Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          0oyz3xO/YHBNQwfZ8wOGisVh6mT4RuaiF95lW+0vuqs=
Subject key identifier:   38:73:EB:07:C5:3A:96:49:5D:5C:84:7C:95:31:9B:4C:EF:49:0E:2F
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       019D3865F65A5D1AF417975BADD095B240D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0DD9
Signing time:             Sun 29 Mar 2026 07:01:39 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:39 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:39 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: ADYtFJw8uCm4NoYMBYbcYFWC7QacOV8EF9SHTqJ4luA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:f6:5a:5d:1a:f4:17:97:5b:ad:d0:95:b2:40:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Mar 29 07:01:39 2026 GMT
            Not After : Mar 30 07:01:39 2026 GMT
        Subject: CN=3873eb07c53a96495d5c847c95319b4cef490e2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:d3:04:5f:c2:d2:59:37:a9:8f:67:78:bf:cb:
                    4a:7c:e1:49:c7:f0:70:e6:c4:e5:24:f7:b4:ed:63:
                    9f:52:91:49:1f:3e:43:df:c1:3d:f4:00:cf:d2:9d:
                    91:54:67:73:95:a9:8f:2e:16:cb:f8:44:b2:85:0e:
                    17:68:9e:e1:1e:c3:27:94:dc:57:d6:2d:7b:d2:61:
                    6f:bb:6e:f1:ec:94:84:12:db:4f:d3:96:85:0c:85:
                    ba:a7:96:62:f7:f9:70:00:6c:ca:a9:27:0b:0b:cb:
                    31:96:c4:4d:c4:c2:a8:05:1c:e6:54:11:8d:5e:49:
                    4e:ab:08:7b:95:46:9f:69:4a:75:88:b7:3f:a3:e5:
                    51:f2:2f:09:13:a7:87:13:e0:1b:6d:49:5f:f5:49:
                    3d:0e:ba:16:bf:74:22:93:10:7b:f5:bf:3d:90:80:
                    a2:0c:4b:cb:a7:60:13:47:1a:25:11:6d:09:5a:dd:
                    ab:1a:1d:cc:7e:02:90:a8:d3:65:97:0c:a6:33:bd:
                    47:fd:6c:7f:93:cf:d6:c4:21:c6:45:b9:62:8a:aa:
                    f8:30:99:95:6d:eb:58:0c:d1:c9:3b:a0:8b:42:dd:
                    75:ad:7e:ce:53:23:1e:14:32:a2:e7:78:5c:84:da:
                    b9:99:a2:04:e8:10:d5:13:8e:ae:c7:40:29:11:d3:
                    f0:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:73:EB:07:C5:3A:96:49:5D:5C:84:7C:95:31:9B:4C:EF:49:0E:2F
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:23:a6:48:6d:c5:63:23:44:d6:d7:2d:8b:bc:16:1a:7b:70:
         1d:8a:5d:88:41:c3:08:0f:14:ca:92:36:f8:eb:3d:e6:33:13:
         1e:89:5e:b8:5a:ee:49:59:66:9a:f9:34:6a:95:df:1f:7c:45:
         b9:7b:84:a4:a9:08:8c:c5:19:d2:7c:0b:c4:0e:8c:e8:42:eb:
         4f:fe:53:8e:0b:2d:cc:d9:4f:be:a3:66:b9:51:0a:aa:fc:8c:
         c6:93:73:d6:e9:96:da:c5:bc:2f:11:f0:29:a6:b0:f2:55:2e:
         14:e0:d8:82:7a:16:db:f8:ce:1a:75:1e:0c:4f:af:2a:b7:a7:
         87:95:f8:ca:10:3a:6e:65:da:fe:b3:7d:48:f0:6b:6c:33:c0:
         67:49:7c:cc:b9:28:17:57:b1:98:b9:7d:20:37:8a:8a:f0:a0:
         d2:41:e0:2c:9a:1d:f3:54:4d:11:e8:0d:98:5e:04:08:db:8b:
         63:ec:75:69:d6:42:67:de:81:b3:28:1b:ed:6a:d1:d2:a7:76:
         3c:d3:a2:87:92:3b:7e:39:e7:37:76:27:c4:6d:8c:f8:fa:32:
         11:6a:aa:1c:9c:4f:94:3a:20:b1:30:70:00:b3:db:e8:7a:eb:
         8f:b6:e7:86:fc:27:60:d2:8d:71:c2:04:6a:15:6d:65:ba:9c:
         ea:d4:7a:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfZaXRr0F5dbrdCVskDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjYwMzI5MDcwMTM5WhcNMjYwMzMwMDcwMTM5WjAzMTEwLwYDVQQD
EygzODczZWIwN2M1M2E5NjQ5NWQ1Yzg0N2M5NTMxOWI0Y2VmNDkwZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99MEX8LSWTepj2d4v8tKfOFJx/Bw
5sTlJPe07WOfUpFJHz5D38E99ADP0p2RVGdzlamPLhbL+ESyhQ4XaJ7hHsMnlNxX
1i170mFvu27x7JSEEttP05aFDIW6p5Zi9/lwAGzKqScLC8sxlsRNxMKoBRzmVBGN
XklOqwh7lUafaUp1iLc/o+VR8i8JE6eHE+AbbUlf9Uk9DroWv3QikxB79b89kICi
DEvLp2ATRxolEW0JWt2rGh3MfgKQqNNllwymM71H/Wx/k8/WxCHGRbliiqr4MJmV
betYDNHJO6CLQt11rX7OUyMeFDKi53hchNq5maIE6BDVE46ux0ApEdPwVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhz6wfFOpZJXVyEfJUxm0zvSQ4vMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOCOmSG3F
YyNE1tcti7wWGntwHYpdiEHDCA8UypI2+Os95jMTHoleuFruSVlmmvk0apXfH3xF
uXuEpKkIjMUZ0nwLxA6M6ELrT/5TjgstzNlPvqNmuVEKqvyMxpNz1umW2sW8LxHw
Kaaw8lUuFODYgnoW2/jOGnUeDE+vKrenh5X4yhA6bmXa/rN9SPBrbDPAZ0l8zLko
F1exmLl9IDeKivCg0kHgLJod81RNEegNmF4ECNuLY+x1adZCZ96Bsygb7WrR0qd2
PNOih5I7fjnnN3YnxG2M+PoyEWqqHJxPlDogsTBwALPb6Hrrj7bnhvwnYNKNccIE
ahVtZbqc6tR6Dw==
-----END CERTIFICATE-----