Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
File:                     HVdIhaDItCBcPfLR_Nc0h33hBdk.mft (raw, json)
Hash identifier:          4ZtaPPWz8xR02AkaZCdJWqFf4IOSf8ES5UmA9ukqzhs=
Subject key identifier:   EE:E8:4D:1D:29:DA:B2:77:29:14:E5:30:23:75:97:D5:4E:66:46:6D
Authority key identifier: 1D:57:48:85:A0:C8:B4:20:5C:3D:F2:D1:FC:D7:34:87:7D:E1:05:D9
Certificate issuer:       /CN=1d574885a0c8b4205c3df2d1fcd734877de105d9
Certificate serial:       019D36E5253B632ABCD6B728C2726B6CAD36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
Manifest number:          045F
Signing time:             Sun 29 Mar 2026 00:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 00:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 00:01:19 +0000
Files and hashes:         1: HVdIhaDItCBcPfLR_Nc0h33hBdk.crl (hash: uWm6/8VIfA32Cfyy3gEC4Drc0XAr0mLwcl7Wefhzrws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 00:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:36:e5:25:3b:63:2a:bc:d6:b7:28:c2:72:6b:6c:ad:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d574885a0c8b4205c3df2d1fcd734877de105d9
        Validity
            Not Before: Mar 29 00:01:19 2026 GMT
            Not After : Mar 30 00:01:19 2026 GMT
        Subject: CN=eee84d1d29dab2772914e530237597d54e66466d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:8b:53:4e:48:97:a3:1c:1e:1d:1a:b3:ff:5c:
                    4d:ce:1a:ca:2d:3b:21:4d:83:83:74:40:4a:4e:83:
                    d2:3c:0d:b1:bf:d8:91:5e:d7:5b:5a:98:26:72:fc:
                    9e:59:7a:d0:f8:9e:0d:60:f3:a0:8b:03:47:03:11:
                    9b:ae:5e:1b:18:e2:23:dd:4d:4c:9f:96:b2:68:8e:
                    a8:ad:93:df:ae:55:2d:79:76:33:4f:da:e8:19:92:
                    f3:2f:42:9f:49:1b:4c:21:5e:f7:80:e5:95:a3:44:
                    69:22:09:84:1d:26:18:6e:9a:82:1c:dc:9d:bc:04:
                    99:ea:6b:c9:79:63:26:06:66:f5:b8:cb:aa:32:29:
                    ea:17:df:f7:0f:5a:86:9b:4f:df:8f:bf:29:06:f1:
                    e7:e8:f4:25:7c:a8:f3:39:31:d4:b0:bd:be:21:1d:
                    d0:b7:d9:50:97:ef:66:12:e3:f1:2c:5a:32:4f:91:
                    a7:9c:ee:12:95:d3:83:12:bb:6a:99:8a:7a:9b:f3:
                    fc:b0:e7:88:a5:c2:55:b7:7d:b7:d0:3b:7a:91:0e:
                    b2:b2:ae:5b:ee:b0:c4:6a:d8:20:e1:17:72:12:02:
                    36:4d:1f:fa:51:3b:0e:96:c6:c7:dc:f6:bb:e8:b8:
                    ef:3c:9f:5f:6b:0b:03:77:8f:70:48:5c:ed:cd:8d:
                    c9:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:E8:4D:1D:29:DA:B2:77:29:14:E5:30:23:75:97:D5:4E:66:46:6D
            X509v3 Authority Key Identifier:
                keyid:1D:57:48:85:A0:C8:B4:20:5C:3D:F2:D1:FC:D7:34:87:7D:E1:05:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:17:53:ca:f8:d0:b2:82:85:d6:91:20:e4:f3:1b:4f:61:3c:
         d0:3d:36:46:ac:d2:07:2a:56:ab:df:cb:ba:97:83:13:65:01:
         39:cd:23:a8:04:aa:3e:58:17:cd:6c:d4:f3:61:b3:05:45:90:
         f5:29:7a:fc:fc:7f:cf:4e:ba:03:64:cc:3a:f6:a5:10:93:01:
         90:76:d5:6a:a8:9f:d5:94:17:ff:b3:7e:64:91:a5:dd:05:ef:
         89:62:cf:5f:9a:4f:8a:84:38:f4:9f:e8:3f:f2:0c:c0:55:39:
         4c:12:b0:c2:cf:01:28:94:a2:bd:5c:2d:1a:71:6b:c7:a5:d8:
         47:49:95:db:03:ee:1c:d7:30:34:78:43:2c:23:27:5e:02:2b:
         ae:e3:a8:60:55:ca:4d:1c:fd:fb:b6:ad:99:7e:71:68:19:8d:
         71:38:e6:a2:25:ae:e6:60:b2:a0:f4:43:99:1d:43:77:91:94:
         d1:24:67:0c:fa:93:82:28:2e:50:b5:2a:25:f1:4a:03:c2:f2:
         af:9c:fa:0c:29:60:4b:9c:be:a0:a3:b5:44:b0:49:1f:b5:bf:
         1a:85:1e:36:6c:c3:62:6b:65:7c:77:f9:56:15:bb:31:88:df:
         bb:28:86:64:3f:af:92:dc:c9:ad:ed:b0:b3:ac:e0:9b:8b:c3:
         71:dd:c7:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ025SU7Yyq81rcownJrbK02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNTc0ODg1YTBjOGI0MjA1YzNkZjJkMWZjZDczNDg3N2Rl
MTA1ZDkwHhcNMjYwMzI5MDAwMTE5WhcNMjYwMzMwMDAwMTE5WjAzMTEwLwYDVQQD
EyhlZWU4NGQxZDI5ZGFiMjc3MjkxNGU1MzAyMzc1OTdkNTRlNjY0NjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04tTTkiXoxweHRqz/1xNzhrKLTsh
TYODdEBKToPSPA2xv9iRXtdbWpgmcvyeWXrQ+J4NYPOgiwNHAxGbrl4bGOIj3U1M
n5ayaI6orZPfrlUteXYzT9roGZLzL0KfSRtMIV73gOWVo0RpIgmEHSYYbpqCHNyd
vASZ6mvJeWMmBmb1uMuqMinqF9/3D1qGm0/fj78pBvHn6PQlfKjzOTHUsL2+IR3Q
t9lQl+9mEuPxLFoyT5GnnO4SldODErtqmYp6m/P8sOeIpcJVt3230Dt6kQ6ysq5b
7rDEatgg4RdyEgI2TR/6UTsOlsbH3Pa76LjvPJ9fawsDd49wSFztzY3J0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7oTR0p2rJ3KRTlMCN1l9VOZkZtMB8GA1UdIwQY
MBaAFB1XSIWgyLQgXD3y0fzXNId94QXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82OTdkZjctYjE5Yi00NmYxLThlNDMt
OTE5OGNhMmFjNzY2LzEvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82OTdkZjctYjE5Yi00NmYxLThlNDMtOTE5OGNhMmFjNzY2
LzEvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADRdTyvjQ
soKF1pEg5PMbT2E80D02RqzSBypWq9/LupeDE2UBOc0jqASqPlgXzWzU82GzBUWQ
9Sl6/Px/z066A2TMOvalEJMBkHbVaqif1ZQX/7N+ZJGl3QXviWLPX5pPioQ49J/o
P/IMwFU5TBKwws8BKJSivVwtGnFrx6XYR0mV2wPuHNcwNHhDLCMnXgIrruOoYFXK
TRz9+7atmX5xaBmNcTjmoiWu5mCyoPRDmR1Dd5GU0SRnDPqTgiguULUqJfFKA8Ly
r5z6DClgS5y+oKO1RLBJH7W/GoUeNmzDYmtlfHf5VhW7MYjfuyiGZD+vktzJre2w
s6zgm4vDcd3H/A==
-----END CERTIFICATE-----