Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
File:                     hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft (raw, json)
Hash identifier:          1aslH8Qsy9+5Fy1ba7w+VXhgGdZjAGBFfBBS3p7ArMM=
Subject key identifier:   0F:6B:A6:F8:01:4C:1B:E3:61:39:4B:D6:46:89:29:63:39:B0:CD:B9
Authority key identifier: 85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C
Certificate issuer:       /CN=856350305f11387500f03c5a06ff73aa13592f1c
Certificate serial:       019D38D2F0D56DB78C48E2C1F6D2D74FEA85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 09:00:41 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:41 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:41 +0000
Files and hashes:         1: hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl (hash: zu9y7HeGHJarsbhZDGrwtY3j+B+pBKEpiouBeQV3kLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:f0:d5:6d:b7:8c:48:e2:c1:f6:d2:d7:4f:ea:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=856350305f11387500f03c5a06ff73aa13592f1c
        Validity
            Not Before: Mar 29 09:00:41 2026 GMT
            Not After : Mar 30 09:00:41 2026 GMT
        Subject: CN=0f6ba6f8014c1be361394bd64689296339b0cdb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:17:bb:86:fd:02:89:88:21:96:49:4e:7c:77:
                    e4:4f:01:da:7c:0e:94:be:e7:6f:d8:30:51:b5:5d:
                    d1:8c:96:41:7a:de:7e:33:b5:d5:75:77:cb:9b:c3:
                    7c:af:d5:d7:08:20:48:cf:f3:93:97:c7:c9:f3:d6:
                    f2:45:3d:59:85:3e:11:86:af:11:6b:ba:c1:5d:27:
                    8c:17:18:42:bc:df:70:cc:ad:10:72:b3:31:c0:52:
                    a2:09:bd:8b:a6:84:82:3d:f7:a2:13:1d:e1:94:5c:
                    f9:50:1a:7c:d0:da:1b:b3:2c:9d:a1:f8:d3:f4:97:
                    86:29:07:74:ab:9c:e8:d6:fd:c2:15:b9:ee:b9:8a:
                    ef:40:46:30:cc:88:99:7a:10:49:57:a6:4a:a0:a6:
                    40:fa:bb:0f:9f:2a:06:7c:4b:19:36:b8:61:46:ba:
                    50:8d:aa:9b:4e:bd:60:86:cf:fa:4d:54:9e:40:54:
                    b5:a9:89:65:16:04:9a:4a:99:a7:b6:da:bc:0e:bd:
                    46:df:fa:27:66:72:d0:c3:b8:45:bb:0e:f8:1e:a7:
                    43:0b:93:ca:77:0d:cf:04:32:93:14:b9:6b:4a:36:
                    63:d4:79:9a:bc:90:90:e3:b9:30:74:f2:5a:5d:59:
                    ed:16:6b:12:61:3a:b0:9c:5d:26:b7:20:74:16:5f:
                    67:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:6B:A6:F8:01:4C:1B:E3:61:39:4B:D6:46:89:29:63:39:B0:CD:B9
            X509v3 Authority Key Identifier:
                keyid:85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:b3:40:84:73:03:42:b1:e6:a8:06:05:d6:ce:cd:b9:d0:c3:
         66:b2:33:5d:ab:31:aa:e9:8e:b9:5d:29:60:35:c4:26:19:2f:
         f2:ac:12:ff:6c:3a:9a:89:ff:f0:12:24:74:9f:d6:13:cc:44:
         cb:4c:fb:6b:98:ef:c6:8d:2e:d8:20:d6:79:07:dc:03:8c:ab:
         a4:4e:55:77:33:31:36:99:b1:9e:24:88:5e:77:2d:19:c2:8d:
         ea:6a:9b:9f:42:87:79:c2:c1:dd:63:bf:60:bc:55:15:a6:e7:
         49:f8:4d:76:cd:38:90:26:bb:34:5d:00:15:3f:64:b5:a6:bc:
         a1:7d:ce:31:a1:c9:8f:d1:2b:ab:fb:28:07:3b:87:bb:ca:52:
         a9:2f:a8:e1:cc:f6:2b:a8:6b:5a:0d:c4:6e:8c:c6:92:0b:5a:
         92:aa:1f:06:d8:f1:a1:68:17:1a:5c:5a:74:e3:54:65:f6:91:
         21:ab:f8:6a:58:c6:2d:59:bd:14:cd:c7:fd:1f:bb:2c:95:b7:
         0f:f9:0a:ad:0a:e4:d0:7d:d2:71:39:0c:5b:32:cd:7a:84:0d:
         68:e6:d8:a9:b7:cc:80:2e:50:04:0c:6d:1e:2f:17:32:20:ff:
         bb:ac:f1:21:2b:33:d1:92:24:01:72:58:b3:46:c2:99:60:77:
         54:61:a1:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040vDVbbeMSOLB9tLXT+qFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjM1MDMwNWYxMTM4NzUwMGYwM2M1YTA2ZmY3M2FhMTM1
OTJmMWMwHhcNMjYwMzI5MDkwMDQxWhcNMjYwMzMwMDkwMDQxWjAzMTEwLwYDVQQD
EygwZjZiYTZmODAxNGMxYmUzNjEzOTRiZDY0Njg5Mjk2MzM5YjBjZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhe7hv0CiYghlklOfHfkTwHafA6U
vudv2DBRtV3RjJZBet5+M7XVdXfLm8N8r9XXCCBIz/OTl8fJ89byRT1ZhT4Rhq8R
a7rBXSeMFxhCvN9wzK0QcrMxwFKiCb2LpoSCPfeiEx3hlFz5UBp80NobsyydofjT
9JeGKQd0q5zo1v3CFbnuuYrvQEYwzIiZehBJV6ZKoKZA+rsPnyoGfEsZNrhhRrpQ
jaqbTr1ghs/6TVSeQFS1qYllFgSaSpmnttq8Dr1G3/onZnLQw7hFuw74HqdDC5PK
dw3PBDKTFLlrSjZj1HmavJCQ47kwdPJaXVntFmsSYTqwnF0mtyB0Fl9nDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9rpvgBTBvjYTlL1kaJKWM5sM25MB8GA1UdIwQY
MBaAFIVjUDBfETh1APA8Wgb/c6oTWS8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTct
ZWNlYzFiMmVkYjU5LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTctZWNlYzFiMmVkYjU5
LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoLNAhHMD
QrHmqAYF1s7NudDDZrIzXasxqumOuV0pYDXEJhkv8qwS/2w6mon/8BIkdJ/WE8xE
y0z7a5jvxo0u2CDWeQfcA4yrpE5VdzMxNpmxniSIXnctGcKN6mqbn0KHecLB3WO/
YLxVFabnSfhNds04kCa7NF0AFT9ktaa8oX3OMaHJj9Erq/soBzuHu8pSqS+o4cz2
K6hrWg3EbozGkgtakqofBtjxoWgXGlxadONUZfaRIav4aljGLVm9FM3H/R+7LJW3
D/kKrQrk0H3ScTkMWzLNeoQNaObYqbfMgC5QBAxtHi8XMiD/u6zxISsz0ZIkAXJY
s0bCmWB3VGGhVQ==
-----END CERTIFICATE-----