Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          SbGr+598inR4OEPwsmPPMVXdmyz3BxDQhkadvXPrO0o=
Subject key identifier:   45:F3:7C:4C:52:2C:8C:00:A9:F3:89:2C:15:46:FF:CC:51:90:AF:44
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       019D382E17B08F2445D8914F122C319CC03B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          0ADF
Signing time:             Sun 29 Mar 2026 06:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:37 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: MO/x8zS1Mj1YXlHp1K2OdycOb5D8MUjq4mEjBfNJC9E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:17:b0:8f:24:45:d8:91:4f:12:2c:31:9c:c0:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Mar 29 06:00:37 2026 GMT
            Not After : Mar 30 06:00:37 2026 GMT
        Subject: CN=45f37c4c522c8c00a9f3892c1546ffcc5190af44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:28:3f:c0:67:ec:15:c4:3d:14:21:94:14:2d:
                    1d:b3:72:99:03:b1:50:35:30:12:84:13:fc:ea:74:
                    a9:3b:18:42:c3:38:a3:36:a4:d9:0b:83:a2:03:90:
                    0b:f6:a0:22:d2:a7:47:8a:43:98:15:ad:89:8f:13:
                    37:da:27:52:ca:e4:40:b9:9d:a9:7f:da:52:56:25:
                    ee:11:ba:c0:52:82:75:3f:95:6c:01:0c:ff:fa:55:
                    f7:b6:54:59:2a:c8:77:98:c4:00:d7:a9:89:55:9f:
                    32:f7:0b:ac:ff:eb:7c:61:8e:d4:33:26:93:ce:84:
                    8a:bf:d7:75:f8:ad:7d:06:b2:46:e0:bf:e0:e4:2f:
                    82:2f:99:aa:45:09:97:cd:44:2d:e5:08:b3:e9:a0:
                    49:9d:e4:e1:8f:3b:20:46:fc:3b:72:a6:3b:38:a7:
                    2e:bb:c5:90:6f:80:a0:3a:2e:be:c6:51:6e:00:bc:
                    41:0e:2a:ef:78:0b:d9:2e:69:a1:28:8c:f0:0d:41:
                    62:4e:c9:f0:b2:11:d8:d8:ee:83:43:a1:7a:60:80:
                    81:a4:1e:85:11:29:d4:cb:36:6f:d3:0d:8a:01:27:
                    34:c5:0b:20:90:cc:56:5e:0f:a7:14:78:e1:0e:af:
                    0b:91:4e:7e:e1:dd:46:60:6b:99:94:1f:0f:8d:a8:
                    9a:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:F3:7C:4C:52:2C:8C:00:A9:F3:89:2C:15:46:FF:CC:51:90:AF:44
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:89:0f:3b:84:7a:8b:9f:34:5b:c7:f1:37:4b:c6:27:7e:53:
         5a:3a:3d:99:5a:93:13:64:bb:a7:1a:d9:68:38:7c:65:3c:03:
         da:9a:a0:94:95:9c:00:df:1a:6f:17:b8:14:8b:39:6c:1b:64:
         aa:53:ff:c1:30:41:b5:75:27:e0:c4:68:54:2c:68:18:20:bd:
         5d:78:7e:49:12:cf:3f:ad:6a:d0:bf:46:77:2b:fa:ab:b3:19:
         40:f9:9c:6c:c3:f0:0c:27:b0:29:9a:44:ca:c0:41:2d:84:1e:
         a2:5b:4c:2a:db:a6:fd:bf:e3:f4:ae:04:5d:41:c8:0d:d7:31:
         d7:c2:ca:5b:39:29:2f:6e:c9:c2:83:36:c7:e7:84:70:1e:d9:
         66:09:e2:64:ed:93:69:43:94:95:03:82:92:d1:a1:e2:64:3d:
         7f:6d:44:f4:34:ac:83:86:cd:5b:bd:66:06:8c:63:f1:6f:94:
         cd:d7:9a:c8:09:99:15:a1:21:5b:82:6e:0a:38:7b:ae:ea:fd:
         94:b6:51:d2:ff:17:90:d9:bb:bb:15:00:27:67:10:e1:cb:68:
         fb:f8:9e:e4:b3:13:ca:d5:1d:85:b6:ef:20:73:8e:b8:ee:c4:
         27:e9:82:00:2b:23:8c:0f:0f:d9:25:22:0b:6a:97:28:89:ab:
         b8:d7:d1:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LhewjyRF2JFPEiwxnMA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjYwMzI5MDYwMDM3WhcNMjYwMzMwMDYwMDM3WjAzMTEwLwYDVQQD
Eyg0NWYzN2M0YzUyMmM4YzAwYTlmMzg5MmMxNTQ2ZmZjYzUxOTBhZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmig/wGfsFcQ9FCGUFC0ds3KZA7FQ
NTAShBP86nSpOxhCwzijNqTZC4OiA5AL9qAi0qdHikOYFa2JjxM32idSyuRAuZ2p
f9pSViXuEbrAUoJ1P5VsAQz/+lX3tlRZKsh3mMQA16mJVZ8y9wus/+t8YY7UMyaT
zoSKv9d1+K19BrJG4L/g5C+CL5mqRQmXzUQt5Qiz6aBJneThjzsgRvw7cqY7OKcu
u8WQb4CgOi6+xlFuALxBDirveAvZLmmhKIzwDUFiTsnwshHY2O6DQ6F6YICBpB6F
ESnUyzZv0w2KASc0xQsgkMxWXg+nFHjhDq8LkU5+4d1GYGuZlB8PjaiaYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEXzfExSLIwAqfOJLBVG/8xRkK9EMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl4kPO4R6
i580W8fxN0vGJ35TWjo9mVqTE2S7pxrZaDh8ZTwD2pqglJWcAN8abxe4FIs5bBtk
qlP/wTBBtXUn4MRoVCxoGCC9XXh+SRLPP61q0L9Gdyv6q7MZQPmcbMPwDCewKZpE
ysBBLYQeoltMKtum/b/j9K4EXUHIDdcx18LKWzkpL27JwoM2x+eEcB7ZZgniZO2T
aUOUlQOCktGh4mQ9f21E9DSsg4bNW71mBoxj8W+UzdeayAmZFaEhW4JuCjh7rur9
lLZR0v8XkNm7uxUAJ2cQ4cto+/ie5LMTytUdhbbvIHOOuO7EJ+mCACsjjA8P2SUi
C2qXKImruNfRhg==
-----END CERTIFICATE-----