Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
File:                     hwCTRBAfUQ52oqserOnpp9kuTtU.mft (raw, json)
Hash identifier:          FAYmOwkwijkNaWcxmKvJNcIoVmuhSHm98yAyaNPKR2s=
Subject key identifier:   BD:E8:77:CF:12:02:EC:A1:49:26:28:44:5E:00:AD:AD:38:8E:E5:2E
Authority key identifier: 87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5
Certificate issuer:       /CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
Certificate serial:       019D3865B476BA2535F1A50FF87CB48A7130
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
Manifest number:          0AF1
Signing time:             Sun 29 Mar 2026 07:01:22 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:22 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:22 +0000
Files and hashes:         1: hwCTRBAfUQ52oqserOnpp9kuTtU.crl (hash: wnhxC9jExlW/6mvbTOfjbCDGDEiofI3gthYnPi17pts=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:b4:76:ba:25:35:f1:a5:0f:f8:7c:b4:8a:71:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
        Validity
            Not Before: Mar 29 07:01:22 2026 GMT
            Not After : Mar 30 07:01:22 2026 GMT
        Subject: CN=bde877cf1202eca1492628445e00adad388ee52e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:77:6e:04:6a:ed:5e:64:72:31:60:2d:33:bb:
                    83:93:e3:b9:ab:8e:da:e2:23:43:70:8f:68:9f:af:
                    a3:b3:89:9a:ee:f4:ac:7e:ba:b2:f6:bd:e5:73:c0:
                    0e:7c:3a:dd:8b:88:6f:23:c5:0f:9e:08:09:52:33:
                    a1:6f:0a:38:52:5a:cd:f0:be:17:07:2c:16:28:7d:
                    3c:ab:ce:fd:1f:69:90:62:f0:38:b4:e1:9b:50:80:
                    c2:62:a7:d2:33:ce:d1:87:5d:80:32:ad:bc:83:76:
                    a5:a9:ae:8a:b1:bb:d7:a2:10:da:6c:f1:01:ea:a9:
                    a8:c9:da:17:1f:0c:75:d2:de:33:0f:44:b5:39:c8:
                    52:8c:1a:ff:09:3e:55:f8:95:45:89:14:93:14:61:
                    46:cc:e0:00:f8:1c:08:e9:6b:81:81:3d:94:4d:fd:
                    e3:5f:13:4e:64:4f:a0:8c:4a:0a:97:20:b2:46:74:
                    8e:30:8b:e1:fe:27:e6:81:b9:7b:82:65:9b:9b:12:
                    59:07:8f:28:5f:ab:75:48:41:78:68:57:77:5e:59:
                    99:ff:e4:da:00:5b:58:9e:94:fc:dd:b4:56:e4:02:
                    aa:f5:3c:44:3d:ab:ea:da:e4:93:36:32:6c:83:61:
                    1d:6d:5c:5d:f8:52:26:36:d2:3a:ec:68:d0:1a:05:
                    b5:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:E8:77:CF:12:02:EC:A1:49:26:28:44:5E:00:AD:AD:38:8E:E5:2E
            X509v3 Authority Key Identifier:
                keyid:87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:4c:c0:86:54:e2:7e:03:9d:e3:25:fb:35:53:43:48:c6:d2:
         ab:f0:73:ce:43:2e:d9:ae:71:10:74:00:dc:fa:a8:4d:31:2e:
         7a:41:1c:69:17:0f:27:71:e2:30:dc:fc:f8:a8:cb:07:da:6f:
         5b:63:59:eb:ba:9e:29:a6:0b:6a:ed:96:6d:b1:28:4b:af:60:
         83:0a:cb:e2:19:71:04:1f:ce:a9:8a:33:8c:5e:19:1f:20:2b:
         ae:61:03:45:ce:3e:1d:2b:d7:4c:34:bf:4c:2f:7a:ec:85:39:
         36:73:f4:95:31:20:02:de:a9:76:33:7d:56:af:9e:01:01:0f:
         c6:8d:6b:a8:57:e8:5e:7d:75:14:48:bd:99:1d:49:8a:3e:ab:
         94:68:9b:bc:3c:21:35:51:ea:81:73:36:60:8e:ea:c4:eb:77:
         b5:cc:1a:ae:f4:0d:13:56:ea:fd:2e:1c:dd:31:3b:7d:76:28:
         b5:74:38:05:46:b0:17:d9:e5:3d:a0:38:55:51:49:c2:4f:a0:
         cd:2d:5d:aa:f3:25:99:2c:92:96:cc:19:d3:2d:2b:31:48:3f:
         21:3d:83:d6:97:bb:21:36:9b:cf:91:70:4a:ce:19:af:ea:8e:
         1f:33:12:05:d8:21:b2:e7:9a:f6:58:f5:52:ac:46:2c:07:31:
         5d:60:8a:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZbR2uiU18aUP+Hy0inEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MDA5MzQ0MTAxZjUxMGU3NmEyYWIxZWFjZTllOWE3ZDky
ZTRlZDUwHhcNMjYwMzI5MDcwMTIyWhcNMjYwMzMwMDcwMTIyWjAzMTEwLwYDVQQD
EyhiZGU4NzdjZjEyMDJlY2ExNDkyNjI4NDQ1ZTAwYWRhZDM4OGVlNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinduBGrtXmRyMWAtM7uDk+O5q47a
4iNDcI9on6+js4ma7vSsfrqy9r3lc8AOfDrdi4hvI8UPnggJUjOhbwo4UlrN8L4X
BywWKH08q879H2mQYvA4tOGbUIDCYqfSM87Rh12AMq28g3alqa6KsbvXohDabPEB
6qmoydoXHwx10t4zD0S1OchSjBr/CT5V+JVFiRSTFGFGzOAA+BwI6WuBgT2UTf3j
XxNOZE+gjEoKlyCyRnSOMIvh/ifmgbl7gmWbmxJZB48oX6t1SEF4aFd3XlmZ/+Ta
AFtYnpT83bRW5AKq9TxEPavq2uSTNjJsg2EdbVxd+FImNtI67GjQGgW1KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3od88SAuyhSSYoRF4Ara04juUuMB8GA1UdIwQY
MBaAFIcAk0QQH1EOdqKrHqzp6afZLk7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDkt
ZDZhZGExMjgxNjY4LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDktZDZhZGExMjgxNjY4
LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADEzAhlTi
fgOd4yX7NVNDSMbSq/BzzkMu2a5xEHQA3PqoTTEuekEcaRcPJ3HiMNz8+KjLB9pv
W2NZ67qeKaYLau2WbbEoS69ggwrL4hlxBB/OqYozjF4ZHyArrmEDRc4+HSvXTDS/
TC967IU5NnP0lTEgAt6pdjN9Vq+eAQEPxo1rqFfoXn11FEi9mR1Jij6rlGibvDwh
NVHqgXM2YI7qxOt3tcwarvQNE1bq/S4c3TE7fXYotXQ4BUawF9nlPaA4VVFJwk+g
zS1dqvMlmSySlswZ0y0rMUg/IT2D1pe7ITabz5FwSs4Zr+qOHzMSBdghsuea9lj1
UqxGLAcxXWCKog==
-----END CERTIFICATE-----