Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft
File:                     hGy8NY5qqP7tbgMmoECJt-XyqYk.mft (raw, json)
Hash identifier:          jgTyyPl7BVocTD3wvlpUNH/fzzBKIaj1nPPVs0+FLtw=
Subject key identifier:   6C:75:E7:E5:74:15:87:A4:5B:2F:8F:3D:A3:0D:23:71:06:38:EC:EA
Authority key identifier: 84:6C:BC:35:8E:6A:A8:FE:ED:6E:03:26:A0:40:89:B7:E5:F2:A9:89
Certificate issuer:       /CN=846cbc358e6aa8feed6e0326a04089b7e5f2a989
Certificate serial:       019D2AE0307D5481B0707EF8B9BF436E3553
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hGy8NY5qqP7tbgMmoECJt-XyqYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft
Manifest number:          0CE9
Signing time:             Thu 26 Mar 2026 16:00:28 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:28 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:28 +0000
Files and hashes:         1: hGy8NY5qqP7tbgMmoECJt-XyqYk.crl (hash: OvQDYTV0YbQ6YteWLFXI0X8PeohxMYCjAemwGmd6E2M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hGy8NY5qqP7tbgMmoECJt-XyqYk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:30:7d:54:81:b0:70:7e:f8:b9:bf:43:6e:35:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=846cbc358e6aa8feed6e0326a04089b7e5f2a989
        Validity
            Not Before: Mar 26 16:00:28 2026 GMT
            Not After : Mar 27 16:00:28 2026 GMT
        Subject: CN=6c75e7e5741587a45b2f8f3da30d23710638ecea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:7e:8f:80:04:15:ed:62:05:70:46:88:fc:5f:
                    61:28:9e:ce:ef:2d:3c:8b:69:56:8a:9c:be:f8:dc:
                    80:76:a5:d9:0f:86:60:2f:51:71:cf:a9:0b:8a:81:
                    37:c8:33:56:c2:90:e4:8d:42:68:26:bb:5d:02:fb:
                    e6:f2:29:3b:69:1b:70:8d:b6:17:46:15:59:f2:a6:
                    44:5f:93:74:98:db:d7:c0:19:42:fa:80:ec:23:50:
                    92:47:ce:29:84:8f:6c:94:d5:a2:df:22:89:28:14:
                    c9:53:da:b1:1b:ef:fb:a5:21:4b:5b:89:7c:16:74:
                    84:a7:59:a6:f4:09:2b:dd:c5:c0:59:ff:47:1e:ef:
                    d2:23:02:56:23:db:f1:70:78:10:a4:13:0a:3d:cf:
                    9b:61:dd:5f:bf:96:e2:74:49:c5:f1:c5:6b:26:33:
                    50:bd:b0:ce:d4:a4:05:29:19:d2:c9:09:e0:c0:98:
                    66:5f:68:f4:e7:fd:76:d3:ad:a6:99:32:58:53:85:
                    5b:23:b8:52:ec:e0:1c:ce:74:b8:be:7e:2b:0e:b9:
                    81:1a:68:39:50:cc:47:4f:ef:fa:4c:a0:45:be:71:
                    0e:09:8e:1b:64:28:86:e4:05:d4:a8:5a:02:29:83:
                    3e:3b:cb:06:03:fb:ea:d3:cd:ce:aa:a9:76:6c:d8:
                    2b:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:75:E7:E5:74:15:87:A4:5B:2F:8F:3D:A3:0D:23:71:06:38:EC:EA
            X509v3 Authority Key Identifier:
                keyid:84:6C:BC:35:8E:6A:A8:FE:ED:6E:03:26:A0:40:89:B7:E5:F2:A9:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGy8NY5qqP7tbgMmoECJt-XyqYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:cb:ba:da:5e:0a:93:cc:af:18:45:74:20:7a:d8:34:5c:39:
         a0:c6:0a:5b:5a:12:7e:21:05:2a:4c:e4:d8:52:01:1c:09:b8:
         44:16:17:86:78:b4:57:f2:d8:98:57:32:30:08:7a:13:7b:71:
         e5:f2:c5:e3:c3:2c:b1:ae:4f:05:6f:6f:46:06:60:a8:63:24:
         a8:68:62:73:d3:3f:a4:a0:6b:13:41:07:8a:b6:56:5f:06:c9:
         8e:d6:f5:5f:f5:31:bc:2b:ed:8a:a2:fe:1e:70:d4:17:36:ed:
         02:ba:61:22:fa:f4:da:83:89:01:6e:72:2f:23:57:a9:53:d7:
         7c:95:80:bc:71:fb:6c:76:75:2a:9f:8e:2e:71:50:af:b7:01:
         9f:d2:0f:8a:dc:9a:5e:fb:f0:de:06:73:8b:6b:9b:e7:db:ba:
         d3:20:64:7c:b0:85:b0:4f:1c:4f:0a:e1:33:75:bb:49:c7:9f:
         a0:b9:b1:74:2e:2a:5d:59:c8:58:f7:1e:e0:60:75:d1:a6:86:
         31:75:de:cd:c3:f8:f5:b2:77:d5:e8:d1:dc:7e:ff:d3:e6:6f:
         f6:6a:b5:67:8c:0f:6e:0e:4a:21:f4:00:74:80:1b:01:eb:05:
         b0:6d:23:38:1a:86:7d:35:54:91:8a:28:bf:0a:0f:44:79:ea:
         74:d7:ba:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4DB9VIGwcH74ub9DbjVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmNiYzM1OGU2YWE4ZmVlZDZlMDMyNmEwNDA4OWI3ZTVm
MmE5ODkwHhcNMjYwMzI2MTYwMDI4WhcNMjYwMzI3MTYwMDI4WjAzMTEwLwYDVQQD
Eyg2Yzc1ZTdlNTc0MTU4N2E0NWIyZjhmM2RhMzBkMjM3MTA2MzhlY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2n6PgAQV7WIFcEaI/F9hKJ7O7y08
i2lWipy++NyAdqXZD4ZgL1Fxz6kLioE3yDNWwpDkjUJoJrtdAvvm8ik7aRtwjbYX
RhVZ8qZEX5N0mNvXwBlC+oDsI1CSR84phI9slNWi3yKJKBTJU9qxG+/7pSFLW4l8
FnSEp1mm9Akr3cXAWf9HHu/SIwJWI9vxcHgQpBMKPc+bYd1fv5bidEnF8cVrJjNQ
vbDO1KQFKRnSyQngwJhmX2j05/12062mmTJYU4VbI7hS7OAcznS4vn4rDrmBGmg5
UMxHT+/6TKBFvnEOCY4bZCiG5AXUqFoCKYM+O8sGA/vq083Oqql2bNgr/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGx15+V0FYekWy+PPaMNI3EGOOzqMB8GA1UdIwQY
MBaAFIRsvDWOaqj+7W4DJqBAibfl8qmJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEd5OE5ZNXFxUDd0YmdNbW9FQ0p0LVh5cVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS81ZjNkNDUtMDBkMC00NTVhLWFjYzgt
M2Y3ZDgxYmFmN2I3LzEvaEd5OE5ZNXFxUDd0YmdNbW9FQ0p0LVh5cVlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS81ZjNkNDUtMDBkMC00NTVhLWFjYzgtM2Y3ZDgxYmFmN2I3
LzEvaEd5OE5ZNXFxUDd0YmdNbW9FQ0p0LVh5cVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGMu62l4K
k8yvGEV0IHrYNFw5oMYKW1oSfiEFKkzk2FIBHAm4RBYXhni0V/LYmFcyMAh6E3tx
5fLF48Mssa5PBW9vRgZgqGMkqGhic9M/pKBrE0EHirZWXwbJjtb1X/UxvCvtiqL+
HnDUFzbtArphIvr02oOJAW5yLyNXqVPXfJWAvHH7bHZ1Kp+OLnFQr7cBn9IPitya
Xvvw3gZzi2ub59u60yBkfLCFsE8cTwrhM3W7ScefoLmxdC4qXVnIWPce4GB10aaG
MXXezcP49bJ31ejR3H7/0+Zv9mq1Z4wPbg5KIfQAdIAbAesFsG0jOBqGfTVUkYoo
vwoPRHnqdNe6DA==
-----END CERTIFICATE-----