Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File:                     HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier:          TiLkGFjzMn50jCGhUsFmVMB4HkvpHBkTQKkOP4yQeLE=
Subject key identifier:   AF:BF:8F:8B:6F:E8:AE:04:87:C2:73:31:48:F2:BA:81:F9:A4:80:2E
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer:       /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial:       019D39AE7F0CEFF7F946541300504448A7FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number:          0A4F
Signing time:             Sun 29 Mar 2026 13:00:30 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:30 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:30 +0000
Files and hashes:         1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: 2RbSRXQzPAYMMGC4dRGHCsCvIHDo8/FLFbt7qySH+xs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 13:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:7f:0c:ef:f7:f9:46:54:13:00:50:44:48:a7:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
        Validity
            Not Before: Mar 29 13:00:30 2026 GMT
            Not After : Mar 30 13:00:30 2026 GMT
        Subject: CN=afbf8f8b6fe8ae0487c2733148f2ba81f9a4802e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:67:9c:42:53:6d:42:72:dc:31:e4:dc:55:d6:
                    49:ec:7a:85:03:ed:b6:bb:7e:f4:27:2a:8a:04:57:
                    34:01:dd:dd:fe:ce:94:52:d3:f2:b1:de:1d:95:e5:
                    09:a6:ef:3f:0c:c5:34:de:bc:80:2a:52:8d:ea:89:
                    5c:ea:90:7c:64:3d:c7:e5:aa:e3:92:d2:de:39:13:
                    c3:e5:24:7d:bb:b3:fd:1d:9f:ff:7b:f1:ab:92:c8:
                    a7:4f:1a:22:3d:4b:a2:70:44:e4:c5:02:84:d4:67:
                    a3:12:5c:54:0f:1b:eb:26:d6:f0:a7:58:78:72:7b:
                    46:55:3f:de:20:8f:ca:2a:1b:48:24:a8:0f:5c:79:
                    c8:83:ff:4f:3b:14:c7:42:c3:c6:c4:0f:41:b2:8c:
                    74:34:72:06:b3:d6:90:a7:88:56:22:37:17:d6:24:
                    0b:c6:b6:3c:79:0b:3d:8b:5a:f8:2c:56:9e:e3:db:
                    ed:a5:ef:de:34:e3:39:ef:00:3c:5e:72:6b:04:df:
                    12:99:e0:37:50:97:4f:4e:e6:a7:4d:7e:ce:59:04:
                    88:0a:4d:c2:24:35:90:43:c3:ee:7a:bb:51:cd:f5:
                    a6:86:2d:2c:91:c1:16:c5:ef:73:d7:62:37:d3:c6:
                    f4:bd:7e:2b:fe:90:2c:6b:62:23:00:86:ba:70:8e:
                    87:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:BF:8F:8B:6F:E8:AE:04:87:C2:73:31:48:F2:BA:81:F9:A4:80:2E
            X509v3 Authority Key Identifier:
                keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:8f:e5:91:08:43:67:f4:d7:2a:b8:bf:50:dc:57:6a:50:ab:
         fe:b6:d9:3f:38:79:f1:fc:54:0d:bf:93:e9:f3:d4:2d:6f:54:
         af:b7:16:d2:77:be:ed:dd:67:48:47:7c:f7:57:36:6e:1b:d7:
         34:d7:3b:d1:b4:80:40:73:f3:30:f6:75:5f:9b:d8:17:b9:ac:
         41:42:91:4f:c2:e9:67:0c:d3:c8:48:f2:94:a3:64:fe:e5:cc:
         07:7d:b6:72:7e:02:7f:0a:01:5e:19:4d:a2:fa:62:c2:2b:9f:
         93:79:40:ac:1a:14:17:44:87:02:ad:1a:c1:37:7d:5c:6a:ca:
         7b:01:d3:36:9a:c0:06:37:d1:e7:e4:aa:c0:c0:94:9d:d3:5b:
         9f:48:cd:02:85:7c:1c:67:65:47:af:4e:df:40:05:12:64:c3:
         da:dc:c5:9c:98:da:86:c2:07:95:cb:5e:52:fd:22:98:e0:d2:
         10:48:a3:0d:27:96:a3:a1:74:28:de:a6:5b:30:db:7a:29:54:
         6b:b7:c0:f1:93:cf:6f:a8:fe:bf:65:46:8a:8d:26:71:91:33:
         31:06:02:09:96:3a:1a:0c:02:89:84:4d:4d:88:9e:fd:78:c7:
         ed:8c:38:36:3d:a1:04:82:f0:02:c7:45:7d:4f:74:85:b5:c3:
         a5:d8:09:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rn8M7/f5RlQTAFBESKf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjYwMzI5MTMwMDMwWhcNMjYwMzMwMTMwMDMwWjAzMTEwLwYDVQQD
EyhhZmJmOGY4YjZmZThhZTA0ODdjMjczMzE0OGYyYmE4MWY5YTQ4MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGecQlNtQnLcMeTcVdZJ7HqFA+22
u370JyqKBFc0Ad3d/s6UUtPysd4dleUJpu8/DMU03ryAKlKN6olc6pB8ZD3H5arj
ktLeORPD5SR9u7P9HZ//e/GrksinTxoiPUuicETkxQKE1GejElxUDxvrJtbwp1h4
cntGVT/eII/KKhtIJKgPXHnIg/9POxTHQsPGxA9Bsox0NHIGs9aQp4hWIjcX1iQL
xrY8eQs9i1r4LFae49vtpe/eNOM57wA8XnJrBN8SmeA3UJdPTuanTX7OWQSICk3C
JDWQQ8PuertRzfWmhi0skcEWxe9z12I308b0vX4r/pAsa2IjAIa6cI6HfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+/j4tv6K4Eh8JzMUjyuoH5pIAuMB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI4/lkQhD
Z/TXKri/UNxXalCr/rbZPzh58fxUDb+T6fPULW9Ur7cW0ne+7d1nSEd891c2bhvX
NNc70bSAQHPzMPZ1X5vYF7msQUKRT8LpZwzTyEjylKNk/uXMB322cn4CfwoBXhlN
ovpiwiufk3lArBoUF0SHAq0awTd9XGrKewHTNprABjfR5+SqwMCUndNbn0jNAoV8
HGdlR69O30AFEmTD2tzFnJjahsIHlcteUv0imODSEEijDSeWo6F0KN6mWzDbeilU
a7fA8ZPPb6j+v2VGio0mcZEzMQYCCZY6GgwCiYRNTYie/XjH7Yw4Nj2hBILwAsdF
fU90hbXDpdgJMA==
-----END CERTIFICATE-----