Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
File:                     hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json)
Hash identifier:          5vkace/hqObSvPxbta/LtTd6kz+5pQdJs4iLiojfSkY=
Subject key identifier:   84:D5:3B:F3:C0:3E:76:C1:9E:9D:5F:AE:02:3D:CC:9E:BF:E9:E2:47
Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF
Certificate issuer:       /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
Certificate serial:       019D37C082F159BBDC9BD3B01EC72EAF5733
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
Manifest number:          0F6E
Signing time:             Sun 29 Mar 2026 04:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:56 +0000
Files and hashes:         1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: 3X5elKz9efCXXjAw4OUPhXl3pUqLhhOfozTM85aBp8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:82:f1:59:bb:dc:9b:d3:b0:1e:c7:2e:af:57:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
        Validity
            Not Before: Mar 29 04:00:56 2026 GMT
            Not After : Mar 30 04:00:56 2026 GMT
        Subject: CN=84d53bf3c03e76c19e9d5fae023dcc9ebfe9e247
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4a:d0:8b:95:68:78:5e:54:12:6b:6a:c9:e2:
                    04:53:c1:ed:dd:dc:d4:91:9c:15:90:32:6d:f7:75:
                    e0:c3:d4:21:3f:bc:37:11:5c:f1:29:36:87:14:30:
                    4f:65:27:0d:6d:a0:c6:48:25:88:0c:f9:23:10:fe:
                    f0:18:72:90:b0:7b:65:ed:73:50:5b:63:69:32:ed:
                    fb:08:20:37:cd:85:bc:d5:ed:9c:0f:cb:34:ec:b2:
                    71:ca:91:6c:26:b3:4e:e0:96:75:39:21:fd:59:64:
                    b7:04:ad:8d:8b:6b:4f:e8:e0:92:c7:75:0d:0c:d5:
                    04:b6:b9:59:e5:e9:6e:8f:be:75:19:b8:05:c4:f0:
                    e2:90:8e:70:f4:b0:3b:c7:40:33:3d:ed:34:98:3b:
                    60:56:96:4a:22:64:35:06:7d:16:2d:55:ac:81:45:
                    49:c3:19:20:2e:ab:33:6c:89:41:7e:1f:0c:63:57:
                    46:7b:b1:f2:ff:7c:d5:4e:38:af:6c:ca:97:bb:76:
                    f8:65:1b:04:b8:e1:cb:0d:63:99:bc:8f:32:08:a5:
                    75:1c:2e:f6:09:83:b5:9e:fd:11:1a:c1:b4:a6:7a:
                    56:21:ba:3f:3f:34:42:4d:c1:0c:b7:89:71:6f:15:
                    f7:9c:27:a1:d0:ba:00:37:76:e0:34:98:03:11:30:
                    00:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:D5:3B:F3:C0:3E:76:C1:9E:9D:5F:AE:02:3D:CC:9E:BF:E9:E2:47
            X509v3 Authority Key Identifier:
                keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:69:48:4c:ca:c4:cb:5b:29:ec:55:50:f6:5e:84:8c:03:01:
         60:71:4f:77:44:c2:d8:e1:a1:5f:a6:09:bd:cf:50:64:ef:57:
         1f:58:2d:95:ee:c9:1c:e1:ad:16:05:eb:09:22:3f:d2:48:8e:
         95:b6:54:22:09:1c:e4:fd:e9:30:c7:a8:90:5d:68:ab:27:ce:
         d9:f7:f9:24:b2:b7:02:f7:17:13:7b:ed:59:32:6a:1d:c5:34:
         34:95:8f:4b:7e:f1:5c:b2:07:9e:1c:68:de:f7:74:de:d5:b8:
         c2:31:94:fc:b5:d6:c4:27:95:97:9a:4c:c7:c7:27:cd:53:52:
         4e:22:9c:8a:9e:44:18:d0:6c:a6:79:9b:f8:64:11:76:60:ae:
         4a:ce:28:da:d4:25:25:f4:ca:f0:fe:d4:a0:7c:d6:be:43:c5:
         1d:70:47:86:f4:10:f0:9d:fc:7c:b1:23:60:6d:5b:cc:ff:e7:
         6a:73:b6:d5:9f:55:17:92:e4:f7:1e:6e:e3:2b:3c:ac:88:a7:
         60:4c:6e:e9:eb:a8:02:30:a7:05:15:94:5e:ed:f4:57:4e:c3:
         9a:4f:97:70:8e:9c:75:f6:1d:ee:ca:53:54:5e:d5:37:1d:85:
         51:d0:71:a3:15:6f:7e:cb:89:f9:12:02:c1:67:11:32:0e:dc:
         af:d3:c8:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wILxWbvcm9OwHscur1czMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh
MjQ4YWYwHhcNMjYwMzI5MDQwMDU2WhcNMjYwMzMwMDQwMDU2WjAzMTEwLwYDVQQD
Eyg4NGQ1M2JmM2MwM2U3NmMxOWU5ZDVmYWUwMjNkY2M5ZWJmZTllMjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUrQi5VoeF5UEmtqyeIEU8Ht3dzU
kZwVkDJt93Xgw9QhP7w3EVzxKTaHFDBPZScNbaDGSCWIDPkjEP7wGHKQsHtl7XNQ
W2NpMu37CCA3zYW81e2cD8s07LJxypFsJrNO4JZ1OSH9WWS3BK2Ni2tP6OCSx3UN
DNUEtrlZ5eluj751GbgFxPDikI5w9LA7x0AzPe00mDtgVpZKImQ1Bn0WLVWsgUVJ
wxkgLqszbIlBfh8MY1dGe7Hy/3zVTjivbMqXu3b4ZRsEuOHLDWOZvI8yCKV1HC72
CYO1nv0RGsG0pnpWIbo/PzRCTcEMt4lxbxX3nCeh0LoAN3bgNJgDETAANwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITVO/PAPnbBnp1frgI9zJ6/6eJHMB8GA1UdIwQY
MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt
ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4
LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS2lITMrE
y1sp7FVQ9l6EjAMBYHFPd0TC2OGhX6YJvc9QZO9XH1gtle7JHOGtFgXrCSI/0kiO
lbZUIgkc5P3pMMeokF1oqyfO2ff5JLK3AvcXE3vtWTJqHcU0NJWPS37xXLIHnhxo
3vd03tW4wjGU/LXWxCeVl5pMx8cnzVNSTiKcip5EGNBspnmb+GQRdmCuSs4o2tQl
JfTK8P7UoHzWvkPFHXBHhvQQ8J38fLEjYG1bzP/nanO21Z9VF5Lk9x5u4ys8rIin
YExu6euoAjCnBRWUXu30V07Dmk+XcI6cdfYd7spTVF7VNx2FUdBxoxVvfsuJ+RIC
wWcRMg7cr9PIKA==
-----END CERTIFICATE-----