Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
File:                     an0UIH91yLFYDbJ_defD_bH_hgw.mft (raw, json)
Hash identifier:          GNO2UddUVvQcSzlujs0neE6nDQr/EfvAyKDNt4idA4I=
Subject key identifier:   32:33:97:E7:04:EC:64:74:C0:C6:3E:7D:C3:C0:49:AF:51:27:06:D0
Authority key identifier: 6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C
Certificate issuer:       /CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
Certificate serial:       019D29973948FA085EE3F6163A1A4AEF2944
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
Manifest number:          0B16
Signing time:             Thu 26 Mar 2026 10:01:09 +0000
Manifest this update:     Thu 26 Mar 2026 10:01:09 +0000
Manifest next update:     Fri 27 Mar 2026 10:01:09 +0000
Files and hashes:         1: an0UIH91yLFYDbJ_defD_bH_hgw.crl (hash: +6bX7fZfpMvX/Vmub9GOMeFxY+hhzKGGH1HWo1s4s3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:97:39:48:fa:08:5e:e3:f6:16:3a:1a:4a:ef:29:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
        Validity
            Not Before: Mar 26 10:01:09 2026 GMT
            Not After : Mar 27 10:01:09 2026 GMT
        Subject: CN=323397e704ec6474c0c63e7dc3c049af512706d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:82:91:73:fc:5b:2d:23:56:84:0d:00:9e:7f:
                    4c:88:57:ae:2f:39:a1:38:84:14:b7:4c:4b:9f:18:
                    d7:a1:a6:0b:a1:c8:ea:4a:ef:cd:ca:bd:50:51:f5:
                    32:84:46:f8:54:ac:22:1c:57:1e:a0:59:94:a6:17:
                    9c:9f:5a:3a:ad:83:b9:6c:0e:1d:94:73:56:e2:1e:
                    70:a2:90:bd:dc:28:a0:6a:86:96:dc:c7:54:7c:df:
                    05:c1:e8:2f:ef:00:96:f0:10:72:d1:47:cc:00:fe:
                    ae:62:5c:c4:eb:10:02:f0:27:23:ea:ab:bf:91:9e:
                    b0:e2:f1:a1:19:dd:e7:fc:02:f1:30:17:39:db:f8:
                    8c:7b:cf:39:a7:7b:b5:c7:4f:35:6c:3d:0a:aa:60:
                    ab:d4:96:60:87:6b:cf:5a:a1:e0:19:aa:6f:ca:b4:
                    d9:bd:15:d3:22:80:f1:99:c8:93:52:81:5d:1d:e5:
                    d5:77:51:71:7e:6d:0d:0d:81:93:5f:b4:05:b9:3e:
                    4a:e6:f6:a5:f8:70:35:03:da:1b:ee:be:a8:f6:6a:
                    7d:28:a6:21:8b:e1:53:16:0b:7f:3e:0e:e2:87:de:
                    e4:f7:8d:81:a2:e8:82:ec:15:4b:26:83:f7:a8:1a:
                    81:f8:96:12:83:c8:d5:1e:8f:49:50:13:f8:f2:9f:
                    c4:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:33:97:E7:04:EC:64:74:C0:C6:3E:7D:C3:C0:49:AF:51:27:06:D0
            X509v3 Authority Key Identifier:
                keyid:6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:d4:f8:78:7a:ed:f4:af:48:09:43:9c:6b:e0:34:13:42:79:
         11:e8:90:bd:d1:ff:b3:65:d3:30:a8:98:65:60:9a:d6:63:6d:
         76:eb:49:29:b5:d0:c2:c0:16:be:e0:4c:10:35:c2:26:11:d1:
         f8:c1:24:2c:1c:81:15:30:73:0e:0f:38:e4:5f:93:3a:93:37:
         d2:71:63:98:c5:56:3a:20:81:00:f6:ac:84:86:8b:60:2b:c3:
         66:9e:a5:57:44:f6:72:de:1b:1e:ad:3f:04:2c:3d:23:49:ff:
         d9:a9:bb:9a:fe:83:bb:1a:c8:e8:1e:63:a5:8a:a4:8d:99:a6:
         16:54:10:05:29:91:31:6a:e0:4d:2c:8e:d1:88:0a:e4:f5:82:
         47:41:82:90:92:33:40:50:ef:97:27:5a:c2:ac:b7:fd:7e:f3:
         c2:5e:df:00:f0:1c:be:92:eb:27:70:89:6b:ba:02:75:aa:4f:
         58:c4:21:d4:42:c4:20:ad:d3:39:ee:a8:62:31:1e:46:f4:74:
         32:d5:00:4b:07:18:b8:cf:3a:26:49:57:be:45:a8:2e:f0:46:
         89:d4:c4:4d:23:5c:85:7f:f4:87:2c:21:d6:16:b3:14:17:46:
         64:a5:86:06:52:a8:4e:19:eb:ae:cb:44:6d:6e:78:2a:f8:cd:
         69:9a:61:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plzlI+ghe4/YWOhpK7ylEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2QxNDIwN2Y3NWM4YjE1ODBkYjI3Zjc1ZTdjM2ZkYjFm
Zjg2MGMwHhcNMjYwMzI2MTAwMTA5WhcNMjYwMzI3MTAwMTA5WjAzMTEwLwYDVQQD
EygzMjMzOTdlNzA0ZWM2NDc0YzBjNjNlN2RjM2MwNDlhZjUxMjcwNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYKRc/xbLSNWhA0Ann9MiFeuLzmh
OIQUt0xLnxjXoaYLocjqSu/Nyr1QUfUyhEb4VKwiHFceoFmUphecn1o6rYO5bA4d
lHNW4h5wopC93CigaoaW3MdUfN8Fwegv7wCW8BBy0UfMAP6uYlzE6xAC8Ccj6qu/
kZ6w4vGhGd3n/ALxMBc52/iMe885p3u1x081bD0KqmCr1JZgh2vPWqHgGapvyrTZ
vRXTIoDxmciTUoFdHeXVd1Fxfm0NDYGTX7QFuT5K5val+HA1A9ob7r6o9mp9KKYh
i+FTFgt/Pg7ih97k942BouiC7BVLJoP3qBqB+JYSg8jVHo9JUBP48p/E7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIzl+cE7GR0wMY+fcPASa9RJwbQMB8GA1UdIwQY
MBaAFGp9FCB/dcixWA2yf3Xnw/2x/4YMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEt
YmVhYTczNzEwYTY1LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEtYmVhYTczNzEwYTY1
LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZdT4eHrt
9K9ICUOca+A0E0J5EeiQvdH/s2XTMKiYZWCa1mNtdutJKbXQwsAWvuBMEDXCJhHR
+MEkLByBFTBzDg845F+TOpM30nFjmMVWOiCBAPashIaLYCvDZp6lV0T2ct4bHq0/
BCw9I0n/2am7mv6DuxrI6B5jpYqkjZmmFlQQBSmRMWrgTSyO0YgK5PWCR0GCkJIz
QFDvlydawqy3/X7zwl7fAPAcvpLrJ3CJa7oCdapPWMQh1ELEIK3TOe6oYjEeRvR0
MtUASwcYuM86JklXvkWoLvBGidTETSNchX/0hywh1hazFBdGZKWGBlKoThnrrstE
bW54KvjNaZphqA==
-----END CERTIFICATE-----