Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          0zfufKde530UnMjDH+4MJmNAwYE6UytqDMqnRU/sJoY=
Subject key identifier:   89:BB:DB:1A:21:36:27:C3:47:11:42:5F:3D:AA:DF:9E:33:3F:78:82
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019D37C14722A980BD33D1568311754383C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 04:01:46 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:46 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:46 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: 71Dl2xpM0G5xCI7hrMfiwV2ORxir4IxQdFEn+SekpAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c1:47:22:a9:80:bd:33:d1:56:83:11:75:43:83:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Mar 29 04:01:46 2026 GMT
            Not After : Mar 30 04:01:46 2026 GMT
        Subject: CN=89bbdb1a213627c34711425f3daadf9e333f7882
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f2:0b:bd:8a:c1:d3:a2:9a:d8:55:02:23:c4:
                    38:68:e0:e9:c2:db:92:9f:4d:16:9d:33:ac:c9:b9:
                    ca:13:50:b3:0d:6e:a3:5d:fa:a9:24:78:ec:dc:3d:
                    c1:cc:13:7d:3c:b1:cc:91:87:12:17:b9:c0:78:0f:
                    98:84:89:00:da:54:fb:1a:9d:3a:b2:1e:d2:b1:d4:
                    9d:82:03:3b:d5:15:c5:86:39:d5:11:df:c8:c7:3c:
                    ea:d7:1e:52:e1:10:0a:16:42:0c:33:b6:fe:a7:63:
                    1b:00:1d:50:36:ae:fa:42:68:f8:56:d7:4d:f7:99:
                    a8:82:6a:6c:0e:17:b6:4d:f3:f4:bd:6c:26:92:c2:
                    88:90:22:8b:69:25:53:8a:58:a4:9e:23:58:34:08:
                    d8:a7:31:6f:61:e0:16:99:da:1f:64:ce:07:4e:73:
                    f2:63:70:40:3a:14:2e:8f:fd:a3:ba:9f:70:54:f4:
                    8f:86:a3:b3:81:0a:9c:1e:5c:69:2c:15:99:3d:80:
                    6c:41:37:d2:a1:ff:d9:3c:2d:76:e5:38:75:a3:af:
                    11:91:79:e9:b5:50:76:be:23:9f:ed:08:54:ae:ed:
                    7c:3a:c0:d9:c8:17:65:96:f1:60:56:00:0b:0b:05:
                    fe:b3:53:38:e8:88:b5:26:09:40:ed:76:64:e9:17:
                    44:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:BB:DB:1A:21:36:27:C3:47:11:42:5F:3D:AA:DF:9E:33:3F:78:82
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:4e:21:59:dc:06:d8:80:25:3b:e1:ed:49:9a:98:74:67:21:
         67:97:fd:c8:d8:49:fc:64:86:09:64:d3:2b:d7:88:46:e3:a1:
         a8:e7:26:dc:2a:f8:6f:db:fa:b6:62:d5:f5:97:59:5f:59:e1:
         bd:9b:1c:ac:67:7b:85:d1:cc:1c:05:8f:d1:aa:66:c4:f7:f8:
         f2:16:f4:16:bc:7d:84:cd:87:5a:7b:39:e1:5f:3f:53:b0:ee:
         1d:f4:42:5c:4d:9e:dc:6c:25:42:85:7a:22:8b:67:98:ec:41:
         d2:af:28:00:7b:ea:70:89:67:c6:b2:28:ed:1f:ac:da:94:93:
         8c:84:70:23:0d:25:78:ae:de:e5:23:53:cb:c0:73:86:95:8e:
         7c:0a:76:cd:31:c4:ea:70:e6:3a:4d:b7:e1:dd:4a:38:a6:c4:
         6e:26:c2:bc:e2:43:93:01:41:e6:35:38:53:c8:3a:27:a2:ab:
         ad:cf:52:5d:c5:ec:81:47:ef:42:dd:2f:9e:45:51:ec:63:fc:
         57:fd:61:4e:da:45:4d:fe:93:db:78:3f:95:2a:1c:9d:0c:f5:
         56:ea:a8:98:26:70:0f:e7:cf:2c:e4:b9:c6:8a:ab:7c:b7:4a:
         ee:d9:32:f3:d9:4e:89:5c:b3:fb:27:12:b8:6c:12:c2:ac:71:
         ed:ad:54:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wUciqYC9M9FWgxF1Q4PBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjYwMzI5MDQwMTQ2WhcNMjYwMzMwMDQwMTQ2WjAzMTEwLwYDVQQD
Eyg4OWJiZGIxYTIxMzYyN2MzNDcxMTQyNWYzZGFhZGY5ZTMzM2Y3ODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPILvYrB06Ka2FUCI8Q4aODpwtuS
n00WnTOsybnKE1CzDW6jXfqpJHjs3D3BzBN9PLHMkYcSF7nAeA+YhIkA2lT7Gp06
sh7SsdSdggM71RXFhjnVEd/Ixzzq1x5S4RAKFkIMM7b+p2MbAB1QNq76Qmj4VtdN
95mogmpsDhe2TfP0vWwmksKIkCKLaSVTilikniNYNAjYpzFvYeAWmdofZM4HTnPy
Y3BAOhQuj/2jup9wVPSPhqOzgQqcHlxpLBWZPYBsQTfSof/ZPC125Th1o68RkXnp
tVB2viOf7QhUru18OsDZyBdllvFgVgALCwX+s1M46Ii1JglA7XZk6RdEWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIm72xohNifDRxFCXz2q354zP3iCMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU04hWdwG
2IAlO+HtSZqYdGchZ5f9yNhJ/GSGCWTTK9eIRuOhqOcm3Cr4b9v6tmLV9ZdZX1nh
vZscrGd7hdHMHAWP0apmxPf48hb0Frx9hM2HWns54V8/U7DuHfRCXE2e3GwlQoV6
IotnmOxB0q8oAHvqcIlnxrIo7R+s2pSTjIRwIw0leK7e5SNTy8BzhpWOfAp2zTHE
6nDmOk234d1KOKbEbibCvOJDkwFB5jU4U8g6J6Krrc9SXcXsgUfvQt0vnkVR7GP8
V/1hTtpFTf6T23g/lSocnQz1VuqomCZwD+fPLOS5xoqrfLdK7tky89lOiVyz+ycS
uGwSwqxx7a1U6A==
-----END CERTIFICATE-----