Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          jrdqlgPQgBDBL+CLL0WK3pe6By0BjY+h2fZ+Pu/qscc=
Subject key identifier:   48:DF:16:46:5C:BC:41:76:A4:82:37:A4:A7:EE:4A:B5:63:37:CC:C5
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       019D38D3B4544F7EEB46AFA7B86405158098
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          0860
Signing time:             Sun 29 Mar 2026 09:01:31 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:31 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:31 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: +LKLGZei8A4+l4dIGtM4mqugxnFJQQBWdu9sHWdLm3g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:b4:54:4f:7e:eb:46:af:a7:b8:64:05:15:80:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Mar 29 09:01:31 2026 GMT
            Not After : Mar 30 09:01:31 2026 GMT
        Subject: CN=48df16465cbc4176a48237a4a7ee4ab56337ccc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:df:de:65:d4:70:d2:95:96:ba:b4:0d:8e:2f:
                    f9:6f:ff:ed:7f:9a:85:95:4c:3e:67:70:10:5c:68:
                    a1:9b:e1:38:8b:2a:c1:63:e5:d0:31:6a:11:26:7d:
                    c4:0c:19:ca:36:41:40:2e:d6:3e:c0:05:1e:67:d9:
                    da:ca:22:c6:29:6a:e5:1e:c5:9f:ea:97:11:0d:bd:
                    4f:e0:6b:95:fa:1d:34:5f:33:83:2c:7d:e6:90:15:
                    fc:8b:33:60:45:50:79:0b:5e:70:fa:a0:11:6c:aa:
                    5d:c7:c9:a5:0c:90:fa:e0:df:13:23:91:68:50:b1:
                    46:c6:5e:09:84:7e:70:11:83:ff:47:49:66:cb:a9:
                    3a:6d:20:c5:e9:9c:30:69:47:7f:5d:7c:54:27:cf:
                    ed:75:37:60:99:a6:88:33:36:c2:ed:11:d4:f7:30:
                    d7:1a:91:88:c5:93:db:11:8d:ff:b5:53:55:74:e1:
                    7a:9f:92:6c:62:6d:a0:3b:35:e5:06:52:49:3f:d5:
                    e1:52:59:31:ab:e3:07:5b:3a:90:9a:ad:03:ef:4e:
                    3f:90:e0:ec:c5:60:9b:cf:5a:cc:67:ad:ac:8d:6e:
                    67:dd:c1:5b:5e:11:77:b0:db:8f:6e:aa:e7:b1:23:
                    e4:30:5d:09:31:36:b1:74:f9:2a:95:05:63:cc:e7:
                    1f:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:DF:16:46:5C:BC:41:76:A4:82:37:A4:A7:EE:4A:B5:63:37:CC:C5
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:4a:af:01:f2:17:88:5a:18:f2:fe:0e:da:a4:b8:b9:80:da:
         d8:d7:4c:8f:c4:c3:90:7d:82:2a:c7:83:52:42:b5:85:0e:9f:
         5d:f0:ba:40:cd:f3:02:60:f3:70:b9:f0:36:d8:6a:41:61:b9:
         fe:a6:df:d4:80:9e:5a:5a:c9:2d:89:c6:94:12:18:c3:84:55:
         0a:4f:30:df:13:7b:60:65:d8:d6:29:5f:38:ab:3c:76:b1:6c:
         ed:be:95:b4:b8:da:da:c8:cd:be:09:f1:87:74:04:19:b2:ef:
         4f:27:a0:2d:ac:30:2e:89:d4:44:b4:fd:3f:7d:ea:1e:00:5e:
         61:45:79:40:9e:d1:1c:4c:cb:9d:6f:8c:c4:7d:8c:0f:80:50:
         a4:f8:57:9a:4a:00:48:85:5d:11:4c:d7:35:22:be:33:b1:d7:
         a0:1b:6d:9d:3b:e8:8a:76:a3:22:c8:7d:e1:c6:4d:b4:b8:14:
         ca:56:7b:c7:a1:37:24:09:a9:08:7b:f8:73:f8:94:99:e2:df:
         8c:58:6b:e9:af:d3:b2:ef:a6:7a:f8:6f:60:27:8d:27:12:e5:
         01:1f:a7:71:c3:cb:2e:48:15:be:1f:76:df:8d:14:09:71:31:
         a9:2f:74:25:c3:19:45:ee:5a:21:3d:5b:7e:97:bd:ae:e3:68:
         aa:25:54:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407RUT37rRq+nuGQFFYCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjYwMzI5MDkwMTMxWhcNMjYwMzMwMDkwMTMxWjAzMTEwLwYDVQQD
Eyg0OGRmMTY0NjVjYmM0MTc2YTQ4MjM3YTRhN2VlNGFiNTYzMzdjY2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN/eZdRw0pWWurQNji/5b//tf5qF
lUw+Z3AQXGihm+E4iyrBY+XQMWoRJn3EDBnKNkFALtY+wAUeZ9nayiLGKWrlHsWf
6pcRDb1P4GuV+h00XzODLH3mkBX8izNgRVB5C15w+qARbKpdx8mlDJD64N8TI5Fo
ULFGxl4JhH5wEYP/R0lmy6k6bSDF6ZwwaUd/XXxUJ8/tdTdgmaaIMzbC7RHU9zDX
GpGIxZPbEY3/tVNVdOF6n5JsYm2gOzXlBlJJP9XhUlkxq+MHWzqQmq0D704/kODs
xWCbz1rMZ62sjW5n3cFbXhF3sNuPbqrnsSPkMF0JMTaxdPkqlQVjzOcfiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjfFkZcvEF2pII3pKfuSrVjN8zFMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV0qvAfIX
iFoY8v4O2qS4uYDa2NdMj8TDkH2CKseDUkK1hQ6fXfC6QM3zAmDzcLnwNthqQWG5
/qbf1ICeWlrJLYnGlBIYw4RVCk8w3xN7YGXY1ilfOKs8drFs7b6VtLja2sjNvgnx
h3QEGbLvTyegLawwLonURLT9P33qHgBeYUV5QJ7RHEzLnW+MxH2MD4BQpPhXmkoA
SIVdEUzXNSK+M7HXoBttnTvoinajIsh94cZNtLgUylZ7x6E3JAmpCHv4c/iUmeLf
jFhr6a/Tsu+mevhvYCeNJxLlAR+nccPLLkgVvh92340UCXExqS90JcMZRe5aIT1b
fpe9ruNoqiVUvQ==
-----END CERTIFICATE-----