Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
File:                     HFGW3tW6XWhucJXG1cY4xrj4uto.mft (raw, json)
Hash identifier:          GREsMO1VTtCUW4kA0egA2h5HGcQ3SbbmnecFrtKSUXg=
Subject key identifier:   66:CD:16:E4:3A:1A:BF:D3:CA:75:4B:2B:4D:5E:9A:26:B5:E9:B0:E5
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Certificate issuer:       /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial:       019D3866B14930D46234F78334CE14EEA779
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
Manifest number:          11D4
Signing time:             Sun 29 Mar 2026 07:02:27 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:27 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:27 +0000
Files and hashes:         1: HFGW3tW6XWhucJXG1cY4xrj4uto.crl (hash: Syh7g2sxleIjzClVxd9g2BZ/uAqoWt3v/u+/HWQoO9U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:b1:49:30:d4:62:34:f7:83:34:ce:14:ee:a7:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
        Validity
            Not Before: Mar 29 07:02:27 2026 GMT
            Not After : Mar 30 07:02:27 2026 GMT
        Subject: CN=66cd16e43a1abfd3ca754b2b4d5e9a26b5e9b0e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:81:85:10:27:b1:d9:a9:db:54:26:03:e7:57:
                    5a:31:e7:ca:3f:20:89:69:dc:83:ec:46:3a:c4:44:
                    07:48:e5:63:75:2f:8f:82:c2:01:f0:48:cb:21:5b:
                    12:ca:7c:76:3b:8f:95:60:ce:c7:e5:30:ad:41:56:
                    32:32:d7:6c:7f:0e:d5:0a:ae:cb:bb:6c:19:e0:ef:
                    9c:67:c6:30:ed:df:13:b2:e3:fb:f0:3c:09:2d:c9:
                    a2:95:e4:0f:8b:ab:f0:ac:1c:34:af:d4:6f:58:7b:
                    c7:ab:55:1a:bf:91:50:fc:eb:83:94:78:34:6a:32:
                    19:6d:86:af:6b:cf:15:c1:a4:a1:7e:3e:92:ba:aa:
                    00:9f:bc:f1:8b:eb:9a:aa:54:01:02:8b:35:ee:49:
                    1b:0d:99:a6:9f:f5:cc:bb:dd:2c:b3:98:6f:fa:7e:
                    54:a3:76:7a:3c:25:63:61:13:64:5d:b9:19:12:6b:
                    55:bd:ed:70:51:a7:ac:cf:56:fb:37:ce:8b:3c:9a:
                    0d:d8:01:ea:7c:6a:eb:bf:28:41:4e:51:89:02:cb:
                    ac:af:57:fd:ce:3a:07:9c:4d:24:fa:94:57:35:8c:
                    54:4b:79:b0:f3:3f:5f:16:67:42:d3:3d:0f:90:96:
                    11:16:25:35:be:7c:73:36:d6:8a:3d:63:ff:c5:7d:
                    48:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:CD:16:E4:3A:1A:BF:D3:CA:75:4B:2B:4D:5E:9A:26:B5:E9:B0:E5
            X509v3 Authority Key Identifier:
                keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:4c:78:ba:4c:2b:37:85:31:71:28:37:f2:70:38:f0:bd:42:
         9e:ab:07:5d:3b:46:f9:b3:79:68:9b:3a:92:8c:b9:57:5c:4f:
         12:79:5e:e6:fb:6f:0d:9d:b9:ec:21:4b:3f:40:a3:e6:67:6f:
         c6:9d:c3:02:ad:0a:58:4a:9f:fe:a3:13:4f:29:c7:c7:73:e2:
         32:46:17:f3:7f:46:d6:f0:58:ac:86:ae:d4:3e:01:d3:6e:32:
         9c:51:d5:97:5b:60:bb:9b:05:2f:3a:df:ab:75:c1:bd:84:d6:
         82:66:5a:8e:01:02:dc:43:b7:97:fd:51:64:5c:88:d2:3e:82:
         0c:4a:8c:a3:ef:be:9b:3b:4b:c5:5b:29:1b:9b:fd:79:85:8e:
         2c:8b:86:fe:bb:8f:91:22:b1:26:fa:29:cd:a1:7c:4b:52:da:
         de:b3:73:9e:32:25:22:3c:be:38:4e:85:8e:9f:11:8d:62:11:
         8b:c0:f5:d0:a7:a2:c2:cd:c5:d2:98:83:c9:ab:8f:5f:c0:1b:
         5a:7c:40:3f:03:f3:29:3d:69:c1:37:e2:02:e9:1d:b9:18:e5:
         69:1f:ef:b2:25:fd:a9:7d:51:43:38:41:1d:ca:ec:9c:b8:44:
         c2:14:c6:6a:5e:42:87:ae:79:c8:77:a4:d7:62:ca:06:4a:1d:
         4d:d9:ba:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZrFJMNRiNPeDNM4U7qd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjYwMzI5MDcwMjI3WhcNMjYwMzMwMDcwMjI3WjAzMTEwLwYDVQQD
Eyg2NmNkMTZlNDNhMWFiZmQzY2E3NTRiMmI0ZDVlOWEyNmI1ZTliMGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIGFECex2anbVCYD51daMefKPyCJ
adyD7EY6xEQHSOVjdS+PgsIB8EjLIVsSynx2O4+VYM7H5TCtQVYyMtdsfw7VCq7L
u2wZ4O+cZ8Yw7d8TsuP78DwJLcmileQPi6vwrBw0r9RvWHvHq1Uav5FQ/OuDlHg0
ajIZbYava88VwaShfj6SuqoAn7zxi+uaqlQBAos17kkbDZmmn/XMu90ss5hv+n5U
o3Z6PCVjYRNkXbkZEmtVve1wUaesz1b7N86LPJoN2AHqfGrrvyhBTlGJAsusr1f9
zjoHnE0k+pRXNYxUS3mw8z9fFmdC0z0PkJYRFiU1vnxzNtaKPWP/xX1IuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbNFuQ6Gr/TynVLK01emia16bDlMB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFUx4ukwr
N4UxcSg38nA48L1CnqsHXTtG+bN5aJs6koy5V1xPEnle5vtvDZ257CFLP0Cj5mdv
xp3DAq0KWEqf/qMTTynHx3PiMkYX839G1vBYrIau1D4B024ynFHVl1tgu5sFLzrf
q3XBvYTWgmZajgEC3EO3l/1RZFyI0j6CDEqMo+++mztLxVspG5v9eYWOLIuG/ruP
kSKxJvopzaF8S1La3rNznjIlIjy+OE6Fjp8RjWIRi8D10Keiws3F0piDyauPX8Ab
WnxAPwPzKT1pwTfiAukduRjlaR/vsiX9qX1RQzhBHcrsnLhEwhTGal5Ch655yHek
12LKBkodTdm6Dg==
-----END CERTIFICATE-----