e7:61:b5:9c:02:7e:63:25:44:aa:dc:2c:
                    8a:fb:33:69:e7:a9:b1:45:b7:0c:91:09:7a:7b:67:
                    a4:bb:24:7c:96:1e:48:94:ca:b9:ba:5d:85:f5:e0:
                    69:91:fd:9d:e5:64:66:a6:95:a0:dc:0b:b4:cf:cf:
                    70:86:2e:e1:48:95:05:3a:74:5d:7e:07:4d:8a:f1:
                    3e:ff:16:ce:60:16:cb:b8:a1:aa:63:a7:db:79:0b:
                    d9:4f:bc:f7:60:af:f2:50:96:b4:65:5c:d5:99:76:
                    fc:c7:69:91:47:bd:9f:ab:04:d5:06:86:97:fc:a3:
                    b0:ba:c5:c5:2b:d7:8c:3a:69:ad:6b:ff:84:ce:36:
                    6e:44:81:01:b7:a2:3b:bf:35:ba:bc:e8:e6:68:9e:
                    48:88:fd:c8:de:24:38:df:50:4b:e7:32:ac:6d:0f:
                    d7:06:3e:cb:8b:20:1f:47:1f:40:ae:0f:af:8f:0d:
                    9b:0b:c3:b7:ed:14:3e:8b:f5:3e:11:0e:9f:bf:80:
                    fd:7b:15:82:5b:bc:ea:73:cc:c2:e4:88:85:c8:e7:
                    c2:f0:52:65:6c:0a:a8:cd:7b:8f:b3:46:05:b2:01:
                    87:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:17:84:28:66:D6:D2:25:C1:43:43:D1:2B:18:B5:6D:BF:6A:58:17
            X509v3 Authority Key Identifier:
                keyid:87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:93:dc:6a:e9:e8:55:a2:e2:fb:4f:57:0f:59:51:d0:ad:63:
         43:72:bd:f3:46:c0:28:33:d6:d6:81:a9:27:6f:9f:d6:b5:8f:
         21:7f:dd:d9:a1:6d:24:7e:9b:9c:e1:7e:e9:b8:4c:89:90:39:
         70:18:a0:b9:91:79:ce:5c:02:00:08:a2:ec:41:74:6e:a8:d0:
         9f:5e:53:47:3e:49:93:1d:4a:ee:a3:d1:e3:11:13:1d:90:90:
         6f:03:cf:ca:d7:18:72:72:26:e0:ba:bf:1d:4b:f6:aa:7b:69:
         22:13:c1:8c:39:9a:ea:38:5d:1f:c7:8b:15:a4:8c:6e:18:3d:
         19:b2:a4:a8:71:64:fd:b7:c0:d2:9e:94:81:00:ea:fc:f6:5d:
         16:c0:ed:76:cb:b7:0c:57:71:81:76:f1:a2:85:b9:8a:00:4c:
         14:40:48:53:2c:bb:72:60:da:ff:ab:54:df:bb:3f:91:14:97:
         d3:5e:c2:9b:f4:f5:8e:d4:c6:a1:c8:8c:e0:e0:a1:ce:c3:36:
         71:11:36:bb:be:6f:24:e0:fb:4b:e5:32:d0:6f:48:0e:40:af:
         5e:af:0a:89:00:11:7d:f9:2e:43:55:1c:27:9b:f6:95:1f:1b:
         31:1f:6b:d4:02:b7:74:01:06:7d:bd:9e:c3:ff:12:1c:a6:31:
         62:ce:27:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBAUrMeuV8fTcdHZu2xkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MDA5MzQ0MTAxZjUxMGU3NmEyYWIxZWFjZTllOWE3ZDky
ZTRlZDUwHhcNMjYwMzI1MjIwMTA3WhcNMjYwMzI2MjIwMTA3WjAzMTEwLwYDVQQD
EygxNjE3ODQyODY2ZDZkMjI1YzE0MzQzZDEyYjE4YjU2ZGJmNmE1ODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJaZxGfeGCKF0+ZG8hsD7EIj9FmQ
3AZKFG2i3EYfOFPnYbWcAn5jJUSq3CyK+zNp56mxRbcMkQl6e2ekuyR8lh5IlMq5
ul2F9eBpkf2d5WRmppWg3Au0z89whi7hSJUFOnRdfgdNivE+/xbOYBbLuKGqY6fb
eQvZT7z3YK/yUJa0ZVzVmXb8x2mRR72fqwTVBoaX/KOwusXFK9eMOmmta/+EzjZu
RIEBt6I7vzW6vOjmaJ5IiP3I3iQ431BL5zKsbQ/XBj7LiyAfRx9Arg+vjw2bC8O3
7RQ+i/U+EQ6fv4D9exWCW7zqc8zC5IiFyOfC8FJlbAqozXuPs0YFsgGHlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYXhChm1tIlwUND0SsYtW2/algXMB8GA1UdIwQY
MBaAFIcAk0QQH1EOdqKrHqzp6afZLk7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDkt
ZDZhZGExMjgxNjY4LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDktZDZhZGExMjgxNjY4
LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf5Pcauno
VaLi+09XD1lR0K1jQ3K980bAKDPW1oGpJ2+f1rWPIX/d2aFtJH6bnOF+6bhMiZA5
cBiguZF5zlwCAAii7EF0bqjQn15TRz5Jkx1K7qPR4xETHZCQbwPPytcYcnIm4Lq/
HUv2qntpIhPBjDma6jhdH8eLFaSMbhg9GbKkqHFk/bfA0p6UgQDq/PZdFsDtdsu3
DFdxgXbxooW5igBMFEBIUyy7cmDa/6tU37s/kRSX017Cm/T1jtTGociM4OChzsM2
cRE2u75vJOD7S+Uy0G9IDkCvXq8KiQARffkuQ1UcJ5v2lR8bMR9r1AK3dAEGfb2e
w/8SHKYxYs4nHQ==
-----END CERTIFICATE-----