Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
File:                     ihz-evMMHHJdI25KL8Kv1wn65kQ.mft (raw, json)
Hash identifier:          teQVbSSIFDJVMmFHbqoEwroQ/wjSnquslH3bkppHY9g=
Subject key identifier:   47:A6:37:FB:F6:1E:9D:57:C7:FB:7D:53:8A:21:15:AC:4D:00:A2:83
Authority key identifier: 8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44
Certificate issuer:       /CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
Certificate serial:       019D28F29AFE83EFAB80C81928A9877D712A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
Manifest number:          0C45
Signing time:             Thu 26 Mar 2026 07:01:21 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:21 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:21 +0000
Files and hashes:         1: ihz-evMMHHJdI25KL8Kv1wn65kQ.crl (hash: tOUd8K/mKUHg6NzZV2AXNCav04IdQBGe7vI5Lz03RKE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:9a:fe:83:ef:ab:80:c8:19:28:a9:87:7d:71:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
        Validity
            Not Before: Mar 26 07:01:21 2026 GMT
            Not After : Mar 27 07:01:21 2026 GMT
        Subject: CN=47a637fbf61e9d57c7fb7d538a2115ac4d00a283
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f5:d1:06:ec:29:49:3b:c6:16:40:9e:a6:da:
                    c7:47:f8:7c:34:43:2a:c2:11:5c:98:80:0e:57:a0:
                    48:cd:ce:28:25:1c:76:75:96:8d:a9:d4:fa:f0:17:
                    54:37:f3:64:6b:42:d0:3a:d7:99:b0:72:c3:86:84:
                    77:a9:74:ab:5c:75:a7:62:81:e2:4d:f6:d1:06:80:
                    a2:3a:7f:bd:13:fc:d0:c1:df:2b:04:63:05:ef:ee:
                    e2:19:e8:54:27:87:59:dc:45:92:3f:2c:42:f3:a0:
                    74:f6:81:6d:65:8f:63:9c:fd:1e:2e:4c:53:64:67:
                    1d:0e:37:c8:fa:83:cc:cb:8c:e4:cf:da:f8:8a:76:
                    d1:3b:46:8c:c4:ac:a3:fd:88:b0:0b:8a:00:a8:e8:
                    96:ba:ce:d7:e8:3e:05:48:1d:90:70:ae:b1:c7:91:
                    83:c5:e5:bc:c3:6b:04:70:22:6b:c6:f9:b7:f9:cb:
                    b1:ec:5b:b2:12:fb:7d:bb:ec:76:e3:71:33:18:fe:
                    1c:31:23:96:a5:4a:49:c9:b8:45:f5:1e:53:15:39:
                    02:43:3f:bf:06:9e:6e:5e:5f:2e:4a:e8:fd:f1:d8:
                    fc:7f:72:e0:15:a2:a7:6b:5c:e4:b0:72:68:2d:cd:
                    43:97:21:ac:47:44:b6:ea:8b:3f:0f:1c:6f:e4:41:
                    8a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:A6:37:FB:F6:1E:9D:57:C7:FB:7D:53:8A:21:15:AC:4D:00:A2:83
            X509v3 Authority Key Identifier:
                keyid:8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:f4:6e:0a:30:ef:83:b2:b8:0f:b6:94:d1:26:d0:68:b5:d2:
         37:0f:fc:69:7c:d6:c8:58:6f:33:4e:2b:a5:a4:34:e1:e8:f9:
         46:6c:b5:65:1b:d7:fa:7c:24:9d:df:51:8e:c0:a8:a7:78:e4:
         ea:c4:70:38:a0:5c:fd:b5:82:6a:40:f0:cc:bb:76:bc:5b:9d:
         da:d9:4d:88:74:dd:6d:c5:2d:1a:ec:99:d1:77:8f:f4:2d:07:
         97:72:4f:0f:7f:fd:05:04:bb:47:fe:1e:61:7a:78:ab:72:94:
         7a:ce:bd:47:54:30:5a:35:a4:6a:86:e5:7a:e0:db:38:f7:16:
         7b:25:51:43:77:eb:64:28:25:c7:df:f3:45:6e:c5:97:cb:78:
         af:11:f3:48:ff:1c:a2:d2:26:25:d1:a0:9a:62:19:aa:37:31:
         0b:18:41:f4:1b:49:9a:5a:80:3c:16:70:87:3d:b0:d8:9d:bf:
         e6:b7:8f:7c:28:27:40:88:de:f9:f7:50:1b:33:bc:d8:a1:c5:
         42:30:ba:aa:2e:15:64:51:a9:c0:a9:ef:fc:eb:2e:1e:1b:5a:
         1b:8d:ab:7a:7a:71:9d:28:ed:9a:a1:7c:1e:e1:3f:02:e8:20:
         ee:7e:99:29:43:80:e3:2a:c2:1c:ba:96:c1:29:f8:c4:c9:94:
         cd:77:51:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8pr+g++rgMgZKKmHfXEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNmZTdhZjMwYzFjNzI1ZDIzNmU0YTJmYzJhZmQ3MDlm
YWU2NDQwHhcNMjYwMzI2MDcwMTIxWhcNMjYwMzI3MDcwMTIxWjAzMTEwLwYDVQQD
Eyg0N2E2MzdmYmY2MWU5ZDU3YzdmYjdkNTM4YTIxMTVhYzRkMDBhMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPXRBuwpSTvGFkCeptrHR/h8NEMq
whFcmIAOV6BIzc4oJRx2dZaNqdT68BdUN/Nka0LQOteZsHLDhoR3qXSrXHWnYoHi
TfbRBoCiOn+9E/zQwd8rBGMF7+7iGehUJ4dZ3EWSPyxC86B09oFtZY9jnP0eLkxT
ZGcdDjfI+oPMy4zkz9r4inbRO0aMxKyj/YiwC4oAqOiWus7X6D4FSB2QcK6xx5GD
xeW8w2sEcCJrxvm3+cux7FuyEvt9u+x243EzGP4cMSOWpUpJybhF9R5TFTkCQz+/
Bp5uXl8uSuj98dj8f3LgFaKna1zksHJoLc1DlyGsR0S26os/Dxxv5EGKDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEemN/v2Hp1Xx/t9U4ohFaxNAKKDMB8GA1UdIwQY
MBaAFIoc/nrzDBxyXSNuSi/Cr9cJ+uZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYt
YjhhM2QxNjUwMzk2LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYtYjhhM2QxNjUwMzk2
LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFfRuCjDv
g7K4D7aU0SbQaLXSNw/8aXzWyFhvM04rpaQ04ej5Rmy1ZRvX+nwknd9RjsCop3jk
6sRwOKBc/bWCakDwzLt2vFud2tlNiHTdbcUtGuyZ0XeP9C0Hl3JPD3/9BQS7R/4e
YXp4q3KUes69R1QwWjWkaobleuDbOPcWeyVRQ3frZCglx9/zRW7Fl8t4rxHzSP8c
otImJdGgmmIZqjcxCxhB9BtJmlqAPBZwhz2w2J2/5rePfCgnQIje+fdQGzO82KHF
QjC6qi4VZFGpwKnv/OsuHhtaG42renpxnSjtmqF8HuE/Augg7n6ZKUOA4yrCHLqW
wSn4xMmUzXdRiA==
-----END CERTIFICATE-----