Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          p77BRJVNCbd+wp5A8uQy7ELmVCPS5YXFhlVBqae0LPw=
Subject key identifier:   1E:41:B2:C4:C2:F1:10:A8:08:F1:CA:0C:63:28:8E:92:BF:5F:87:A1
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       019D382EA448DF5AC52F87225E24FBEB2D69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          114F
Signing time:             Sun 29 Mar 2026 06:01:13 +0000
Manifest this update:     Sun 29 Mar 2026 06:01:13 +0000
Manifest next update:     Mon 30 Mar 2026 06:01:13 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: mW7t/hykIe5AZTkeCnADo1lS75W/DFY63gqPxUQD0AM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:a4:48:df:5a:c5:2f:87:22:5e:24:fb:eb:2d:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Mar 29 06:01:13 2026 GMT
            Not After : Mar 30 06:01:13 2026 GMT
        Subject: CN=1e41b2c4c2f110a808f1ca0c63288e92bf5f87a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fd:03:0b:06:6e:59:88:99:22:06:41:57:b1:
                    6e:3c:00:c8:25:c8:aa:95:d0:fc:29:47:9e:f6:6a:
                    26:6f:45:1a:f8:af:b3:ee:d6:72:a2:fd:eb:63:93:
                    21:da:c6:0c:12:29:be:b3:cd:ae:25:3f:94:bf:4a:
                    00:b8:9c:fb:e0:91:e3:a0:96:00:b8:82:29:96:b5:
                    62:70:60:35:ab:63:11:ca:e8:4a:78:c4:7d:47:8a:
                    92:7c:6d:48:2e:c9:00:0e:40:25:2d:1f:8e:6f:5f:
                    68:ca:1a:15:a7:e5:97:cb:04:63:a3:5d:41:87:df:
                    5a:97:2c:89:79:87:22:37:00:ad:dd:22:e2:ef:40:
                    fe:53:dd:24:00:ae:da:7e:6b:46:13:48:e5:62:d2:
                    7b:ae:1f:8e:79:c5:96:ee:ee:e8:ac:95:2e:db:32:
                    b8:9f:81:08:58:bd:be:43:a8:f9:7c:62:33:6b:98:
                    e5:a8:14:89:48:3f:6d:58:ca:3d:15:42:c8:48:61:
                    2a:85:f7:70:03:6e:e8:fe:81:11:7e:bd:64:17:fb:
                    90:fb:7b:d0:e7:15:70:23:a5:cf:7e:31:7d:ac:fe:
                    49:eb:91:15:50:50:41:55:78:0a:b0:12:b7:56:ad:
                    a3:8a:2e:75:56:90:84:e2:76:ef:33:ae:b9:e5:69:
                    7d:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:41:B2:C4:C2:F1:10:A8:08:F1:CA:0C:63:28:8E:92:BF:5F:87:A1
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:24:2f:4f:62:01:b9:14:60:fc:40:07:57:2d:3c:c4:7c:6e:
         26:1a:1f:7d:c4:44:54:43:c2:b0:54:cc:f9:da:f8:e5:ca:e0:
         08:69:85:00:db:fa:fe:04:1c:d1:55:c9:93:1f:9e:77:2e:7e:
         ca:ca:87:17:f4:ec:6a:0b:e6:b2:32:03:80:db:8d:55:af:cf:
         55:b7:47:d3:ee:a7:bd:a9:2a:ff:0d:da:93:43:18:58:02:51:
         00:90:85:7e:d5:88:45:c4:90:a0:88:73:34:3e:9e:51:02:d5:
         7b:f4:81:1a:f9:82:c5:11:3c:91:51:f3:1c:11:ad:c3:37:e6:
         23:23:00:3b:b5:a0:bf:ea:9b:ec:d4:4a:a3:3b:d8:44:9e:2b:
         4a:09:7c:ce:17:65:a5:93:d8:97:03:c3:09:69:39:1e:a2:ac:
         f2:86:59:16:1e:17:e5:d6:0b:15:0a:0e:d3:c2:aa:e4:0c:78:
         da:c2:c3:6a:6f:0e:2a:36:55:d9:78:db:c7:45:54:43:07:61:
         44:cb:93:43:f4:61:4e:e2:1b:1d:6d:36:e2:08:5f:9a:15:e3:
         ba:e4:d8:e1:7f:fe:b6:90:d0:5a:b6:6f:c2:25:41:37:2c:d1:
         3d:99:66:c7:c3:3d:5d:64:df:db:61:66:c5:f1:f6:60:b0:e1:
         19:c1:54:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LqRI31rFL4ciXiT76y1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjYwMzI5MDYwMTEzWhcNMjYwMzMwMDYwMTEzWjAzMTEwLwYDVQQD
EygxZTQxYjJjNGMyZjExMGE4MDhmMWNhMGM2MzI4OGU5MmJmNWY4N2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/0DCwZuWYiZIgZBV7FuPADIJciq
ldD8KUee9momb0Ua+K+z7tZyov3rY5Mh2sYMEim+s82uJT+Uv0oAuJz74JHjoJYA
uIIplrVicGA1q2MRyuhKeMR9R4qSfG1ILskADkAlLR+Ob19oyhoVp+WXywRjo11B
h99alyyJeYciNwCt3SLi70D+U90kAK7afmtGE0jlYtJ7rh+OecWW7u7orJUu2zK4
n4EIWL2+Q6j5fGIza5jlqBSJSD9tWMo9FULISGEqhfdwA27o/oERfr1kF/uQ+3vQ
5xVwI6XPfjF9rP5J65EVUFBBVXgKsBK3Vq2jii51VpCE4nbvM6655Wl9BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5BssTC8RCoCPHKDGMojpK/X4ehMB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdSQvT2IB
uRRg/EAHVy08xHxuJhoffcREVEPCsFTM+dr45crgCGmFANv6/gQc0VXJkx+edy5+
ysqHF/TsagvmsjIDgNuNVa/PVbdH0+6nvakq/w3ak0MYWAJRAJCFftWIRcSQoIhz
ND6eUQLVe/SBGvmCxRE8kVHzHBGtwzfmIyMAO7Wgv+qb7NRKozvYRJ4rSgl8zhdl
pZPYlwPDCWk5HqKs8oZZFh4X5dYLFQoO08Kq5Ax42sLDam8OKjZV2Xjbx0VUQwdh
RMuTQ/RhTuIbHW024ghfmhXjuuTY4X/+tpDQWrZvwiVBNyzRPZlmx8M9XWTf22Fm
xfH2YLDhGcFUsg==
-----END CERTIFICATE-----