Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          /V6qwtb0BBjxH4HP1ck8Cj236UFyhRDoStgIHxJTE+U=
Subject key identifier:   15:62:CE:51:26:99:49:0A:8F:E9:CF:58:85:C1:A8:99:EA:F8:54:65
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       019D299751E64AECA66A02B920530B334074
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          096C
Signing time:             Thu 26 Mar 2026 10:01:15 +0000
Manifest this update:     Thu 26 Mar 2026 10:01:15 +0000
Manifest next update:     Fri 27 Mar 2026 10:01:15 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: zrb5tB13uQAJyFlWMlf9YhYYEUBLf9m3hBQ06+jAdrQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 10:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:97:51:e6:4a:ec:a6:6a:02:b9:20:53:0b:33:40:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Mar 26 10:01:15 2026 GMT
            Not After : Mar 27 10:01:15 2026 GMT
        Subject: CN=1562ce512699490a8fe9cf5885c1a899eaf85465
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:a2:43:4c:c2:bc:2f:c2:ad:21:3d:fd:1c:ee:
                    cb:1e:74:8c:67:81:f6:df:cb:e4:a8:9e:15:a8:ca:
                    9c:bf:e2:93:e2:fd:76:a0:8b:76:9a:d0:0f:95:b7:
                    65:0c:51:80:4c:b7:4a:06:9d:cc:34:00:af:8d:49:
                    d9:00:f2:24:0a:4e:88:5d:ff:d5:36:d9:b6:ae:ad:
                    1a:86:06:5e:d4:be:4b:ba:83:d7:21:eb:a6:fe:a6:
                    5e:3c:e9:05:1f:b5:b5:c3:eb:a1:1d:a5:f0:a1:cd:
                    95:8c:28:29:60:97:4a:93:ef:87:52:3f:cd:c2:b7:
                    b2:9b:89:8a:00:7f:e8:58:15:11:1f:a0:f7:ce:1d:
                    9a:59:87:a7:4a:2e:30:db:37:cb:ec:8c:7f:c8:f6:
                    e8:8d:e1:8c:64:da:23:e6:b4:0b:04:60:a8:74:f7:
                    85:43:7c:a4:1e:38:56:93:0f:b6:d7:ba:68:10:e3:
                    cb:93:d8:40:5f:1d:16:df:0a:53:06:95:91:74:05:
                    9d:99:0a:a6:c2:58:bc:8d:fb:f1:d8:f4:c1:17:02:
                    0c:55:d9:03:3b:71:cc:a4:a9:6e:00:7c:03:13:88:
                    c0:71:bf:85:51:f2:f4:5d:34:b8:fe:da:c8:1d:bc:
                    b6:3d:6c:e9:44:57:43:fb:a8:d7:f1:a3:02:04:0e:
                    b8:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:62:CE:51:26:99:49:0A:8F:E9:CF:58:85:C1:A8:99:EA:F8:54:65
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:15:77:10:99:22:57:ed:a0:22:50:56:49:0f:63:49:96:9f:
         bd:19:e1:36:89:9a:02:c0:13:3e:1f:3d:11:ca:9f:08:7b:e3:
         95:e0:83:ee:b5:40:ee:58:b8:f6:99:8e:db:52:c0:ed:08:1d:
         9d:70:fb:8f:d4:83:cf:39:bf:66:64:7a:1b:08:7e:a8:52:4e:
         10:3c:59:f7:8b:68:fa:b1:65:31:2a:57:9f:a4:0a:ef:9b:8c:
         21:8a:7f:01:86:4b:50:0a:d2:1c:81:9b:7a:54:82:62:53:fa:
         5e:f4:a7:de:a2:af:cc:e7:5d:97:e6:b6:06:01:6d:c8:41:66:
         d9:bb:a3:98:10:f2:70:5c:0c:78:13:18:80:ad:47:6d:ba:7c:
         25:b3:8b:3a:68:ee:12:98:94:d5:6e:cd:93:54:4f:50:a7:6f:
         ea:19:91:01:6d:6d:1f:b1:a9:17:58:ea:e2:7e:18:13:9d:f5:
         e8:9b:7f:6e:d6:1a:3b:66:de:03:55:38:eb:de:1a:f9:65:09:
         3f:52:75:4d:6d:75:db:50:19:11:2d:45:a8:e7:44:3c:c8:d4:
         a5:58:12:c2:fd:9a:42:82:12:7c:d0:d6:76:fa:91:43:42:c7:
         d9:ed:3f:f1:26:f8:5c:b2:d4:7c:be:94:fa:be:d7:14:34:68:
         91:a2:26:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl1HmSuymagK5IFMLM0B0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjYwMzI2MTAwMTE1WhcNMjYwMzI3MTAwMTE1WjAzMTEwLwYDVQQD
EygxNTYyY2U1MTI2OTk0OTBhOGZlOWNmNTg4NWMxYTg5OWVhZjg1NDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqJDTMK8L8KtIT39HO7LHnSMZ4H2
38vkqJ4VqMqcv+KT4v12oIt2mtAPlbdlDFGATLdKBp3MNACvjUnZAPIkCk6IXf/V
Ntm2rq0ahgZe1L5LuoPXIeum/qZePOkFH7W1w+uhHaXwoc2VjCgpYJdKk++HUj/N
wreym4mKAH/oWBURH6D3zh2aWYenSi4w2zfL7Ix/yPbojeGMZNoj5rQLBGCodPeF
Q3ykHjhWkw+217poEOPLk9hAXx0W3wpTBpWRdAWdmQqmwli8jfvx2PTBFwIMVdkD
O3HMpKluAHwDE4jAcb+FUfL0XTS4/trIHby2PWzpRFdD+6jX8aMCBA64NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBVizlEmmUkKj+nPWIXBqJnq+FRlMB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAABV3EJki
V+2gIlBWSQ9jSZafvRnhNomaAsATPh89EcqfCHvjleCD7rVA7li49pmO21LA7Qgd
nXD7j9SDzzm/ZmR6Gwh+qFJOEDxZ94to+rFlMSpXn6QK75uMIYp/AYZLUArSHIGb
elSCYlP6XvSn3qKvzOddl+a2BgFtyEFm2bujmBDycFwMeBMYgK1Hbbp8JbOLOmju
EpiU1W7Nk1RPUKdv6hmRAW1tH7GpF1jq4n4YE5316Jt/btYaO2beA1U4694a+WUJ
P1J1TW1121AZES1FqOdEPMjUpVgSwv2aQoISfNDWdvqRQ0LH2e0/8Sb4XLLUfL6U
+r7XFDRokaImDA==
-----END CERTIFICATE-----