Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
File:                     HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft (raw, json)
Hash identifier:          gN4A3+lnoN5sgyZrQSqd2/f8I8Va7AS+hjYi3MWv+xs=
Subject key identifier:   59:71:4A:C1:49:F5:74:E1:7D:E0:83:9A:9C:FB:B3:9B:B9:FA:99:D1
Authority key identifier: 1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60
Certificate issuer:       /CN=1c1618e04372d9b27f417d229f82614027bc3c60
Certificate serial:       019D386619B3B11165E4649D565D5D1A9FCC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
Manifest number:          0BEB
Signing time:             Sun 29 Mar 2026 07:01:48 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:48 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:48 +0000
Files and hashes:         1: HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl (hash: 1qfLIfUmOXYPlg8gGM8VjgFnqv5bE5az3GzY62FLStM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:19:b3:b1:11:65:e4:64:9d:56:5d:5d:1a:9f:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1618e04372d9b27f417d229f82614027bc3c60
        Validity
            Not Before: Mar 29 07:01:48 2026 GMT
            Not After : Mar 30 07:01:48 2026 GMT
        Subject: CN=59714ac149f574e17de0839a9cfbb39bb9fa99d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:37:84:db:82:f0:93:1b:09:03:1b:3c:c1:1a:
                    66:d2:7d:40:8f:80:ea:25:7f:8a:4b:65:d2:e5:6d:
                    fe:0a:ed:af:11:06:84:d3:4a:4e:fd:8f:10:0f:12:
                    0b:10:10:4b:4e:4a:95:40:65:ae:3e:d3:b4:d7:80:
                    9d:26:68:49:f7:a5:79:cf:7f:0e:4e:89:89:9c:f1:
                    e3:2e:8f:f4:e4:27:aa:fc:ab:21:96:15:e3:52:1b:
                    c3:bf:87:55:73:c9:01:1d:b8:72:cb:9d:28:b4:d5:
                    ea:40:c5:cf:86:fd:af:46:c9:4d:83:2e:21:c8:27:
                    9e:d5:8a:6c:c2:21:6f:89:4b:ab:32:cb:49:b1:48:
                    5d:8a:cc:b5:b4:50:b6:2f:ce:0f:48:52:12:e8:d3:
                    3f:11:ca:a8:a1:cf:0f:ab:15:cd:5e:e7:65:72:ac:
                    2b:3a:5d:ae:b9:a8:32:76:fb:bc:5c:90:48:26:51:
                    26:26:15:54:ec:69:fb:fc:8e:69:b3:4c:f3:54:ed:
                    5c:89:bb:dc:a0:1c:b9:fb:dc:78:f0:0d:cf:b6:92:
                    9a:59:41:78:54:40:ef:93:b5:10:9f:41:24:b7:cc:
                    af:2c:19:10:8d:70:d3:91:c3:99:d1:b3:42:f9:8b:
                    8d:2b:1c:e5:17:80:cc:71:4f:b8:5f:99:c2:d5:9f:
                    77:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:71:4A:C1:49:F5:74:E1:7D:E0:83:9A:9C:FB:B3:9B:B9:FA:99:D1
            X509v3 Authority Key Identifier:
                keyid:1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:35:6e:7b:dc:31:50:a6:1a:04:ba:3b:1c:db:23:e2:84:f8:
         e8:c0:a2:b4:0c:7e:a9:3b:5a:da:fd:34:fe:77:e2:0c:f1:02:
         5d:8b:2e:19:f1:0a:fb:97:3d:cd:44:6c:63:50:ed:b5:d1:63:
         5b:c3:03:27:4e:3d:fd:c0:4f:a1:01:b1:53:d6:32:7f:45:c2:
         a8:4b:b3:7b:14:45:fe:a7:3d:b1:26:9f:82:62:ef:e4:bd:15:
         ac:d6:75:24:0e:df:25:d4:64:19:6f:dd:2f:c7:58:b2:c0:9d:
         76:a7:12:8f:43:f3:ee:f8:98:24:e7:ee:34:58:f2:94:80:e8:
         76:4d:3b:91:17:0d:d6:5c:44:66:af:f7:24:51:8c:dc:fa:f6:
         e4:b6:02:22:4f:20:44:9c:d7:67:fb:63:56:95:9d:7a:ab:79:
         04:c0:c6:04:2f:27:a3:57:8b:7b:da:7d:e1:76:af:08:dc:59:
         13:9c:ac:c6:d5:4a:18:e7:c6:37:11:11:75:60:2e:6f:ae:3a:
         8d:90:73:ee:04:80:61:2e:11:d6:00:86:91:bd:f9:8f:70:93:
         4a:57:54:d9:47:76:f2:c5:d6:25:81:55:11:cc:db:ff:41:d6:
         77:0b:bb:09:72:6f:3a:ec:da:4a:4b:32:92:61:ef:14:3f:7c:
         10:81:e0:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhmzsRFl5GSdVl1dGp/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMTYxOGUwNDM3MmQ5YjI3ZjQxN2QyMjlmODI2MTQwMjdi
YzNjNjAwHhcNMjYwMzI5MDcwMTQ4WhcNMjYwMzMwMDcwMTQ4WjAzMTEwLwYDVQQD
Eyg1OTcxNGFjMTQ5ZjU3NGUxN2RlMDgzOWE5Y2ZiYjM5YmI5ZmE5OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TeE24LwkxsJAxs8wRpm0n1Aj4Dq
JX+KS2XS5W3+Cu2vEQaE00pO/Y8QDxILEBBLTkqVQGWuPtO014CdJmhJ96V5z38O
TomJnPHjLo/05Ceq/KshlhXjUhvDv4dVc8kBHbhyy50otNXqQMXPhv2vRslNgy4h
yCee1YpswiFviUurMstJsUhdisy1tFC2L84PSFIS6NM/Ecqooc8PqxXNXudlcqwr
Ol2uuagydvu8XJBIJlEmJhVU7Gn7/I5ps0zzVO1cibvcoBy5+9x48A3PtpKaWUF4
VEDvk7UQn0Ekt8yvLBkQjXDTkcOZ0bNC+YuNKxzlF4DMcU+4X5nC1Z939QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFlxSsFJ9XThfeCDmpz7s5u5+pnRMB8GA1UdIwQY
MBaAFBwWGOBDctmyf0F9Ip+CYUAnvDxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2Qt
YTM5NWFiMzVkOGVhLzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2QtYTM5NWFiMzVkOGVh
LzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZTVue9wx
UKYaBLo7HNsj4oT46MCitAx+qTta2v00/nfiDPECXYsuGfEK+5c9zURsY1DttdFj
W8MDJ049/cBPoQGxU9Yyf0XCqEuzexRF/qc9sSafgmLv5L0VrNZ1JA7fJdRkGW/d
L8dYssCddqcSj0Pz7viYJOfuNFjylIDodk07kRcN1lxEZq/3JFGM3Pr25LYCIk8g
RJzXZ/tjVpWdeqt5BMDGBC8no1eLe9p94XavCNxZE5ysxtVKGOfGNxERdWAub646
jZBz7gSAYS4R1gCGkb35j3CTSldU2Ud28sXWJYFVEczb/0HWdwu7CXJvOuzaSksy
kmHvFD98EIHg9w==
-----END CERTIFICATE-----