Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft
File:                     hRRRk1wYRkb4aHgjivsKDVqwut4.mft (raw, json)
Hash identifier:          njpGaotVQAaRNT87nXyi7lZwhHbIRTCBerB2OgIkfEo=
Subject key identifier:   C7:38:67:48:E1:6B:82:C2:0C:5A:8E:68:F6:77:67:DD:B6:EE:C6:3C
Authority key identifier: 85:14:51:93:5C:18:46:46:F8:68:78:23:8A:FB:0A:0D:5A:B0:BA:DE
Certificate issuer:       /CN=851451935c184646f86878238afb0a0d5ab0bade
Certificate serial:       019D3A540ECC3C5C61DA53AA323F77F3DD66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft
Manifest number:          023F
Signing time:             Sun 29 Mar 2026 16:01:20 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:20 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:20 +0000
Files and hashes:         1: hRRRk1wYRkb4aHgjivsKDVqwut4.crl (hash: P6/P8PlOltdKGVGqd96mWdR+DdillvLrBc7mnZcE0YQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:0e:cc:3c:5c:61:da:53:aa:32:3f:77:f3:dd:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851451935c184646f86878238afb0a0d5ab0bade
        Validity
            Not Before: Mar 29 16:01:20 2026 GMT
            Not After : Mar 30 16:01:20 2026 GMT
        Subject: CN=c7386748e16b82c20c5a8e68f67767ddb6eec63c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c6:ab:1e:14:33:70:a6:2b:14:e9:a4:a0:be:
                    0a:cd:3e:94:80:46:e6:06:aa:a2:11:da:6a:6e:2e:
                    25:1f:77:b3:cc:c6:ee:07:35:85:66:09:4f:da:a7:
                    f9:19:6b:a2:38:a0:e9:01:80:0c:09:e1:dd:86:66:
                    33:51:11:44:3b:8a:0e:52:db:b7:29:35:7e:b2:b8:
                    3d:e7:cd:3e:2a:f4:ff:d1:fa:99:86:55:d1:07:64:
                    b2:18:d9:01:a0:55:4b:d9:57:07:04:7a:bc:35:69:
                    ff:f5:99:7f:ab:0a:d6:74:14:e5:08:90:e6:06:cf:
                    f7:36:31:46:82:e8:13:67:d9:ef:35:2c:e5:fd:e1:
                    2f:25:c9:51:91:57:56:30:36:58:90:4e:5d:ca:97:
                    d1:bf:4a:15:d8:e2:39:e9:c7:6b:c8:53:39:1b:32:
                    50:cd:38:ad:67:bd:9d:25:3c:29:86:f4:c3:63:d2:
                    98:83:89:26:14:27:7c:76:f3:70:7f:17:2b:20:4e:
                    c8:b9:4d:5e:11:90:70:84:d8:08:38:c0:95:b9:13:
                    0f:d9:f9:cd:db:9f:4f:76:44:e5:42:16:9d:30:fc:
                    03:4c:ba:2e:86:b9:fd:a6:b3:92:17:4e:a3:71:b7:
                    07:42:bf:7a:02:a2:06:aa:41:10:ea:32:c1:69:2a:
                    d0:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:38:67:48:E1:6B:82:C2:0C:5A:8E:68:F6:77:67:DD:B6:EE:C6:3C
            X509v3 Authority Key Identifier:
                keyid:85:14:51:93:5C:18:46:46:F8:68:78:23:8A:FB:0A:0D:5A:B0:BA:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:52:a2:9e:ec:1a:72:76:9f:5e:58:22:2d:4c:09:d0:ed:22:
         b5:f7:23:d1:c0:81:8d:a1:47:a8:80:bf:4a:5d:3a:f2:44:ab:
         d1:d7:c4:ad:e7:35:4a:8b:5e:52:b8:0a:b3:68:42:4a:47:85:
         ce:80:2c:8f:c0:4d:d9:9f:e6:ab:fb:e8:d5:c8:de:a0:b4:91:
         d2:d2:a2:f5:fb:82:54:46:2e:e6:a1:ac:59:e5:69:e9:a9:41:
         07:9b:05:30:bd:6a:f7:48:2e:23:86:ac:cf:78:1f:9c:60:ea:
         6d:14:f4:cc:2b:01:ac:28:12:9b:ce:cc:5e:79:87:76:10:24:
         9c:e5:0a:19:8a:61:20:8b:ce:ae:ff:be:5a:c3:b4:2a:4a:64:
         39:21:d2:1f:0f:b0:08:5d:1b:de:b6:ce:9e:a0:87:9b:a8:89:
         ee:a1:3d:9a:31:12:a3:3a:6a:64:58:d3:c9:90:98:d0:c7:15:
         ff:dd:80:6b:6f:a2:8f:4e:fa:55:7a:a8:94:b3:f2:db:ee:5b:
         73:9f:98:97:60:87:63:2d:84:af:7f:d7:99:62:1c:ec:cf:6d:
         00:6c:cd:95:73:f4:ca:a4:aa:ef:3c:02:94:e1:e4:88:9c:f7:
         7a:97:95:58:67:77:9c:ac:9b:24:22:9a:10:e5:40:69:7d:26:
         6c:14:67:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VA7MPFxh2lOqMj93891mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MTQ1MTkzNWMxODQ2NDZmODY4NzgyMzhhZmIwYTBkNWFi
MGJhZGUwHhcNMjYwMzI5MTYwMTIwWhcNMjYwMzMwMTYwMTIwWjAzMTEwLwYDVQQD
EyhjNzM4Njc0OGUxNmI4MmMyMGM1YThlNjhmNjc3NjdkZGI2ZWVjNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MarHhQzcKYrFOmkoL4KzT6UgEbm
BqqiEdpqbi4lH3ezzMbuBzWFZglP2qf5GWuiOKDpAYAMCeHdhmYzURFEO4oOUtu3
KTV+srg9580+KvT/0fqZhlXRB2SyGNkBoFVL2VcHBHq8NWn/9Zl/qwrWdBTlCJDm
Bs/3NjFGgugTZ9nvNSzl/eEvJclRkVdWMDZYkE5dypfRv0oV2OI56cdryFM5GzJQ
zTitZ72dJTwphvTDY9KYg4kmFCd8dvNwfxcrIE7IuU1eEZBwhNgIOMCVuRMP2fnN
259PdkTlQhadMPwDTLouhrn9prOSF06jcbcHQr96AqIGqkEQ6jLBaSrQHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMc4Z0jha4LCDFqOaPZ3Z9227sY8MB8GA1UdIwQY
MBaAFIUUUZNcGEZG+Gh4I4r7Cg1asLreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kYjY5YjMtNzgxZS00Y2I5LTllZGYt
NmRkNmE5YzU1ZjU3LzEvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kYjY5YjMtNzgxZS00Y2I5LTllZGYtNmRkNmE5YzU1ZjU3
LzEvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVVKinuwa
cnafXlgiLUwJ0O0itfcj0cCBjaFHqIC/Sl068kSr0dfErec1SoteUrgKs2hCSkeF
zoAsj8BN2Z/mq/vo1cjeoLSR0tKi9fuCVEYu5qGsWeVp6alBB5sFML1q90guI4as
z3gfnGDqbRT0zCsBrCgSm87MXnmHdhAknOUKGYphIIvOrv++WsO0KkpkOSHSHw+w
CF0b3rbOnqCHm6iJ7qE9mjESozpqZFjTyZCY0McV/92Aa2+ij076VXqolLPy2+5b
c5+Yl2CHYy2Er3/XmWIc7M9tAGzNlXP0yqSq7zwClOHkiJz3epeVWGd3nKybJCKa
EOVAaX0mbBRnQg==
-----END CERTIFICATE-----