Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File:                     HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier:          B/5f3WNRsqAf6jfMjDD4SOH9vHwQTbLHaPVAX+4uEFA=
Subject key identifier:   55:74:DF:A8:D4:C6:ED:9F:1D:A1:F6:CF:BD:80:5D:79:8E:FB:C6:4B
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer:       /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial:       019D389C6AFD7BE41B6C43204E99B2927B56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number:          0805
Signing time:             Sun 29 Mar 2026 08:01:08 +0000
Manifest this update:     Sun 29 Mar 2026 08:01:08 +0000
Manifest next update:     Mon 30 Mar 2026 08:01:08 +0000
Files and hashes:         1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: hYLn85lW9yvlNm0KtkW014/N0t93pku2C+h3aA6p4LA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9c:6a:fd:7b:e4:1b:6c:43:20:4e:99:b2:92:7b:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
        Validity
            Not Before: Mar 29 08:01:08 2026 GMT
            Not After : Mar 30 08:01:08 2026 GMT
        Subject: CN=5574dfa8d4c6ed9f1da1f6cfbd805d798efbc64b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:11:ed:ae:82:b1:ef:33:fd:2e:43:d4:ed:d1:
                    e6:7a:da:81:64:69:1b:a1:42:9b:a8:56:d9:0b:c6:
                    82:66:b1:54:f2:63:2f:fa:2f:e1:68:ed:70:34:39:
                    df:88:1b:a1:08:83:4d:af:86:bd:09:bb:44:6b:c2:
                    0b:13:d9:94:db:7c:f4:de:d8:8e:ec:ad:f7:40:cc:
                    f9:ae:97:ec:b4:a6:ec:74:36:df:1e:cd:a2:f0:6b:
                    31:48:61:f1:96:51:de:49:9f:37:7c:5d:fd:3c:d1:
                    e1:f9:7a:0c:05:12:e9:9a:44:94:b7:47:14:25:42:
                    f6:07:79:b2:f1:35:4e:e8:09:3a:84:d8:2b:b4:0e:
                    47:f5:e4:97:0f:ac:0d:1a:a7:b6:b8:ef:7f:75:f5:
                    31:72:3f:9f:2b:b2:49:1d:9f:79:57:15:83:3e:fd:
                    1f:14:74:36:80:5c:40:11:75:08:88:ff:f8:b9:f2:
                    8f:35:6e:da:14:7a:2c:6a:fd:09:df:a0:6f:e2:49:
                    18:ce:59:3a:60:e9:bd:a2:e7:2a:e4:fb:a4:19:dc:
                    f3:be:de:23:88:93:4f:7f:06:27:b5:d6:34:b6:6a:
                    ee:1e:e6:07:12:74:d1:29:27:57:cd:39:e4:04:46:
                    20:16:b4:ac:17:ec:90:ba:cf:e0:eb:19:32:75:3f:
                    bc:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:74:DF:A8:D4:C6:ED:9F:1D:A1:F6:CF:BD:80:5D:79:8E:FB:C6:4B
            X509v3 Authority Key Identifier:
                keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d1:bf:67:d2:56:fd:24:62:48:53:9e:b3:d2:b2:04:27:25:66:
         c4:e9:fe:38:d7:7b:a1:94:a2:11:4c:63:94:59:4c:c7:d7:2a:
         e8:f5:1a:93:fb:be:66:49:79:2d:c3:3d:28:3a:8c:b4:1d:cb:
         f3:fa:f0:23:8f:49:32:ab:3c:43:09:9e:70:8a:ce:55:be:47:
         17:69:86:77:a6:5f:87:e1:d0:a0:23:07:92:f5:ab:2b:07:0a:
         d5:37:a1:5e:49:b1:12:5b:db:72:b3:b6:c9:08:e1:aa:a5:98:
         05:dc:80:eb:4f:20:e7:c9:97:67:1f:7d:1b:ec:bb:99:31:45:
         2f:24:2e:fc:03:91:22:b0:0d:65:ff:b4:77:b4:87:f3:b7:9e:
         23:49:16:75:61:b1:88:80:33:03:be:7c:22:36:ab:bd:93:f2:
         3b:fb:02:6a:6d:19:fa:42:45:7b:89:45:22:22:9f:a6:18:54:
         6e:81:6f:a8:0a:df:f8:08:df:df:f1:64:50:48:4c:15:39:42:
         79:22:a4:bc:b7:a6:e8:51:10:77:99:de:b4:84:ad:5d:50:5d:
         40:99:ec:75:ac:af:94:99:47:2b:9b:7a:fb:af:e2:5e:d6:72:
         b5:bf:b5:2c:62:b7:97:c6:cf:2f:bd:56:5a:e6:4e:15:b5:b0:
         84:74:57:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nGr9e+QbbEMgTpmykntWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjYwMzI5MDgwMTA4WhcNMjYwMzMwMDgwMTA4WjAzMTEwLwYDVQQD
Eyg1NTc0ZGZhOGQ0YzZlZDlmMWRhMWY2Y2ZiZDgwNWQ3OThlZmJjNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBHtroKx7zP9LkPU7dHmetqBZGkb
oUKbqFbZC8aCZrFU8mMv+i/haO1wNDnfiBuhCINNr4a9CbtEa8ILE9mU23z03tiO
7K33QMz5rpfstKbsdDbfHs2i8GsxSGHxllHeSZ83fF39PNHh+XoMBRLpmkSUt0cU
JUL2B3my8TVO6Ak6hNgrtA5H9eSXD6wNGqe2uO9/dfUxcj+fK7JJHZ95VxWDPv0f
FHQ2gFxAEXUIiP/4ufKPNW7aFHosav0J36Bv4kkYzlk6YOm9oucq5PukGdzzvt4j
iJNPfwYntdY0tmruHuYHEnTRKSdXzTnkBEYgFrSsF+yQus/g6xkydT+8iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFV036jUxu2fHaH2z72AXXmO+8ZLMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0b9n0lb9
JGJIU56z0rIEJyVmxOn+ONd7oZSiEUxjlFlMx9cq6PUak/u+Zkl5LcM9KDqMtB3L
8/rwI49JMqs8QwmecIrOVb5HF2mGd6Zfh+HQoCMHkvWrKwcK1TehXkmxElvbcrO2
yQjhqqWYBdyA608g58mXZx99G+y7mTFFLyQu/AORIrANZf+0d7SH87eeI0kWdWGx
iIAzA758IjarvZPyO/sCam0Z+kJFe4lFIiKfphhUboFvqArf+Ajf3/FkUEhMFTlC
eSKkvLem6FEQd5netIStXVBdQJnsdayvlJlHK5t6+6/iXtZytb+1LGK3l8bPL71W
WuZOFbWwhHRXcg==
-----END CERTIFICATE-----