Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File:                     HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier:          OdGZAvuHm8UYxteT4NCj0ftaYwLvG4p9R9lkAn2pJYU=
Subject key identifier:   8E:3C:D6:06:6F:3F:6F:D6:36:EB:ED:4D:20:EE:3F:E2:B9:F2:9D:00
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer:       /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial:       019D2929654A693ADDDB08A61C8B1424C7C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number:          07FD
Signing time:             Thu 26 Mar 2026 08:01:11 +0000
Manifest this update:     Thu 26 Mar 2026 08:01:11 +0000
Manifest next update:     Fri 27 Mar 2026 08:01:11 +0000
Files and hashes:         1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: 6cRNIGatgQL0A5DfJBogpBBnIOXV80cKOHTVrUwUS/Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 08:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:29:65:4a:69:3a:dd:db:08:a6:1c:8b:14:24:c7:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
        Validity
            Not Before: Mar 26 08:01:11 2026 GMT
            Not After : Mar 27 08:01:11 2026 GMT
        Subject: CN=8e3cd6066f3f6fd636ebed4d20ee3fe2b9f29d00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:ae:ab:5b:f7:f0:5b:73:97:df:e0:aa:c8:84:
                    86:b3:1c:03:9a:c5:17:30:00:e5:7d:66:89:4a:0f:
                    54:c8:72:62:c6:cf:8c:87:f4:d5:46:0e:3c:8b:a9:
                    f8:fa:f1:6d:5b:67:5a:c6:08:a8:eb:c1:4e:88:cf:
                    9a:36:81:e3:1d:fc:0c:ab:e7:a8:8e:56:ef:59:9e:
                    43:33:27:03:5a:fb:e9:fa:a8:51:94:fe:22:fe:03:
                    29:b4:e2:c4:2e:92:44:f9:c6:14:aa:ac:33:4b:d3:
                    8b:c8:d8:e6:87:46:04:75:2a:36:1e:44:52:c3:13:
                    ad:e8:9a:5a:5a:79:55:e4:bd:d3:54:c9:13:a7:f1:
                    eb:e8:c9:a3:d1:b3:4f:1a:d8:17:29:20:7e:af:b4:
                    53:53:4a:04:56:dc:0b:2a:91:76:ff:4b:1f:8c:34:
                    80:f7:55:82:a2:a5:5e:c6:26:1c:5d:97:63:cc:77:
                    86:cb:9c:7e:87:55:a6:ec:34:97:09:43:4b:85:89:
                    9b:e3:2f:c5:5a:52:72:6f:ec:0d:52:4c:fd:d7:11:
                    a6:64:3e:7c:e8:6f:23:85:3e:ae:0c:f8:41:6c:33:
                    80:7d:22:d3:04:3b:db:fd:f3:0b:44:f3:c0:7c:44:
                    44:bb:b3:f7:fc:a3:a5:e9:c3:8f:76:ec:b9:05:f1:
                    fa:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:3C:D6:06:6F:3F:6F:D6:36:EB:ED:4D:20:EE:3F:E2:B9:F2:9D:00
            X509v3 Authority Key Identifier:
                keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:35:2f:e3:97:a8:b9:54:4b:54:68:4c:ab:56:9d:14:a4:d3:
         0e:28:65:1c:6f:69:e6:09:e1:67:10:09:84:ae:f1:f0:6e:89:
         e0:29:14:c6:36:e1:55:eb:db:5e:3e:a5:42:49:a0:49:6a:52:
         d2:5e:50:59:a5:a0:da:29:11:64:80:f7:7f:27:14:da:07:15:
         a8:df:fe:69:5d:73:d6:97:cd:0e:29:24:bf:91:49:f8:ea:35:
         be:9b:e6:1d:9b:29:09:6f:4b:c0:38:ed:59:36:be:5f:fa:56:
         a9:14:a9:cc:01:06:fa:3b:9d:f9:9e:f8:61:95:cf:c8:0e:ed:
         8b:4e:ca:b2:87:92:6e:ff:b2:ef:5e:bd:b1:f2:55:7f:fe:89:
         a8:35:f2:ef:4d:64:96:77:51:db:bb:35:d1:e3:46:2c:d7:a3:
         6e:a2:a3:b4:f8:5c:8a:e1:69:97:28:26:ca:61:ed:90:74:a5:
         9f:b9:8c:63:55:6a:20:c6:0e:6e:ff:b1:8c:94:59:18:04:9c:
         ed:d1:6e:da:4d:b8:78:d3:25:02:54:c8:b9:5e:e4:99:6d:b4:
         bf:c1:07:5a:c3:96:1e:81:03:df:2f:35:94:e9:53:d2:31:9b:
         4e:5b:a9:91:65:7c:9e:ca:53:df:c0:7f:0a:e1:c5:e1:4c:d2:
         ec:e2:2c:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKWVKaTrd2wimHIsUJMfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjYwMzI2MDgwMTExWhcNMjYwMzI3MDgwMTExWjAzMTEwLwYDVQQD
Eyg4ZTNjZDYwNjZmM2Y2ZmQ2MzZlYmVkNGQyMGVlM2ZlMmI5ZjI5ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA966rW/fwW3OX3+CqyISGsxwDmsUX
MADlfWaJSg9UyHJixs+Mh/TVRg48i6n4+vFtW2daxgio68FOiM+aNoHjHfwMq+eo
jlbvWZ5DMycDWvvp+qhRlP4i/gMptOLELpJE+cYUqqwzS9OLyNjmh0YEdSo2HkRS
wxOt6JpaWnlV5L3TVMkTp/Hr6Mmj0bNPGtgXKSB+r7RTU0oEVtwLKpF2/0sfjDSA
91WCoqVexiYcXZdjzHeGy5x+h1Wm7DSXCUNLhYmb4y/FWlJyb+wNUkz91xGmZD58
6G8jhT6uDPhBbDOAfSLTBDvb/fMLRPPAfEREu7P3/KOl6cOPduy5BfH6rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI481gZvP2/WNuvtTSDuP+K58p0AMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgzUv45eo
uVRLVGhMq1adFKTTDihlHG9p5gnhZxAJhK7x8G6J4CkUxjbhVevbXj6lQkmgSWpS
0l5QWaWg2ikRZID3fycU2gcVqN/+aV1z1pfNDikkv5FJ+Oo1vpvmHZspCW9LwDjt
WTa+X/pWqRSpzAEG+jud+Z74YZXPyA7ti07KsoeSbv+y7169sfJVf/6JqDXy701k
lndR27s10eNGLNejbqKjtPhciuFplygmymHtkHSln7mMY1VqIMYObv+xjJRZGASc
7dFu2k24eNMlAlTIuV7kmW20v8EHWsOWHoED3y81lOlT0jGbTlupkWV8nspT38B/
CuHF4UzS7OIs8A==
-----END CERTIFICATE-----