Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
File:                     an0UIH91yLFYDbJ_defD_bH_hgw.mft (raw, json)
Hash identifier:          pWlEPk1Ay+FSO7vx7FIQ82AtpoaerOPE28SKT6Xn9ZI=
Subject key identifier:   F9:F0:4C:FD:C3:B6:98:F0:47:FE:1B:C8:0D:82:67:77:97:83:C2:5D
Authority key identifier: 6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C
Certificate issuer:       /CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
Certificate serial:       019D371B7E99A40053996B9B708B57D5A724
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
Manifest number:          0B1D
Signing time:             Sun 29 Mar 2026 01:00:41 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:41 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:41 +0000
Files and hashes:         1: an0UIH91yLFYDbJ_defD_bH_hgw.crl (hash: odgEObzwxWRDk+5v/Us8LKBJDHKGgu01j6i/qp05Cq4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:7e:99:a4:00:53:99:6b:9b:70:8b:57:d5:a7:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
        Validity
            Not Before: Mar 29 01:00:41 2026 GMT
            Not After : Mar 30 01:00:41 2026 GMT
        Subject: CN=f9f04cfdc3b698f047fe1bc80d8267779783c25d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:1e:b0:8e:cc:a3:4b:24:37:87:f9:70:97:4f:
                    63:0f:74:34:5d:92:20:26:66:5a:d2:85:b8:45:60:
                    fe:2b:de:52:98:2c:64:b5:3e:5b:b6:ee:82:07:b7:
                    00:04:13:1d:00:99:97:2c:24:c9:61:11:11:f5:85:
                    c5:bf:e2:e0:ef:22:e4:2e:bd:f5:39:37:af:83:63:
                    2f:c6:bc:1f:3e:5d:ea:02:57:43:6d:4d:99:de:fa:
                    52:b6:f9:4f:2b:70:25:84:fd:ef:f7:d3:90:7e:a0:
                    51:f4:0c:11:0d:c7:ac:cb:e0:b5:e0:51:b5:c3:94:
                    e4:7e:a0:09:61:5f:0a:96:66:b6:53:57:e4:99:55:
                    5a:f4:cd:8a:f3:46:5b:0a:81:88:69:67:aa:ec:ae:
                    d2:73:05:fe:cf:44:66:25:a1:ba:37:59:c7:86:2f:
                    57:09:9c:e6:ff:57:e7:4b:5d:1b:88:9b:fe:bc:53:
                    6f:ce:1a:10:0c:b6:4a:a2:a9:18:9c:6e:d0:96:47:
                    a9:a1:15:1b:dd:31:10:1a:74:60:f0:27:b4:d6:7a:
                    71:2f:13:b9:b0:b3:9f:0c:2a:69:78:3d:06:02:8e:
                    5a:95:4b:36:d6:2a:ac:12:ff:72:e0:ba:5c:39:f4:
                    fd:5c:5d:e1:e6:93:fe:5a:04:c7:88:d4:b1:c0:02:
                    dc:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:F0:4C:FD:C3:B6:98:F0:47:FE:1B:C8:0D:82:67:77:97:83:C2:5D
            X509v3 Authority Key Identifier:
                keyid:6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:f0:0f:40:1d:95:8e:ac:5b:66:aa:fe:2e:ef:7a:cb:05:2c:
         c2:b1:ec:36:c4:29:6c:e3:77:59:3f:cc:17:52:d9:87:3d:83:
         8c:4a:53:5b:ab:83:d7:06:5e:8e:0f:29:06:b9:db:dd:11:39:
         ed:71:e4:67:7f:b5:e8:08:af:9b:4f:5e:9d:8c:82:d4:61:6a:
         08:ac:8e:7e:51:53:1c:af:50:22:df:e2:2e:9a:96:73:5b:2e:
         8c:6d:04:c2:46:70:93:86:5d:5d:7a:5b:e7:e8:fd:0c:97:34:
         1a:d5:dc:54:66:3d:4d:be:13:29:fc:dc:2c:9d:f3:44:a3:8d:
         7a:68:fc:1d:93:09:c8:8d:cb:6b:84:23:fc:99:ff:ec:30:aa:
         83:69:ac:f4:e4:6f:21:54:42:dd:ec:2d:5d:e8:96:dd:3b:a4:
         41:97:af:2a:73:2f:ed:46:78:bb:78:14:bf:c0:fa:a7:26:e6:
         60:0b:ed:b5:66:3d:c4:f2:ee:aa:df:3b:6c:0e:5a:ad:f9:e8:
         27:70:1b:da:e5:46:d2:d4:04:be:7f:43:99:8e:61:76:2e:c8:
         f9:a5:bb:d5:b4:43:11:43:d4:98:14:83:37:54:ac:82:82:44:
         d4:6f:1b:f4:da:7f:7f:ba:66:9c:c5:82:da:04:64:50:38:25:
         19:8d:e8:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G36ZpABTmWubcItX1ackMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2QxNDIwN2Y3NWM4YjE1ODBkYjI3Zjc1ZTdjM2ZkYjFm
Zjg2MGMwHhcNMjYwMzI5MDEwMDQxWhcNMjYwMzMwMDEwMDQxWjAzMTEwLwYDVQQD
EyhmOWYwNGNmZGMzYjY5OGYwNDdmZTFiYzgwZDgyNjc3Nzk3ODNjMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzx6wjsyjSyQ3h/lwl09jD3Q0XZIg
JmZa0oW4RWD+K95SmCxktT5btu6CB7cABBMdAJmXLCTJYRER9YXFv+Lg7yLkLr31
OTevg2MvxrwfPl3qAldDbU2Z3vpStvlPK3AlhP3v99OQfqBR9AwRDcesy+C14FG1
w5TkfqAJYV8Klma2U1fkmVVa9M2K80ZbCoGIaWeq7K7ScwX+z0RmJaG6N1nHhi9X
CZzm/1fnS10biJv+vFNvzhoQDLZKoqkYnG7QlkepoRUb3TEQGnRg8Ce01npxLxO5
sLOfDCppeD0GAo5alUs21iqsEv9y4LpcOfT9XF3h5pP+WgTHiNSxwALcBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnwTP3DtpjwR/4byA2CZ3eXg8JdMB8GA1UdIwQY
MBaAFGp9FCB/dcixWA2yf3Xnw/2x/4YMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEt
YmVhYTczNzEwYTY1LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEtYmVhYTczNzEwYTY1
LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEvAPQB2V
jqxbZqr+Lu96ywUswrHsNsQpbON3WT/MF1LZhz2DjEpTW6uD1wZejg8pBrnb3RE5
7XHkZ3+16Aivm09enYyC1GFqCKyOflFTHK9QIt/iLpqWc1sujG0EwkZwk4ZdXXpb
5+j9DJc0GtXcVGY9Tb4TKfzcLJ3zRKONemj8HZMJyI3La4Qj/Jn/7DCqg2ms9ORv
IVRC3ewtXeiW3TukQZevKnMv7UZ4u3gUv8D6pybmYAvttWY9xPLuqt87bA5arfno
J3Ab2uVG0tQEvn9DmY5hdi7I+aW71bRDEUPUmBSDN1SsgoJE1G8b9Np/f7pmnMWC
2gRkUDglGY3ong==
-----END CERTIFICATE-----