Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
File:                     hDGpmcvwQL00DSk12JlhtS8EpEU.mft (raw, json)
Hash identifier:          oSOVXoUtO4uDEziwGWiHSvwREgbCSg5g6vl3elnEfmw=
Subject key identifier:   66:D0:38:54:A7:4D:99:99:B6:D0:15:00:B2:D1:FE:E4:90:55:97:DB
Authority key identifier: 84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45
Certificate issuer:       /CN=8431a999cbf040bd340d2935d89961b52f04a445
Certificate serial:       019D38666F80367BDFB61ECD63A4CC9412A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
Manifest number:          0BC1
Signing time:             Sun 29 Mar 2026 07:02:10 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:10 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:10 +0000
Files and hashes:         1: hDGpmcvwQL00DSk12JlhtS8EpEU.crl (hash: pEMbyJmMhnHOM6Ntift6ZyRxz20olX1BjjQomfHPX3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:6f:80:36:7b:df:b6:1e:cd:63:a4:cc:94:12:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8431a999cbf040bd340d2935d89961b52f04a445
        Validity
            Not Before: Mar 29 07:02:10 2026 GMT
            Not After : Mar 30 07:02:10 2026 GMT
        Subject: CN=66d03854a74d9999b6d01500b2d1fee4905597db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:2d:dc:08:f3:e9:51:d1:9d:db:09:e1:8e:21:
                    58:32:1f:96:07:f4:fd:68:7a:54:a7:9c:b3:1e:ad:
                    e8:55:74:20:ee:3a:aa:a2:b2:da:86:2c:61:a1:3a:
                    e4:1c:e6:e0:bd:45:6a:f8:d2:f2:bb:64:4d:ed:14:
                    3c:d6:dc:d5:ee:ba:5c:f7:9b:97:7c:23:dc:9b:28:
                    06:c9:e4:c7:ba:28:49:0f:ff:3f:38:5c:19:af:17:
                    a6:b9:81:81:ab:1d:c6:fa:6a:ee:28:16:fe:b7:51:
                    72:0c:73:4e:93:b1:3f:dc:93:02:09:3d:bb:90:42:
                    60:d7:b9:61:7a:29:e5:3e:31:33:90:6e:54:11:dc:
                    dd:4b:8a:8e:b7:40:38:a9:21:61:5a:1d:6a:3c:7c:
                    c2:3a:a5:fa:c2:32:35:d3:97:61:54:90:92:94:7d:
                    23:87:36:f3:01:25:d5:c9:53:cc:68:a9:e9:f1:68:
                    fe:7f:3b:32:b4:ff:67:a0:43:db:61:6c:5a:d0:61:
                    7f:b6:87:7b:19:6f:d3:65:94:40:1e:dc:d9:88:38:
                    6d:ab:1d:22:51:84:5c:d2:b1:c9:f3:69:c5:57:fc:
                    5c:10:b1:ac:e7:4e:21:b6:b6:9d:7b:40:1d:17:c3:
                    29:09:47:a6:6e:aa:cf:6a:ae:98:77:58:b7:04:10:
                    b0:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:D0:38:54:A7:4D:99:99:B6:D0:15:00:B2:D1:FE:E4:90:55:97:DB
            X509v3 Authority Key Identifier:
                keyid:84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:8d:19:91:31:c9:d4:42:d5:b2:20:85:f4:ab:7a:d3:88:6d:
         ff:66:dc:50:f3:25:40:bc:11:fb:7c:28:ac:16:9c:8a:85:4d:
         91:c0:f9:95:6b:a8:50:c4:47:b6:2b:3c:a5:fa:f5:72:90:00:
         64:1a:85:b3:32:41:5c:d7:dc:aa:0b:51:9e:80:e0:48:df:88:
         b7:48:fe:3a:d2:4c:d7:11:dd:35:80:47:93:1d:e2:f0:fd:65:
         24:28:66:2c:50:00:ac:51:ca:53:02:2c:c5:7b:16:1c:dd:4f:
         c8:b5:e2:7d:b5:d3:9f:de:4e:95:3a:78:ba:c9:b4:7d:ec:8d:
         60:89:0a:0a:a7:7e:dc:61:ce:ab:26:c6:02:12:8c:42:96:25:
         0c:69:83:ba:ae:73:98:a7:44:e8:ae:af:d9:bc:77:68:d8:cd:
         ed:1a:b6:65:45:57:70:46:55:5e:3f:0c:db:04:a4:62:d1:70:
         aa:4a:ab:d1:b9:c3:f7:90:34:49:fa:87:52:e6:25:42:a2:3f:
         46:11:c6:1c:8c:65:f6:d2:59:df:5e:40:05:ff:16:b0:02:bb:
         f8:07:72:5a:2d:58:93:8f:4d:88:02:59:d6:3b:9e:f6:da:4c:
         b9:ce:e6:ef:64:0f:a0:d6:1b:de:73:75:6b:a6:ba:97:68:c5:
         fd:d1:0e:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zm+ANnvfth7NY6TMlBKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MzFhOTk5Y2JmMDQwYmQzNDBkMjkzNWQ4OTk2MWI1MmYw
NGE0NDUwHhcNMjYwMzI5MDcwMjEwWhcNMjYwMzMwMDcwMjEwWjAzMTEwLwYDVQQD
Eyg2NmQwMzg1NGE3NGQ5OTk5YjZkMDE1MDBiMmQxZmVlNDkwNTU5N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri3cCPPpUdGd2wnhjiFYMh+WB/T9
aHpUp5yzHq3oVXQg7jqqorLahixhoTrkHObgvUVq+NLyu2RN7RQ81tzV7rpc95uX
fCPcmygGyeTHuihJD/8/OFwZrxemuYGBqx3G+mruKBb+t1FyDHNOk7E/3JMCCT27
kEJg17lheinlPjEzkG5UEdzdS4qOt0A4qSFhWh1qPHzCOqX6wjI105dhVJCSlH0j
hzbzASXVyVPMaKnp8Wj+fzsytP9noEPbYWxa0GF/tod7GW/TZZRAHtzZiDhtqx0i
UYRc0rHJ82nFV/xcELGs504htrade0AdF8MpCUembqrPaq6Yd1i3BBCwfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbQOFSnTZmZttAVALLR/uSQVZfbMB8GA1UdIwQY
MBaAFIQxqZnL8EC9NA0pNdiZYbUvBKRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYt
MTNkOWJhMjdlNTFmLzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYtMTNkOWJhMjdlNTFm
LzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArI0ZkTHJ
1ELVsiCF9Kt604ht/2bcUPMlQLwR+3worBacioVNkcD5lWuoUMRHtis8pfr1cpAA
ZBqFszJBXNfcqgtRnoDgSN+It0j+OtJM1xHdNYBHkx3i8P1lJChmLFAArFHKUwIs
xXsWHN1PyLXifbXTn95OlTp4usm0feyNYIkKCqd+3GHOqybGAhKMQpYlDGmDuq5z
mKdE6K6v2bx3aNjN7Rq2ZUVXcEZVXj8M2wSkYtFwqkqr0bnD95A0SfqHUuYlQqI/
RhHGHIxl9tJZ315ABf8WsAK7+AdyWi1Yk49NiAJZ1jue9tpMuc7m72QPoNYb3nN1
a6a6l2jF/dEOZQ==
-----END CERTIFICATE-----