Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft
File:                     hvKEMvItcjPdX3Xz07HMCHN4-0g.mft (raw, json)
Hash identifier:          8k6bzVL+OBRSW7PcIVxNK47ZP0KtS/Iahtb8hGfCbEw=
Subject key identifier:   6D:99:DB:19:BC:76:EA:79:3C:AD:A1:65:7B:A1:A3:7E:2E:BF:59:8B
Authority key identifier: 86:F2:84:32:F2:2D:72:33:DD:5F:75:F3:D3:B1:CC:08:73:78:FB:48
Certificate issuer:       /CN=86f28432f22d7233dd5f75f3d3b1cc087378fb48
Certificate serial:       019D382E31052B8F62AD2EA5467A3B85A50A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft
Manifest number:          023B
Signing time:             Sun 29 Mar 2026 06:00:44 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:44 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:44 +0000
Files and hashes:         1: hvKEMvItcjPdX3Xz07HMCHN4-0g.crl (hash: Sza4C2UbO8wD+HUKIDQHIMP1m1MG4XdLpUSO3Z92tBA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:31:05:2b:8f:62:ad:2e:a5:46:7a:3b:85:a5:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86f28432f22d7233dd5f75f3d3b1cc087378fb48
        Validity
            Not Before: Mar 29 06:00:44 2026 GMT
            Not After : Mar 30 06:00:44 2026 GMT
        Subject: CN=6d99db19bc76ea793cada1657ba1a37e2ebf598b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:78:c2:05:ae:87:68:e8:da:42:53:b1:c8:89:
                    e0:0b:63:82:2b:54:4a:63:60:84:54:64:7c:a2:eb:
                    6d:2f:f7:2a:f3:e9:55:3c:61:47:a4:a3:a0:82:e6:
                    b4:e6:43:08:a6:0d:04:07:1c:ef:67:9c:70:00:62:
                    c7:77:e0:b2:25:1a:dd:8a:ec:5d:30:1b:38:95:17:
                    24:b7:25:07:b1:ba:b1:e2:e4:cb:00:50:82:18:c4:
                    a3:bf:04:45:02:f1:18:a8:72:14:e1:00:c6:1d:b9:
                    96:1c:cf:aa:73:c2:a2:b9:89:a5:6f:99:ce:a7:dd:
                    2c:53:ae:6d:4b:b3:f3:ca:be:02:f1:85:97:5b:93:
                    4f:8a:0d:1f:55:22:66:4e:b5:13:85:18:fa:d8:1f:
                    3f:c2:bb:f8:d5:98:7b:1d:e9:5f:2e:bf:5b:55:fe:
                    b2:6c:ba:8f:79:cb:f6:72:ca:ad:53:74:a7:d4:f1:
                    d1:4c:d8:1b:f2:1a:b4:09:8c:7f:73:b1:8a:b1:4e:
                    f1:93:14:67:56:ed:1a:9c:03:31:44:ac:9f:50:3d:
                    93:cb:c0:a7:a7:de:30:96:f6:ad:fb:e0:c7:09:41:
                    a1:ab:c5:f8:fc:3d:b2:3a:35:07:de:d4:c4:7a:34:
                    fa:43:53:9e:4e:87:79:57:f6:be:95:ab:aa:b8:69:
                    43:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:99:DB:19:BC:76:EA:79:3C:AD:A1:65:7B:A1:A3:7E:2E:BF:59:8B
            X509v3 Authority Key Identifier:
                keyid:86:F2:84:32:F2:2D:72:33:DD:5F:75:F3:D3:B1:CC:08:73:78:FB:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:bd:b9:0a:3d:ea:c7:cd:fa:28:a3:37:df:f2:6c:2f:4c:e5:
         21:c5:ca:8c:04:29:6d:d6:b6:0b:c3:a4:10:3a:dd:10:56:8e:
         79:d5:fc:9f:81:bf:d5:dd:ee:e7:26:77:35:40:97:f3:c2:85:
         c5:38:a9:e2:6e:3e:61:b2:a5:de:11:19:5a:e3:7f:78:b2:52:
         e9:89:20:25:4c:65:9b:7a:a6:56:ca:3e:ba:d5:91:06:03:4b:
         9a:15:35:9f:3b:c6:7c:92:f4:6b:31:af:54:89:47:de:09:d7:
         9e:c0:44:7d:1d:51:b9:6d:f7:b1:fb:d1:8e:9f:0a:b4:ba:b2:
         5d:22:9a:2c:29:81:7e:4b:55:e2:ef:3e:45:a0:a3:64:93:64:
         43:6a:f6:a1:f1:da:c1:e0:25:15:98:b4:91:6e:61:ed:d1:33:
         13:5d:92:9c:1d:c0:ba:9f:d3:15:5d:b3:7b:bf:4b:ab:0e:f5:
         f5:40:ef:a7:31:8e:f0:84:c5:06:e9:19:62:e3:5b:0e:4d:63:
         92:fd:67:55:46:a4:09:5e:21:7b:07:f0:57:b3:40:39:57:54:
         5d:f9:e5:88:06:f8:49:86:79:3f:2f:9b:4e:6b:65:6e:b8:57:
         c2:4b:9a:f6:81:e5:b6:a0:0f:ef:94:05:a9:07:9e:7a:e1:07:
         05:7c:e5:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LjEFK49irS6lRno7haUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZjI4NDMyZjIyZDcyMzNkZDVmNzVmM2QzYjFjYzA4NzM3
OGZiNDgwHhcNMjYwMzI5MDYwMDQ0WhcNMjYwMzMwMDYwMDQ0WjAzMTEwLwYDVQQD
Eyg2ZDk5ZGIxOWJjNzZlYTc5M2NhZGExNjU3YmExYTM3ZTJlYmY1OThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3jCBa6HaOjaQlOxyIngC2OCK1RK
Y2CEVGR8outtL/cq8+lVPGFHpKOggua05kMIpg0EBxzvZ5xwAGLHd+CyJRrdiuxd
MBs4lRcktyUHsbqx4uTLAFCCGMSjvwRFAvEYqHIU4QDGHbmWHM+qc8KiuYmlb5nO
p90sU65tS7Pzyr4C8YWXW5NPig0fVSJmTrUThRj62B8/wrv41Zh7HelfLr9bVf6y
bLqPecv2csqtU3Sn1PHRTNgb8hq0CYx/c7GKsU7xkxRnVu0anAMxRKyfUD2Ty8Cn
p94wlvat++DHCUGhq8X4/D2yOjUH3tTEejT6Q1OeTod5V/a+lauquGlD0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2Z2xm8dup5PK2hZXuho34uv1mLMB8GA1UdIwQY
MBaAFIbyhDLyLXIz3V9189OxzAhzePtIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi84NTM5Y2QtODBiYS00YzY2LWJhMjct
ZmU1MWE0OGM2ODAxLzEvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi84NTM5Y2QtODBiYS00YzY2LWJhMjctZmU1MWE0OGM2ODAx
LzEvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAr25Cj3q
x836KKM33/JsL0zlIcXKjAQpbda2C8OkEDrdEFaOedX8n4G/1d3u5yZ3NUCX88KF
xTip4m4+YbKl3hEZWuN/eLJS6YkgJUxlm3qmVso+utWRBgNLmhU1nzvGfJL0azGv
VIlH3gnXnsBEfR1RuW33sfvRjp8KtLqyXSKaLCmBfktV4u8+RaCjZJNkQ2r2ofHa
weAlFZi0kW5h7dEzE12SnB3Aup/TFV2ze79Lqw719UDvpzGO8ITFBukZYuNbDk1j
kv1nVUakCV4hewfwV7NAOVdUXfnliAb4SYZ5Py+bTmtlbrhXwkua9oHltqAP75QF
qQeeeuEHBXzlqQ==
-----END CERTIFICATE-----