Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          aeYiZ2jcUzaNFKArsGdtP0uD/ixu4xax6TZ1F6T7RuE=
Subject key identifier:   58:A8:AF:17:54:16:71:02:DB:AE:7D:3D:5D:5C:92:7D:7E:3F:2F:9A
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       019D27048CBA81067D2B07EF4128545BA5A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          1453
Signing time:             Wed 25 Mar 2026 22:01:42 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:42 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:42 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: eOm7/cRSsQf5H6JvsuD9AVs2VwdEYlJ2iI7eG3zO/84=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:8c:ba:81:06:7d:2b:07:ef:41:28:54:5b:a5:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Mar 25 22:01:42 2026 GMT
            Not After : Mar 26 22:01:42 2026 GMT
        Subject: CN=58a8af1754167102dbae7d3d5d5c927d7e3f2f9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:e0:7c:1e:58:12:fa:69:70:11:c7:e0:a6:3d:
                    f0:bb:21:4f:10:bc:0f:38:92:db:f7:55:71:0c:46:
                    d0:8d:65:2f:de:93:2b:ba:76:bb:b9:3e:96:23:42:
                    53:1e:55:3c:22:db:e5:b9:45:c1:3d:93:4c:d5:1b:
                    4f:cc:80:14:c6:44:c7:47:cc:ee:03:a3:73:16:4e:
                    10:9b:4d:96:8a:a6:21:bb:3e:87:17:79:77:ed:66:
                    ad:d9:12:68:51:c4:0f:85:91:aa:5a:58:2d:0d:e1:
                    27:59:86:17:ef:a9:91:a0:3d:b3:ed:ae:72:b2:c5:
                    04:e4:f4:0d:e4:f0:da:43:1e:e7:00:52:db:2b:58:
                    23:5f:30:78:ce:a3:13:0e:54:33:47:3f:43:50:8e:
                    03:71:4e:c7:11:cc:cc:a8:74:bc:bd:1d:c2:30:f2:
                    9c:4b:59:36:9a:a4:e5:3f:ec:56:cc:f4:fb:2a:9a:
                    81:17:dc:6d:31:97:4d:cd:46:59:5f:b2:66:d8:45:
                    eb:20:5e:f0:66:22:f7:5d:fd:0f:50:7e:a6:09:23:
                    cd:13:40:33:78:d7:4f:48:e7:44:b3:2e:e1:13:e6:
                    90:09:8b:18:04:b5:11:88:25:d9:c4:e1:be:37:7b:
                    87:42:69:3f:13:48:ec:c2:85:a2:0b:c0:4d:4c:33:
                    8c:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:A8:AF:17:54:16:71:02:DB:AE:7D:3D:5D:5C:92:7D:7E:3F:2F:9A
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:0a:e6:32:31:fd:f4:de:49:e6:8d:e7:88:45:45:59:e8:55:
         7b:65:9e:9b:21:d4:c1:74:9c:85:c3:11:91:f7:f4:c4:c6:8e:
         8d:f4:8d:ab:f3:50:f2:2f:71:9e:80:c6:c6:e8:bb:39:1d:46:
         81:5c:0f:0f:76:7d:9d:92:5f:53:b9:c7:8c:9f:24:8d:de:67:
         48:b0:a6:6b:34:90:79:8d:5a:95:6a:7d:bb:aa:cf:db:de:c2:
         95:c3:b9:17:13:a6:56:ca:a8:fd:14:53:50:60:7b:de:f3:3a:
         43:eb:39:d8:d7:2b:58:9b:1f:4b:07:94:3c:c5:cc:eb:b2:8b:
         f2:3b:27:92:49:d6:15:47:e4:c4:b0:8c:63:6a:f9:c5:f6:d9:
         81:8a:ab:b4:22:d6:e7:a5:b0:8e:90:76:ac:e3:ae:94:7e:7d:
         25:11:1d:fa:fa:dc:8a:63:c5:4c:d2:07:21:24:fd:8e:68:ec:
         12:f0:c1:98:25:2e:ba:66:a9:91:6b:f6:ac:30:61:f6:36:3c:
         4a:ee:42:23:47:1c:59:6f:81:e8:f1:cc:1b:f7:d7:aa:f9:34:
         dc:a0:63:e5:3b:79:e5:0f:c7:97:b9:40:2b:ce:49:99:64:4a:
         e6:c0:89:fd:b8:38:1e:df:21:9f:9f:ca:1a:a6:df:d0:3e:51:
         54:5b:1d:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBIy6gQZ9KwfvQShUW6WhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjYwMzI1MjIwMTQyWhcNMjYwMzI2MjIwMTQyWjAzMTEwLwYDVQQD
Eyg1OGE4YWYxNzU0MTY3MTAyZGJhZTdkM2Q1ZDVjOTI3ZDdlM2YyZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOB8HlgS+mlwEcfgpj3wuyFPELwP
OJLb91VxDEbQjWUv3pMruna7uT6WI0JTHlU8ItvluUXBPZNM1RtPzIAUxkTHR8zu
A6NzFk4Qm02WiqYhuz6HF3l37Wat2RJoUcQPhZGqWlgtDeEnWYYX76mRoD2z7a5y
ssUE5PQN5PDaQx7nAFLbK1gjXzB4zqMTDlQzRz9DUI4DcU7HEczMqHS8vR3CMPKc
S1k2mqTlP+xWzPT7KpqBF9xtMZdNzUZZX7Jm2EXrIF7wZiL3Xf0PUH6mCSPNE0Az
eNdPSOdEsy7hE+aQCYsYBLURiCXZxOG+N3uHQmk/E0jswoWiC8BNTDOMKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiorxdUFnEC2659PV1ckn1+Py+aMB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyQrmMjH9
9N5J5o3niEVFWehVe2WemyHUwXSchcMRkff0xMaOjfSNq/NQ8i9xnoDGxui7OR1G
gVwPD3Z9nZJfU7nHjJ8kjd5nSLCmazSQeY1alWp9u6rP297ClcO5FxOmVsqo/RRT
UGB73vM6Q+s52NcrWJsfSweUPMXM67KL8jsnkknWFUfkxLCMY2r5xfbZgYqrtCLW
56WwjpB2rOOulH59JREd+vrcimPFTNIHIST9jmjsEvDBmCUuumapkWv2rDBh9jY8
Su5CI0ccWW+B6PHMG/fXqvk03KBj5Tt55Q/Hl7lAK85JmWRK5sCJ/bg4Ht8hn5/K
Gqbf0D5RVFsdzw==
-----END CERTIFICATE-----