Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
File:                     HNuFgmJdF7G8uuE_xt20OruV0v4.mft (raw, json)
Hash identifier:          QNoyo3oBrJJLTD/OtKElRNq9twO5WKGoLPcn6DJgE7E=
Subject key identifier:   2E:BB:3E:9D:04:16:F6:AF:7B:46:29:F9:80:4D:45:90:C6:32:EB:8A
Authority key identifier: 1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE
Certificate issuer:       /CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
Certificate serial:       019D3940BABDF0B32E8C584AB283274608B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
Manifest number:          044C
Signing time:             Sun 29 Mar 2026 11:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:36 +0000
Files and hashes:         1: HNuFgmJdF7G8uuE_xt20OruV0v4.crl (hash: jyL7EOQ/uDYlQRIZMkAHIdBgLhF1huNtdAUqmtDEHoI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:ba:bd:f0:b3:2e:8c:58:4a:b2:83:27:46:08:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
        Validity
            Not Before: Mar 29 11:00:36 2026 GMT
            Not After : Mar 30 11:00:36 2026 GMT
        Subject: CN=2ebb3e9d0416f6af7b4629f9804d4590c632eb8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:87:06:0a:5e:82:97:74:4b:0a:c7:db:e6:48:
                    80:85:6d:cf:d6:11:d2:d7:23:0c:85:75:22:09:e3:
                    e8:e4:1d:74:cc:1f:88:13:85:dd:e5:73:d5:0f:09:
                    5a:d1:af:55:69:70:be:e2:29:ea:8f:75:34:f6:86:
                    7f:62:c1:55:63:dd:89:6f:2f:99:a3:2d:98:8d:a6:
                    2b:61:cb:cc:78:0a:16:f6:a2:6c:e4:a8:22:11:84:
                    dd:da:d7:55:cd:dc:dd:a6:d9:7f:b3:0b:7b:0d:70:
                    a2:f4:0a:cc:ea:b5:23:44:f6:2a:23:22:04:4c:8e:
                    6d:95:34:4b:9f:bb:17:36:4d:b3:3f:94:36:63:b2:
                    1e:0c:39:2b:9b:9d:4a:1f:15:ac:1a:f1:df:b5:c1:
                    b2:f0:b6:9d:e4:3a:79:15:32:f4:e5:4d:68:33:9e:
                    5d:8a:1d:8c:f8:ed:53:aa:03:df:72:ac:73:38:81:
                    4d:36:e8:9a:e6:05:c9:cb:4d:07:13:bb:7d:d7:2b:
                    3b:d1:b4:50:9e:e9:c1:1f:93:da:96:b0:b8:2c:19:
                    92:8e:ed:23:9f:85:66:40:dc:a7:8f:71:58:2c:94:
                    dc:c7:a0:a4:7e:7f:9f:cb:ce:dc:b5:3a:7d:47:29:
                    b0:3b:a5:47:d4:0b:00:c4:88:fb:04:49:1f:5d:70:
                    f3:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:BB:3E:9D:04:16:F6:AF:7B:46:29:F9:80:4D:45:90:C6:32:EB:8A
            X509v3 Authority Key Identifier:
                keyid:1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:b3:95:c4:aa:21:45:88:59:3c:5c:b5:68:9b:8e:de:2c:8c:
         2e:42:c1:86:9e:3b:2f:6b:c9:99:da:8d:54:4a:72:39:88:50:
         63:9d:ab:98:02:df:3d:6d:d6:89:8f:e1:ff:bc:fc:02:a9:06:
         69:6b:f6:3e:1b:10:5c:24:96:b2:99:72:0a:1b:f7:bb:1e:87:
         b7:73:b1:b7:89:b0:03:41:11:ae:0f:12:9a:02:79:bd:b0:b9:
         06:20:ef:b9:f8:54:41:c5:df:dd:19:2d:61:f3:de:3c:44:32:
         c8:39:ab:63:87:9b:3f:9e:0c:d4:9f:26:8e:8d:61:d2:50:01:
         19:17:f2:3e:e6:02:48:fa:f4:10:7b:56:40:e8:48:49:c1:c7:
         82:61:8f:60:a8:05:6d:73:01:5f:3a:93:61:34:bc:bf:33:cc:
         06:cf:6b:2d:be:73:67:67:6f:93:97:d8:31:ad:22:80:9a:0b:
         2f:76:ff:41:a8:77:5f:8f:34:f2:d3:a0:7e:d9:a1:3e:41:5a:
         cd:8d:49:42:c1:b4:ac:a8:ea:5c:0f:f9:ad:4d:a3:19:64:e7:
         0e:ec:01:a0:de:00:7a:6e:12:5a:9d:a9:51:06:50:9d:79:c3:
         a7:40:e1:35:5b:b8:2a:e3:00:2a:df:3b:33:da:31:b2:92:90:
         18:56:ff:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QLq98LMujFhKsoMnRgizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGI4NTgyNjI1ZDE3YjFiY2JhZTEzZmM2ZGRiNDNhYmI5
NWQyZmUwHhcNMjYwMzI5MTEwMDM2WhcNMjYwMzMwMTEwMDM2WjAzMTEwLwYDVQQD
EygyZWJiM2U5ZDA0MTZmNmFmN2I0NjI5Zjk4MDRkNDU5MGM2MzJlYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYcGCl6Cl3RLCsfb5kiAhW3P1hHS
1yMMhXUiCePo5B10zB+IE4Xd5XPVDwla0a9VaXC+4inqj3U09oZ/YsFVY92Jby+Z
oy2YjaYrYcvMeAoW9qJs5KgiEYTd2tdVzdzdptl/swt7DXCi9ArM6rUjRPYqIyIE
TI5tlTRLn7sXNk2zP5Q2Y7IeDDkrm51KHxWsGvHftcGy8Lad5Dp5FTL05U1oM55d
ih2M+O1TqgPfcqxzOIFNNuia5gXJy00HE7t91ys70bRQnunBH5PalrC4LBmSju0j
n4VmQNynj3FYLJTcx6Ckfn+fy87ctTp9RymwO6VH1AsAxIj7BEkfXXDz6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC67Pp0EFvave0Yp+YBNRZDGMuuKMB8GA1UdIwQY
MBaAFBzbhYJiXRexvLrhP8bdtDq7ldL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDct
NDVmYmE1Yzk3NTkzLzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDctNDVmYmE1Yzk3NTkz
LzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlLOVxKoh
RYhZPFy1aJuO3iyMLkLBhp47L2vJmdqNVEpyOYhQY52rmALfPW3WiY/h/7z8AqkG
aWv2PhsQXCSWsplyChv3ux6Ht3Oxt4mwA0ERrg8SmgJ5vbC5BiDvufhUQcXf3Rkt
YfPePEQyyDmrY4ebP54M1J8mjo1h0lABGRfyPuYCSPr0EHtWQOhIScHHgmGPYKgF
bXMBXzqTYTS8vzPMBs9rLb5zZ2dvk5fYMa0igJoLL3b/Qah3X4808tOgftmhPkFa
zY1JQsG0rKjqXA/5rU2jGWTnDuwBoN4Aem4SWp2pUQZQnXnDp0DhNVu4KuMAKt87
M9oxspKQGFb/AQ==
-----END CERTIFICATE-----