Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
File:                     hhiHKrn6K6AssBpEzo64dkEoHBw.mft (raw, json)
Hash identifier:          TYr3k72IIpQLUFWx19yikfdPmgGnt51yAGdKDI9Kt3Q=
Subject key identifier:   63:1C:21:C8:ED:00:A1:9C:7F:83:6E:B4:EB:4F:14:59:10:B7:95:3F
Authority key identifier: 86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C
Certificate issuer:       /CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
Certificate serial:       019D38D32D51FA17201A330645CDB1D2A031
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
Manifest number:          082E
Signing time:             Sun 29 Mar 2026 09:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:56 +0000
Files and hashes:         1: hhiHKrn6K6AssBpEzo64dkEoHBw.crl (hash: 76qTn6rO02cqvDO6sp75ZVl/AWVWFbr7vsDfHXFOINY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:2d:51:fa:17:20:1a:33:06:45:cd:b1:d2:a0:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
        Validity
            Not Before: Mar 29 09:00:56 2026 GMT
            Not After : Mar 30 09:00:56 2026 GMT
        Subject: CN=631c21c8ed00a19c7f836eb4eb4f145910b7953f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:0b:ff:10:9a:b0:0e:30:35:d6:62:ab:4c:c4:
                    25:98:43:11:23:5c:61:04:87:bf:fd:cd:df:f4:51:
                    ca:42:5f:88:1b:d4:77:34:07:ea:26:07:d9:9a:16:
                    f9:3a:cc:19:87:67:ca:43:6b:44:ad:42:6e:57:28:
                    f6:16:7d:cb:e8:4d:04:81:f9:78:f7:3c:2a:a8:61:
                    52:65:dc:57:92:5e:9e:60:1b:fb:a3:1b:76:02:3f:
                    d9:0b:67:9e:ea:e3:3e:e4:9e:ef:3f:3c:f2:07:9a:
                    4e:3e:6f:cd:8a:61:a4:26:7a:95:1a:93:ff:9f:4a:
                    1c:72:2e:5c:5e:1c:2f:8c:25:2b:af:00:ba:38:a9:
                    88:bc:04:68:c8:79:24:d2:14:81:8e:03:77:fa:37:
                    e3:91:2b:95:06:d2:79:5e:38:e6:ab:fd:ec:5f:f0:
                    8a:fb:64:42:c7:ce:f1:db:6c:86:92:31:15:a0:0b:
                    df:43:2d:8b:9e:10:e8:6f:ea:c9:9c:d4:8f:6e:97:
                    a6:00:ed:84:9c:8f:8d:ec:02:8e:fa:dc:d9:4d:ab:
                    5e:f8:8d:2d:c0:1a:5c:c3:79:6a:80:6b:27:6f:b5:
                    c0:d9:0a:af:c7:50:33:39:2e:a6:a1:e0:b9:35:8e:
                    8a:3a:5c:11:1f:1f:7b:d7:32:77:1b:29:2b:39:f6:
                    6c:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:1C:21:C8:ED:00:A1:9C:7F:83:6E:B4:EB:4F:14:59:10:B7:95:3F
            X509v3 Authority Key Identifier:
                keyid:86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:9a:e2:8a:e5:76:b6:72:e5:3f:bd:ee:ee:ac:5a:66:43:2f:
         f5:c6:51:b9:4e:ab:a8:94:96:5d:4c:80:29:4c:45:ee:9b:d4:
         e9:b6:26:d5:6c:62:0b:93:76:22:96:4d:10:6c:4e:11:90:e2:
         f2:81:21:59:99:93:a1:a4:b4:69:f0:df:7a:41:ff:a1:e9:9c:
         69:cd:78:b6:ff:6e:43:88:8f:47:d5:77:fb:1c:7c:68:11:0f:
         5a:b6:c1:67:89:8e:e8:d5:96:85:e6:61:ae:9f:dc:94:bc:5f:
         60:e6:9b:aa:67:33:2d:48:f6:35:8a:66:75:60:da:43:7d:84:
         80:25:86:02:01:9f:94:e4:3e:ea:32:ad:f0:00:2e:c5:13:0a:
         91:b9:d0:94:9e:69:a7:b6:7b:43:25:71:34:63:40:f8:06:3f:
         24:f6:73:6f:e1:ac:4a:8e:64:56:fb:6b:7b:ea:ae:59:1e:0f:
         b2:c7:08:d3:ee:cf:da:81:88:c5:ba:60:fd:07:c7:b1:53:b0:
         10:62:80:e0:73:ab:54:a3:a8:f0:5c:f3:50:68:94:22:d0:eb:
         8f:8f:d2:b8:c5:7a:fe:b2:6b:76:4b:8e:66:7b:8f:48:f6:95:
         7f:ce:0c:ef:46:82:fb:30:24:60:a4:dd:72:e0:60:49:7f:29:
         95:21:5f:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040y1R+hcgGjMGRc2x0qAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTg4NzJhYjlmYTJiYTAyY2IwMWE0NGNlOGViODc2NDEy
ODFjMWMwHhcNMjYwMzI5MDkwMDU2WhcNMjYwMzMwMDkwMDU2WjAzMTEwLwYDVQQD
Eyg2MzFjMjFjOGVkMDBhMTljN2Y4MzZlYjRlYjRmMTQ1OTEwYjc5NTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywv/EJqwDjA11mKrTMQlmEMRI1xh
BIe//c3f9FHKQl+IG9R3NAfqJgfZmhb5OswZh2fKQ2tErUJuVyj2Fn3L6E0Egfl4
9zwqqGFSZdxXkl6eYBv7oxt2Aj/ZC2ee6uM+5J7vPzzyB5pOPm/NimGkJnqVGpP/
n0occi5cXhwvjCUrrwC6OKmIvARoyHkk0hSBjgN3+jfjkSuVBtJ5Xjjmq/3sX/CK
+2RCx87x22yGkjEVoAvfQy2LnhDob+rJnNSPbpemAO2EnI+N7AKO+tzZTate+I0t
wBpcw3lqgGsnb7XA2Qqvx1AzOS6moeC5NY6KOlwRHx971zJ3GykrOfZsfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMcIcjtAKGcf4NutOtPFFkQt5U/MB8GA1UdIwQY
MBaAFIYYhyq5+iugLLAaRM6OuHZBKBwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMt
YmQ2OWY1MjYxODFiLzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMtYmQ2OWY1MjYxODFi
LzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiZriiuV2
tnLlP73u7qxaZkMv9cZRuU6rqJSWXUyAKUxF7pvU6bYm1WxiC5N2IpZNEGxOEZDi
8oEhWZmToaS0afDfekH/oemcac14tv9uQ4iPR9V3+xx8aBEPWrbBZ4mO6NWWheZh
rp/clLxfYOabqmczLUj2NYpmdWDaQ32EgCWGAgGflOQ+6jKt8AAuxRMKkbnQlJ5p
p7Z7QyVxNGNA+AY/JPZzb+GsSo5kVvtre+quWR4PsscI0+7P2oGIxbpg/QfHsVOw
EGKA4HOrVKOo8FzzUGiUItDrj4/SuMV6/rJrdkuOZnuPSPaVf84M70aC+zAkYKTd
cuBgSX8plSFflw==
-----END CERTIFICATE-----