Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
File:                     HYFeKwc-sEV2vLJN3k341Ot8nwg.mft (raw, json)
Hash identifier:          uFDqOW7jrIzq0ZNCn4JZRC94/HiH2+q1E7s26rjDU4o=
Subject key identifier:   85:B1:77:6E:8E:2F:78:CE:F7:D3:2D:35:26:BB:D0:A4:5D:0A:BA:CD
Authority key identifier: 1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08
Certificate issuer:       /CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
Certificate serial:       019D2771FE79B51CA4E7649B6F52EA3C2384
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
Manifest number:          0D6D
Signing time:             Thu 26 Mar 2026 00:01:15 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:15 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:15 +0000
Files and hashes:         1: HYFeKwc-sEV2vLJN3k341Ot8nwg.crl (hash: PG7qNbvSw44I+b3MQ8pKZ5VBIgqjbpxCky2WNnNBa9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:71:fe:79:b5:1c:a4:e7:64:9b:6f:52:ea:3c:23:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
        Validity
            Not Before: Mar 26 00:01:15 2026 GMT
            Not After : Mar 27 00:01:15 2026 GMT
        Subject: CN=85b1776e8e2f78cef7d32d3526bbd0a45d0abacd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:bd:de:31:f1:7f:eb:46:c2:39:e9:be:06:da:
                    04:71:bb:42:57:b4:f8:a7:bc:46:43:21:2e:28:9b:
                    7c:f4:4e:8f:46:45:b5:f2:b3:43:a4:82:f9:6c:8e:
                    c4:41:66:92:c5:d4:c1:b8:8f:db:73:4d:25:89:b2:
                    e7:47:32:f2:c9:ef:e8:fd:65:ea:84:df:7f:42:a5:
                    32:49:b2:c8:7f:dc:fa:ea:1a:8d:47:38:4e:c0:e7:
                    8c:6b:31:54:7a:93:e8:af:7d:e7:c7:07:58:0a:1e:
                    c3:28:6e:c9:68:c9:6d:0c:85:d9:28:d7:ef:c8:04:
                    0e:b0:e7:93:3c:78:68:01:6e:b9:98:49:80:29:49:
                    23:4f:fc:32:67:60:f0:ed:f0:a0:a0:dc:82:0f:64:
                    37:b0:47:d0:94:67:77:1b:e9:8a:a7:0a:6c:4e:52:
                    95:04:a9:87:d7:4f:4e:8d:8e:ce:4a:ab:cb:74:55:
                    6e:e2:f8:8c:8e:6e:38:2d:28:eb:2f:90:1b:37:55:
                    b8:86:64:4c:5b:7e:2f:09:a1:f9:c4:49:0b:5a:ff:
                    7a:93:7a:41:54:96:68:8a:34:bc:8d:19:55:5a:0b:
                    e2:9f:fd:00:2f:7e:10:bf:e6:cb:28:27:c1:17:e4:
                    7c:6e:64:26:38:9f:66:ab:9d:96:dd:92:c5:15:16:
                    03:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:B1:77:6E:8E:2F:78:CE:F7:D3:2D:35:26:BB:D0:A4:5D:0A:BA:CD
            X509v3 Authority Key Identifier:
                keyid:1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:fb:65:69:9a:15:d9:22:fb:60:58:a4:b4:da:ee:3c:fc:84:
         9a:2c:f0:b2:c8:6f:93:cc:eb:30:f5:d3:f3:82:18:82:32:93:
         69:c5:88:76:11:12:ab:3e:8c:f7:36:00:a7:19:ac:63:50:66:
         13:dc:ce:cf:0f:5c:40:30:1e:66:d7:0c:63:6b:1e:0e:b1:da:
         30:7c:e0:d3:ee:5a:b2:d2:6a:cf:4e:b1:33:3d:d1:b9:47:b2:
         42:7d:2d:9d:7f:a8:c9:e7:c7:24:85:81:fd:ff:44:ef:0e:11:
         3e:3a:f7:70:b7:98:56:81:e8:38:3e:c2:50:f1:05:1d:74:2d:
         93:f9:c1:58:32:1d:8d:72:19:33:87:b7:5b:c8:ec:84:2e:22:
         1c:f1:4f:aa:dd:96:c1:2d:f4:26:b0:05:18:b5:bd:33:9a:a7:
         94:04:9b:9e:42:7e:f6:4b:f4:aa:13:98:34:55:93:38:19:11:
         82:5a:80:73:29:1d:fb:c1:7f:27:09:93:3d:37:7b:9a:ba:4f:
         0f:0d:8a:ae:12:86:28:16:d4:92:08:bf:7d:42:83:42:62:57:
         0b:c6:f8:24:28:26:43:fe:5e:2f:c2:52:b4:67:59:a8:d9:7a:
         33:62:2c:94:72:55:64:dc:5b:0c:31:99:0a:4a:b1:64:0b:ce:
         ac:fd:b0:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncf55tRyk52Sbb1LqPCOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODE1ZTJiMDczZWIwNDU3NmJjYjI0ZGRlNGRmOGQ0ZWI3
YzlmMDgwHhcNMjYwMzI2MDAwMTE1WhcNMjYwMzI3MDAwMTE1WjAzMTEwLwYDVQQD
Eyg4NWIxNzc2ZThlMmY3OGNlZjdkMzJkMzUyNmJiZDBhNDVkMGFiYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq73eMfF/60bCOem+BtoEcbtCV7T4
p7xGQyEuKJt89E6PRkW18rNDpIL5bI7EQWaSxdTBuI/bc00libLnRzLyye/o/WXq
hN9/QqUySbLIf9z66hqNRzhOwOeMazFUepPor33nxwdYCh7DKG7JaMltDIXZKNfv
yAQOsOeTPHhoAW65mEmAKUkjT/wyZ2Dw7fCgoNyCD2Q3sEfQlGd3G+mKpwpsTlKV
BKmH109OjY7OSqvLdFVu4viMjm44LSjrL5AbN1W4hmRMW34vCaH5xEkLWv96k3pB
VJZoijS8jRlVWgvin/0AL34Qv+bLKCfBF+R8bmQmOJ9mq52W3ZLFFRYDtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWxd26OL3jO99MtNSa70KRdCrrNMB8GA1UdIwQY
MBaAFB2BXisHPrBFdryyTd5N+NTrfJ8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAt
YWRkMmJhODJjMjc2LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAtYWRkMmJhODJjMjc2
LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANPtlaZoV
2SL7YFiktNruPPyEmizwsshvk8zrMPXT84IYgjKTacWIdhESqz6M9zYApxmsY1Bm
E9zOzw9cQDAeZtcMY2seDrHaMHzg0+5astJqz06xMz3RuUeyQn0tnX+oyefHJIWB
/f9E7w4RPjr3cLeYVoHoOD7CUPEFHXQtk/nBWDIdjXIZM4e3W8jshC4iHPFPqt2W
wS30JrAFGLW9M5qnlASbnkJ+9kv0qhOYNFWTOBkRglqAcykd+8F/JwmTPTd7mrpP
Dw2KrhKGKBbUkgi/fUKDQmJXC8b4JCgmQ/5eL8JStGdZqNl6M2IslHJVZNxbDDGZ
CkqxZAvOrP2w+w==
-----END CERTIFICATE-----