Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
File:                     HhkRubtcij4eK4pRFl-KcaCSxo0.mft (raw, json)
Hash identifier:          RmFh0BtwS3UedD5JsGDDxFeZ4j6GfjoGBphCFFuh8Vg=
Subject key identifier:   37:FE:B7:A4:D5:10:AD:D8:48:A3:2B:28:E2:99:F4:E9:74:76:79:6B
Authority key identifier: 1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D
Certificate issuer:       /CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
Certificate serial:       019D37C05F4D1CC64C20608485A27B660A80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
Manifest number:          1447
Signing time:             Sun 29 Mar 2026 04:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:47 +0000
Files and hashes:         1: HhkRubtcij4eK4pRFl-KcaCSxo0.crl (hash: kEWty8IgtQmT/4lzmae11C/ExCBc+ga2t4MhsCox+fg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:5f:4d:1c:c6:4c:20:60:84:85:a2:7b:66:0a:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
        Validity
            Not Before: Mar 29 04:00:47 2026 GMT
            Not After : Mar 30 04:00:47 2026 GMT
        Subject: CN=37feb7a4d510add848a32b28e299f4e97476796b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:17:25:81:fc:89:c6:eb:63:54:42:e8:3c:7d:
                    84:dc:65:51:e4:6e:ff:99:09:71:b7:38:e7:54:ab:
                    cc:a8:73:91:51:ef:a8:64:de:71:94:d0:a9:95:99:
                    92:6e:b2:40:ff:92:40:5d:78:92:f1:9f:6c:c3:ff:
                    c8:ce:f8:39:55:32:06:84:a4:b4:7d:99:18:35:8d:
                    73:2b:71:da:40:35:92:c5:df:10:74:f6:54:71:26:
                    fa:cc:6f:c8:c8:8c:bf:3d:cd:22:db:52:a2:3e:1d:
                    dd:c3:ba:80:7e:eb:1b:0a:05:dd:61:96:ea:7e:17:
                    e3:94:b2:fa:71:fa:29:d5:2c:dc:7e:b9:ed:df:21:
                    a4:a9:72:44:b9:18:d3:55:63:f1:80:e6:95:f4:59:
                    97:6b:43:d4:c3:9b:b6:fd:32:d3:f8:7e:c3:f8:37:
                    e9:ab:3c:b8:41:80:f8:31:03:b9:ae:a7:5c:50:8a:
                    ba:da:c9:bd:89:ab:82:06:7b:11:30:8a:64:b4:33:
                    f7:a6:33:7c:f5:2c:48:13:a9:93:86:fe:72:e2:cc:
                    72:42:66:8c:6b:2b:ac:a8:d9:dd:d5:65:c8:d5:4d:
                    b2:41:61:94:6b:df:f0:e7:09:ae:1f:6d:b3:1b:ef:
                    5b:da:a6:6f:ff:65:b9:c6:bf:bc:36:a5:df:97:b9:
                    45:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:FE:B7:A4:D5:10:AD:D8:48:A3:2B:28:E2:99:F4:E9:74:76:79:6B
            X509v3 Authority Key Identifier:
                keyid:1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:72:73:86:6f:f0:71:b3:e8:61:e0:2b:52:6c:f1:ff:f9:33:
         6f:88:6b:6c:0e:e1:78:5e:a8:95:cb:f1:b9:2a:63:7d:05:31:
         ab:ea:52:e3:76:1d:fd:e9:9d:10:e0:dc:79:81:68:cf:f8:0a:
         36:f3:8f:19:30:4f:ff:1b:3a:ef:7b:4c:d8:69:79:f0:08:30:
         0e:46:0b:62:fd:8a:b5:34:95:60:0c:74:7f:e9:c3:58:b7:5d:
         24:08:7a:83:89:a8:40:db:b0:31:e3:c2:d9:05:b2:8b:c4:c0:
         fa:8b:2a:a7:08:3a:ae:89:84:f8:dc:8f:af:64:20:7c:b6:3e:
         16:b5:6e:c2:36:75:cb:e2:60:c0:5a:78:4c:ce:53:55:98:7f:
         63:10:1d:fc:b9:9a:09:7c:c2:b5:17:a0:0b:54:38:9a:50:9d:
         bb:42:7b:84:e1:15:43:c6:01:4a:f6:2b:20:03:b7:89:e2:dc:
         3a:48:a3:d9:95:d2:9c:74:2f:48:53:6b:31:6a:93:8a:f9:d7:
         2f:9d:2a:b5:49:7a:e6:89:ea:48:d5:50:99:05:b8:37:06:19:
         45:b0:23:74:1f:75:28:a2:75:86:de:b6:d9:97:40:0a:18:ae:
         eb:7d:83:13:49:ee:c3:66:3d:c9:8b:17:23:ec:bb:20:3b:19:
         64:5d:1e:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wF9NHMZMIGCEhaJ7ZgqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTkxMWI5YmI1YzhhM2UxZTJiOGE1MTE2NWY4YTcxYTA5
MmM2OGQwHhcNMjYwMzI5MDQwMDQ3WhcNMjYwMzMwMDQwMDQ3WjAzMTEwLwYDVQQD
EygzN2ZlYjdhNGQ1MTBhZGQ4NDhhMzJiMjhlMjk5ZjRlOTc0NzY3OTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhclgfyJxutjVELoPH2E3GVR5G7/
mQlxtzjnVKvMqHORUe+oZN5xlNCplZmSbrJA/5JAXXiS8Z9sw//Izvg5VTIGhKS0
fZkYNY1zK3HaQDWSxd8QdPZUcSb6zG/IyIy/Pc0i21KiPh3dw7qAfusbCgXdYZbq
fhfjlLL6cfop1Szcfrnt3yGkqXJEuRjTVWPxgOaV9FmXa0PUw5u2/TLT+H7D+Dfp
qzy4QYD4MQO5rqdcUIq62sm9iauCBnsRMIpktDP3pjN89SxIE6mThv5y4sxyQmaM
ayusqNnd1WXI1U2yQWGUa9/w5wmuH22zG+9b2qZv/2W5xr+8NqXfl7lFxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDf+t6TVEK3YSKMrKOKZ9Ol0dnlrMB8GA1UdIwQY
MBaAFB4ZEbm7XIo+HiuKURZfinGgksaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQt
Yjc2ODZiOTA2MWE1LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQtYjc2ODZiOTA2MWE1
LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhXJzhm/w
cbPoYeArUmzx//kzb4hrbA7heF6olcvxuSpjfQUxq+pS43Yd/emdEODceYFoz/gK
NvOPGTBP/xs673tM2Gl58AgwDkYLYv2KtTSVYAx0f+nDWLddJAh6g4moQNuwMePC
2QWyi8TA+osqpwg6romE+NyPr2QgfLY+FrVuwjZ1y+JgwFp4TM5TVZh/YxAd/Lma
CXzCtRegC1Q4mlCdu0J7hOEVQ8YBSvYrIAO3ieLcOkij2ZXSnHQvSFNrMWqTivnX
L50qtUl65onqSNVQmQW4NwYZRbAjdB91KKJ1ht622ZdAChiu632DE0nuw2Y9yYsX
I+y7IDsZZF0eyg==
-----END CERTIFICATE-----