Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          n5PBaHsz7QT1bkHMGNsH8wm/A3OfAV9+SgvGVK7paIA=
Subject key identifier:   5F:CA:36:F0:FA:30:2F:EC:AC:75:66:2A:66:02:EF:71:A0:D6:C2:94
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       019D3A541CE194DDF46DF4E47C90EFA167DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          145D
Signing time:             Sun 29 Mar 2026 16:01:24 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:24 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:24 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: iimnmjEZBMAm9RQp3lFjbxf/apzEJcbKxxUBQoVLPRI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:1c:e1:94:dd:f4:6d:f4:e4:7c:90:ef:a1:67:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Mar 29 16:01:24 2026 GMT
            Not After : Mar 30 16:01:24 2026 GMT
        Subject: CN=5fca36f0fa302fecac75662a6602ef71a0d6c294
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b0:9f:d1:4d:ac:3e:98:72:aa:28:f7:f3:ed:
                    6d:ce:72:56:2a:c4:7a:44:0c:31:c6:d2:9a:cd:b1:
                    c4:8c:5a:e4:b0:28:78:29:33:d8:66:2b:f4:9b:1f:
                    b0:7b:85:63:f3:f4:b3:8a:2a:1f:20:3c:af:8b:d9:
                    3b:2e:db:9f:b5:06:07:2f:ca:01:3e:a6:58:76:20:
                    f6:09:0e:ae:1e:db:57:ea:8c:8b:e9:9e:a3:1b:81:
                    ac:be:c8:aa:a1:f8:6d:20:e5:ee:3f:e6:4d:9e:f3:
                    06:e7:f3:77:a7:8d:c3:c9:b4:1b:17:10:2c:8e:4f:
                    c4:f0:b1:e5:5c:82:5e:fc:a2:6e:c1:ee:af:ea:69:
                    87:41:8a:a5:ff:8d:7d:40:4c:74:3b:84:09:60:9b:
                    1f:1f:c0:b6:bc:72:9d:af:69:16:de:7d:34:f0:c4:
                    12:9c:3b:e7:fc:7c:d0:98:62:4d:a5:6b:83:2e:1a:
                    2f:f2:eb:d1:8b:ca:84:da:7a:85:e7:68:cb:e3:b9:
                    75:ac:0d:b9:c1:6c:74:08:6e:16:a8:7c:70:89:87:
                    4f:15:80:b8:de:43:7a:2b:e0:f8:60:9e:79:45:3b:
                    b1:fc:fd:4e:ca:39:1e:1a:20:b8:9d:cd:cb:66:09:
                    03:a8:a4:7f:ee:7d:47:d1:5a:dc:fd:47:54:31:70:
                    4d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:CA:36:F0:FA:30:2F:EC:AC:75:66:2A:66:02:EF:71:A0:D6:C2:94
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:af:d7:2c:b1:ca:af:b6:9c:fe:83:c8:96:12:43:a4:d1:8c:
         2a:c1:fb:4c:e9:49:95:04:93:91:7c:d1:ff:54:a4:80:e1:25:
         6d:56:1e:20:0e:b8:65:2c:89:08:60:59:f7:df:71:dc:7d:73:
         db:cb:eb:bb:a5:81:8f:c8:44:7c:7c:5d:6c:dd:b2:4c:0a:4a:
         4e:f4:ec:c6:d8:5a:bf:2b:74:5d:0a:f4:50:6e:d0:04:cf:ed:
         1a:19:6d:bb:c0:14:92:ec:c4:ed:90:b7:99:1d:a4:0d:23:bf:
         dc:a8:51:b6:72:cd:3a:bb:4b:21:ba:52:9e:48:bb:61:cb:9f:
         3f:ea:9c:48:a0:05:64:cc:56:12:6d:21:f6:9f:93:ed:0d:e7:
         96:cd:16:6a:80:dd:8d:6f:d7:3a:d1:07:59:dd:0a:f9:e7:4d:
         ee:81:02:b8:6b:ae:6c:fb:38:ee:43:cd:6c:65:35:29:63:4b:
         4c:ad:51:7e:4d:98:63:a0:dc:2e:fe:ff:10:71:10:93:ef:65:
         48:1d:cd:72:78:39:f5:f9:79:3a:58:d6:7f:77:5d:1d:c1:68:
         0b:89:10:88:4e:10:b8:cf:57:fa:3b:7c:91:df:95:5b:36:86:
         a5:f2:1a:1d:60:f6:2d:3a:d1:6c:19:84:e1:1f:31:24:be:b5:
         46:50:ff:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VBzhlN30bfTkfJDvoWfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjYwMzI5MTYwMTI0WhcNMjYwMzMwMTYwMTI0WjAzMTEwLwYDVQQD
Eyg1ZmNhMzZmMGZhMzAyZmVjYWM3NTY2MmE2NjAyZWY3MWEwZDZjMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7Cf0U2sPphyqij38+1tznJWKsR6
RAwxxtKazbHEjFrksCh4KTPYZiv0mx+we4Vj8/SziiofIDyvi9k7LtuftQYHL8oB
PqZYdiD2CQ6uHttX6oyL6Z6jG4GsvsiqofhtIOXuP+ZNnvMG5/N3p43DybQbFxAs
jk/E8LHlXIJe/KJuwe6v6mmHQYql/419QEx0O4QJYJsfH8C2vHKdr2kW3n008MQS
nDvn/HzQmGJNpWuDLhov8uvRi8qE2nqF52jL47l1rA25wWx0CG4WqHxwiYdPFYC4
3kN6K+D4YJ55RTux/P1OyjkeGiC4nc3LZgkDqKR/7n1H0Vrc/UdUMXBNEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/KNvD6MC/srHVmKmYC73Gg1sKUMB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXa/XLLHK
r7ac/oPIlhJDpNGMKsH7TOlJlQSTkXzR/1SkgOElbVYeIA64ZSyJCGBZ999x3H1z
28vru6WBj8hEfHxdbN2yTApKTvTsxthavyt0XQr0UG7QBM/tGhltu8AUkuzE7ZC3
mR2kDSO/3KhRtnLNOrtLIbpSnki7YcufP+qcSKAFZMxWEm0h9p+T7Q3nls0WaoDd
jW/XOtEHWd0K+edN7oECuGuubPs47kPNbGU1KWNLTK1Rfk2YY6DcLv7/EHEQk+9l
SB3Ncng59fl5OljWf3ddHcFoC4kQiE4QuM9X+jt8kd+VWzaGpfIaHWD2LTrRbBmE
4R8xJL61RlD/6w==
-----END CERTIFICATE-----