Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/33f12a-9fca-4828-b8f1-9c704f815aaa/1/rhVFyl4w95yXBeJw8eh_r6-5pjI.mft
File:                     rhVFyl4w95yXBeJw8eh_r6-5pjI.mft (raw, json)
Hash identifier:          /Qm3lnfDmjAqSW0cZRZ+h8Urg+wAzkPRvwfBKs20yME=
Subject key identifier:   61:04:6C:5C:43:4F:FF:82:9A:C7:59:95:BA:B1:C1:15:85:47:CB:61
Authority key identifier: AE:15:45:CA:5E:30:F7:9C:97:05:E2:70:F1:E8:7F:AF:AF:B9:A6:32
Certificate issuer:       /CN=ae1545ca5e30f79c9705e270f1e87fafafb9a632
Certificate serial:       019D39AEF8DA19F20B5F946D0F3427627FC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rhVFyl4w95yXBeJw8eh_r6-5pjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/33f12a-9fca-4828-b8f1-9c704f815aaa/1/rhVFyl4w95yXBeJw8eh_r6-5pjI.mft
Manifest number:          8E
Signing time:             Sun 29 Mar 2026 13:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:01 +0000
Files and hashes:         1: rhVFyl4w95yXBeJw8eh_r6-5pjI.crl (hash: 5nDIOnHm0BvbeuaYcMq3SsnAOwQV2EJHPRvU6iKFInI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/33f12a-9fca-4828-b8f1-9c704f815aaa/1/rhVFyl4w95yXBeJw8eh_r6-5pjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/33f12a-9fca-4828-b8f1-9c704f815aaa/1/rhVFyl4w95yXBeJw8eh_r6-5pjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rhVFyl4w95yXBeJw8eh_r6-5pjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:f8:da:19:f2:0b:5f:94:6d:0f:34:27:62:7f:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae1545ca5e30f79c9705e270f1e87fafafb9a632
        Validity
            Not Before: Mar 29 13:01:01 2026 GMT
            Not After : Mar 30 13:01:01 2026 GMT
        Subject: CN=61046c5c434fff829ac75995bab1c1158547cb61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:8a:7c:68:5b:e3:15:b2:30:c3:a9:75:40:8f:
                    af:19:e1:ca:a1:19:0e:9e:4c:8e:33:e7:03:e0:b5:
                    99:e8:70:c5:6d:68:67:57:da:f3:e7:dc:d3:74:9b:
                    4d:95:99:a7:9c:1b:78:b7:2e:e2:33:83:a7:a1:1c:
                    66:55:8a:6f:9f:19:15:9c:ca:70:42:13:75:b3:4b:
                    43:f7:3a:87:0a:bc:25:4d:f4:9b:da:32:38:8e:a1:
                    ae:2d:f9:52:cd:41:63:92:0e:b3:d3:23:c2:8c:99:
                    85:d4:39:2f:08:1b:1f:37:c1:81:7f:4d:7c:cf:12:
                    ae:96:00:fc:b8:52:e4:b1:48:b2:2f:af:46:a0:fc:
                    0c:90:1c:e7:c5:16:4d:7f:9d:2d:b9:f2:2d:09:25:
                    1b:03:8f:38:9e:d2:17:d1:21:25:8a:a1:00:d7:83:
                    a7:a4:89:39:7a:bc:cb:19:90:9e:92:24:3a:6c:f1:
                    17:38:ee:d2:8e:27:dc:fd:59:cc:97:3c:19:a6:cd:
                    0a:33:b2:62:98:25:1e:ce:1e:3b:52:da:9e:2f:60:
                    86:59:ae:8a:84:7c:32:93:a9:9e:94:e4:e1:54:7a:
                    57:14:ab:9f:be:3b:4b:2e:5a:06:42:e4:d1:e9:c2:
                    7a:d7:b3:cf:7f:bf:f1:c1:4a:3c:42:90:4b:0e:01:
                    6b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:04:6C:5C:43:4F:FF:82:9A:C7:59:95:BA:B1:C1:15:85:47:CB:61
            X509v3 Authority Key Identifier:
                keyid:AE:15:45:CA:5E:30:F7:9C:97:05:E2:70:F1:E8:7F:AF:AF:B9:A6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rhVFyl4w95yXBeJw8eh_r6-5pjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/33f12a-9fca-4828-b8f1-9c704f815aaa/1/rhVFyl4w95yXBeJw8eh_r6-5pjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/33f12a-9fca-4828-b8f1-9c704f815aaa/1/rhVFyl4w95yXBeJw8eh_r6-5pjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:ad:49:08:0b:5d:11:28:f7:27:ca:1d:75:2b:b8:7d:96:61:
         b4:76:40:00:85:a0:3d:a2:4e:2e:40:21:9a:a8:fa:01:c1:1a:
         a3:66:68:fc:75:d8:e2:dd:34:31:07:7b:5d:dc:0a:d6:fb:7f:
         c3:42:de:3e:b4:dc:a3:86:56:92:c6:18:a4:0a:16:0b:f4:eb:
         eb:36:9f:59:7f:f8:6d:a3:13:5f:cd:59:3a:fb:12:09:09:2b:
         e0:b6:67:92:3a:38:ae:5b:85:b1:d7:b5:94:c2:23:6c:d2:ea:
         c4:5a:9a:d1:5a:6f:72:0b:00:a4:af:5c:1d:d9:49:47:1e:fd:
         8e:17:32:6c:2d:d7:e0:5c:86:4f:b8:8b:0c:63:7b:ff:25:cb:
         59:31:95:cc:7f:86:e9:3d:66:bd:84:d7:7b:53:98:98:0b:14:
         9c:b5:2f:63:e7:d3:cd:22:6d:5f:f1:c0:d1:28:d2:79:9e:71:
         41:d4:da:21:bf:f1:fd:8a:a8:55:c8:77:fe:ac:7c:56:2f:75:
         33:49:4a:e8:89:56:ad:f0:66:ac:5b:32:cd:0a:57:01:81:7d:
         e5:cc:e4:18:da:c1:6c:18:9c:27:f8:65:51:b7:66:64:79:4a:
         b9:30:f7:86:3b:59:8e:e7:67:df:f7:94:86:6e:0a:f5:da:50:
         06:c5:08:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rvjaGfILX5RtDzQnYn/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMTU0NWNhNWUzMGY3OWM5NzA1ZTI3MGYxZTg3ZmFmYWZi
OWE2MzIwHhcNMjYwMzI5MTMwMTAxWhcNMjYwMzMwMTMwMTAxWjAzMTEwLwYDVQQD
Eyg2MTA0NmM1YzQzNGZmZjgyOWFjNzU5OTViYWIxYzExNTg1NDdjYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Ip8aFvjFbIww6l1QI+vGeHKoRkO
nkyOM+cD4LWZ6HDFbWhnV9rz59zTdJtNlZmnnBt4ty7iM4OnoRxmVYpvnxkVnMpw
QhN1s0tD9zqHCrwlTfSb2jI4jqGuLflSzUFjkg6z0yPCjJmF1DkvCBsfN8GBf018
zxKulgD8uFLksUiyL69GoPwMkBznxRZNf50tufItCSUbA484ntIX0SEliqEA14On
pIk5erzLGZCekiQ6bPEXOO7Sjifc/VnMlzwZps0KM7JimCUezh47UtqeL2CGWa6K
hHwyk6melOThVHpXFKufvjtLLloGQuTR6cJ617PPf7/xwUo8QpBLDgFrWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGEEbFxDT/+CmsdZlbqxwRWFR8thMB8GA1UdIwQY
MBaAFK4VRcpeMPeclwXicPHof6+vuaYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmhWRnlsNHc5NXlYQmVKdzhlaF9yNi01cGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zM2YxMmEtOWZjYS00ODI4LWI4ZjEt
OWM3MDRmODE1YWFhLzEvcmhWRnlsNHc5NXlYQmVKdzhlaF9yNi01cGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zM2YxMmEtOWZjYS00ODI4LWI4ZjEtOWM3MDRmODE1YWFh
LzEvcmhWRnlsNHc5NXlYQmVKdzhlaF9yNi01cGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD61JCAtd
ESj3J8oddSu4fZZhtHZAAIWgPaJOLkAhmqj6AcEao2Zo/HXY4t00MQd7XdwK1vt/
w0LePrTco4ZWksYYpAoWC/Tr6zafWX/4baMTX81ZOvsSCQkr4LZnkjo4rluFsde1
lMIjbNLqxFqa0VpvcgsApK9cHdlJRx79jhcybC3X4FyGT7iLDGN7/yXLWTGVzH+G
6T1mvYTXe1OYmAsUnLUvY+fTzSJtX/HA0SjSeZ5xQdTaIb/x/YqoVch3/qx8Vi91
M0lK6IlWrfBmrFsyzQpXAYF95czkGNrBbBicJ/hlUbdmZHlKuTD3hjtZjudn3/eU
hm4K9dpQBsUIog==
-----END CERTIFICATE-----