Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File:                     hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier:          hGSVEN0KGEsLlprGDjuIaLIbzr2ESf71CwBwMlwPsS4=
Subject key identifier:   3F:9D:60:50:CB:33:D0:2E:28:9E:9B:CA:56:57:3B:88:95:EC:CE:7D
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer:       /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial:       019D38D2B7457048A7177871A40908C15F5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number:          0C36
Signing time:             Sun 29 Mar 2026 09:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:26 +0000
Files and hashes:         1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: TCE7D3mzvfdP0fmy6GH594zaWBocjiy3y961c423XDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:b7:45:70:48:a7:17:78:71:a4:09:08:c1:5f:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
        Validity
            Not Before: Mar 29 09:00:26 2026 GMT
            Not After : Mar 30 09:00:26 2026 GMT
        Subject: CN=3f9d6050cb33d02e289e9bca56573b8895ecce7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b8:47:f5:66:bd:e3:6c:93:7b:6d:36:ab:d4:
                    6e:0e:24:07:58:74:d5:71:75:a9:50:b5:79:d5:f2:
                    85:c2:7b:6a:bd:ea:10:f1:0f:49:a3:a0:06:ce:ff:
                    04:c0:ee:45:cd:2b:68:f4:cb:36:d8:fc:db:d7:51:
                    26:6b:6b:48:00:9c:44:3e:f3:a8:04:bd:81:fe:a6:
                    02:be:44:67:fe:44:e7:d4:81:4e:d0:2e:ab:c8:e4:
                    02:44:f7:3e:3f:a5:00:cf:16:6f:8d:c6:17:82:48:
                    6e:d5:50:76:43:30:6e:7b:ae:44:ec:06:ef:99:b4:
                    da:49:78:4b:62:a4:e4:38:a4:52:8d:2c:d4:f2:08:
                    bd:d0:aa:75:26:dd:32:d7:44:55:5a:7f:73:f3:ec:
                    9c:3f:bc:96:12:dd:42:0a:b7:c5:0b:e7:4c:8b:1c:
                    71:d1:f6:db:3e:a3:b3:e1:18:54:b0:71:22:0b:c8:
                    03:87:52:99:7c:20:83:9d:24:b1:38:d2:4c:3f:59:
                    58:97:30:55:ce:02:77:38:f8:f3:44:16:90:f0:ca:
                    76:96:d9:e2:84:e9:1a:7e:3a:fe:d0:cd:85:b7:80:
                    2f:2f:83:53:bb:50:38:51:70:73:04:12:1d:c8:89:
                    fb:03:78:66:a0:c4:d7:32:48:5e:5b:de:16:d5:a8:
                    37:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:9D:60:50:CB:33:D0:2E:28:9E:9B:CA:56:57:3B:88:95:EC:CE:7D
            X509v3 Authority Key Identifier:
                keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d0:af:c0:d0:e2:9c:67:7d:05:d8:25:4b:52:b0:05:af:d2:bb:
         87:55:93:2f:c3:4d:5d:2f:00:37:4e:6d:e5:b9:c3:54:40:52:
         31:09:5f:5c:5e:a8:37:3e:f3:fd:0e:e3:ec:05:d9:0e:c0:5f:
         b0:57:bc:e4:71:3c:64:32:fe:94:bf:04:c2:51:09:80:21:c8:
         84:bf:52:71:dc:24:d2:33:20:6d:96:c0:6b:88:97:81:65:48:
         86:08:06:43:e3:24:22:ff:4a:7b:a4:01:c5:9e:e3:32:c2:0b:
         68:2a:70:c0:a2:42:af:de:a3:60:92:68:1a:da:19:51:1c:05:
         78:d9:2e:59:cd:ab:3a:fa:c2:51:05:1d:f0:3a:3d:af:fd:9b:
         e4:9b:70:d9:53:32:ab:aa:14:4c:a6:10:56:9c:2d:db:10:1c:
         94:54:23:1b:95:98:7b:8b:9b:12:a9:35:ee:73:d2:43:cf:06:
         f5:ab:53:2f:6a:26:1d:4d:8c:13:48:8a:dc:d1:d1:e9:b7:dd:
         6d:d3:51:07:67:12:33:9b:17:fb:03:ee:22:29:db:5b:f8:5f:
         68:05:df:90:fa:74:14:ef:83:9a:f0:0b:9a:31:e4:ff:5f:f7:
         df:28:c5:ac:13:56:da:8e:9f:94:a9:4a:90:f8:9b:18:41:fd:
         21:30:45:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040rdFcEinF3hxpAkIwV9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjYwMzI5MDkwMDI2WhcNMjYwMzMwMDkwMDI2WjAzMTEwLwYDVQQD
EygzZjlkNjA1MGNiMzNkMDJlMjg5ZTliY2E1NjU3M2I4ODk1ZWNjZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLhH9Wa942yTe202q9RuDiQHWHTV
cXWpULV51fKFwntqveoQ8Q9Jo6AGzv8EwO5FzSto9Ms22Pzb11Ema2tIAJxEPvOo
BL2B/qYCvkRn/kTn1IFO0C6ryOQCRPc+P6UAzxZvjcYXgkhu1VB2QzBue65E7Abv
mbTaSXhLYqTkOKRSjSzU8gi90Kp1Jt0y10RVWn9z8+ycP7yWEt1CCrfFC+dMixxx
0fbbPqOz4RhUsHEiC8gDh1KZfCCDnSSxONJMP1lYlzBVzgJ3OPjzRBaQ8Mp2ltni
hOkafjr+0M2Ft4AvL4NTu1A4UXBzBBIdyIn7A3hmoMTXMkheW94W1ag3jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+dYFDLM9AuKJ6bylZXO4iV7M59MB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0K/A0OKc
Z30F2CVLUrAFr9K7h1WTL8NNXS8AN05t5bnDVEBSMQlfXF6oNz7z/Q7j7AXZDsBf
sFe85HE8ZDL+lL8EwlEJgCHIhL9Scdwk0jMgbZbAa4iXgWVIhggGQ+MkIv9Ke6QB
xZ7jMsILaCpwwKJCr96jYJJoGtoZURwFeNkuWc2rOvrCUQUd8Do9r/2b5Jtw2VMy
q6oUTKYQVpwt2xAclFQjG5WYe4ubEqk17nPSQ88G9atTL2omHU2ME0iK3NHR6bfd
bdNRB2cSM5sX+wPuIinbW/hfaAXfkPp0FO+DmvALmjHk/1/33yjFrBNW2o6flKlK
kPibGEH9ITBFlA==
-----END CERTIFICATE-----