Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
File:                     RHhnr-yeLyk5So9fl_kJKdkoIQI.mft (raw, json)
Hash identifier:          FtzXPaJTzh6WHRWC4gO3V6ARWkpTqN0lrlkCmSFs8xM=
Subject key identifier:   C2:DE:ED:A6:68:92:95:01:7C:6E:27:33:38:5A:FF:B2:27:F3:4E:E5
Authority key identifier: 44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02
Certificate issuer:       /CN=447867afec9e2f29394a8f5f97f90929d9282102
Certificate serial:       019D3865648405A0ACC5AA0C4FF9CFC43EED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:01 +0000
Files and hashes:         1: RHhnr-yeLyk5So9fl_kJKdkoIQI.crl (hash: KhxDu99X0Tiep/D5EhBdGHsFXRfeK38zeainOdxXiF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:64:84:05:a0:ac:c5:aa:0c:4f:f9:cf:c4:3e:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=447867afec9e2f29394a8f5f97f90929d9282102
        Validity
            Not Before: Mar 29 07:01:01 2026 GMT
            Not After : Mar 30 07:01:01 2026 GMT
        Subject: CN=c2deeda6689295017c6e2733385affb227f34ee5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:85:25:6d:8e:01:b9:7d:a7:7f:db:7d:27:a4:
                    09:b8:70:68:b3:33:a5:fa:c9:dc:d0:1b:44:cc:0e:
                    5d:6f:62:ef:cf:59:37:37:90:96:14:74:59:64:2b:
                    b1:69:39:70:af:e2:36:55:30:f3:c4:8c:1c:5a:c8:
                    0d:c7:10:03:67:8b:57:27:f7:80:99:a9:00:80:66:
                    ad:65:e9:da:cc:b5:64:b0:33:d6:13:5d:b6:50:8c:
                    cb:b9:7e:ce:78:a1:d7:69:60:78:9b:19:fb:6b:48:
                    e9:bd:07:c8:a7:6d:c4:7a:63:aa:30:90:fe:04:a2:
                    33:08:0d:0e:b5:d1:c9:1d:5d:9f:b2:21:1d:82:75:
                    00:7f:18:61:a9:17:01:e1:42:54:85:8c:fe:84:79:
                    0e:46:23:5f:25:74:42:d9:b0:c7:fa:e1:fa:8c:c8:
                    e8:e9:2d:e8:bf:3f:c0:af:39:32:72:2d:86:c5:71:
                    57:0c:40:71:75:82:c3:aa:d0:c8:92:76:26:29:c8:
                    6f:4c:5c:97:89:aa:9c:53:88:bf:6b:8d:df:79:e9:
                    8d:c7:33:b2:37:cc:2c:b5:df:1a:49:10:17:ae:8c:
                    37:c7:d1:72:47:42:9c:f2:04:fc:e9:6d:9d:27:3e:
                    bb:68:52:7f:03:a4:91:95:28:26:bc:8c:87:7e:1b:
                    3c:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:DE:ED:A6:68:92:95:01:7C:6E:27:33:38:5A:FF:B2:27:F3:4E:E5
            X509v3 Authority Key Identifier:
                keyid:44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:ab:a9:ee:1f:d3:55:56:7b:ff:2b:3e:3a:fe:87:dc:45:6f:
         47:ad:0c:43:a3:a5:ff:48:32:95:97:47:cd:98:09:b7:92:84:
         d7:62:6d:1d:f3:9c:27:29:26:6f:20:f0:b3:4e:06:18:35:4a:
         0a:ed:e7:04:a6:c6:5c:5f:42:4b:9c:43:ca:99:b2:19:7d:04:
         37:62:02:4b:80:46:bc:48:dc:5e:77:2d:d7:f6:e6:ca:0b:14:
         ab:da:4b:8a:73:10:27:12:aa:66:57:dd:02:f2:c9:57:ba:b3:
         d2:c8:ee:52:32:17:d4:e3:0a:6a:27:61:96:d4:19:ba:74:dc:
         5d:6c:b4:40:d7:ab:a5:22:29:6f:34:04:e8:c6:cb:73:c2:77:
         6a:69:18:05:12:d1:99:b3:88:7a:80:9d:f7:1b:c3:ff:25:92:
         53:72:14:f9:91:8e:c2:de:b9:37:37:52:6e:da:37:e1:c7:59:
         2c:ac:ab:6c:ff:95:db:08:7a:d6:74:2c:5f:b9:52:31:02:4a:
         e4:ae:d5:5a:6c:41:d5:7f:1a:56:8c:3b:e5:f2:99:5a:71:1a:
         ea:9e:da:b2:c0:28:56:c7:17:4e:2f:0b:85:88:3b:e0:24:2b:
         e9:1a:9e:2c:04:b6:8e:49:be:a2:3b:e7:0a:54:ba:1b:be:fb:
         69:8c:f8:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZWSEBaCsxaoMT/nPxD7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Nzg2N2FmZWM5ZTJmMjkzOTRhOGY1Zjk3ZjkwOTI5ZDky
ODIxMDIwHhcNMjYwMzI5MDcwMTAxWhcNMjYwMzMwMDcwMTAxWjAzMTEwLwYDVQQD
EyhjMmRlZWRhNjY4OTI5NTAxN2M2ZTI3MzMzODVhZmZiMjI3ZjM0ZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24UlbY4BuX2nf9t9J6QJuHBoszOl
+snc0BtEzA5db2Lvz1k3N5CWFHRZZCuxaTlwr+I2VTDzxIwcWsgNxxADZ4tXJ/eA
makAgGatZenazLVksDPWE122UIzLuX7OeKHXaWB4mxn7a0jpvQfIp23EemOqMJD+
BKIzCA0OtdHJHV2fsiEdgnUAfxhhqRcB4UJUhYz+hHkORiNfJXRC2bDH+uH6jMjo
6S3ovz/Arzkyci2GxXFXDEBxdYLDqtDIknYmKchvTFyXiaqcU4i/a43feemNxzOy
N8wstd8aSRAXrow3x9FyR0Kc8gT86W2dJz67aFJ/A6SRlSgmvIyHfhs89wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLe7aZokpUBfG4nMzha/7In807lMB8GA1UdIwQY
MBaAFER4Z6/sni8pOUqPX5f5CSnZKCECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDIt
M2UxMDkxMDdjZWI2LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDItM2UxMDkxMDdjZWI2
LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO6up7h/T
VVZ7/ys+Ov6H3EVvR60MQ6Ol/0gylZdHzZgJt5KE12JtHfOcJykmbyDws04GGDVK
Cu3nBKbGXF9CS5xDypmyGX0EN2ICS4BGvEjcXnct1/bmygsUq9pLinMQJxKqZlfd
AvLJV7qz0sjuUjIX1OMKaidhltQZunTcXWy0QNerpSIpbzQE6MbLc8J3amkYBRLR
mbOIeoCd9xvD/yWSU3IU+ZGOwt65NzdSbto34cdZLKyrbP+V2wh61nQsX7lSMQJK
5K7VWmxB1X8aVow75fKZWnEa6p7assAoVscXTi8LhYg74CQr6RqeLAS2jkm+ojvn
ClS6G777aYz4Lw==
-----END CERTIFICATE-----