Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          Dbicq9nQxbBf8F60oUzgztrQDI4JKcOLprBr8CH97ns=
Subject key identifier:   3C:CF:E9:46:68:8F:E3:17:01:A5:55:68:D6:CA:51:43:6D:75:B2:BA
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       019D39AE7484462528DB7CE222679B600395
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          06C5
Signing time:             Sun 29 Mar 2026 13:00:27 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:27 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:27 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: daGcsDKhAtlOB/jun5Kwf08vlCah6OK9Fy7hXqotQQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:74:84:46:25:28:db:7c:e2:22:67:9b:60:03:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Mar 29 13:00:27 2026 GMT
            Not After : Mar 30 13:00:27 2026 GMT
        Subject: CN=3ccfe946688fe31701a55568d6ca51436d75b2ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a6:3b:72:bc:4f:58:1d:ee:2c:10:ff:be:fb:
                    f8:0d:a6:08:48:e5:88:a8:d6:0e:2a:31:ac:c7:f9:
                    28:84:0b:4f:7b:8b:27:3d:23:c8:f6:67:e0:f4:ee:
                    26:2f:3d:e9:ee:27:5d:cf:3c:f6:15:6b:e6:1b:bf:
                    2d:77:17:63:71:44:28:68:1e:04:83:ab:4a:38:82:
                    59:32:aa:92:b2:9e:9d:64:1d:8f:b3:c6:06:d0:99:
                    90:99:b3:0e:ec:b7:3a:97:0a:68:a0:43:8f:a9:98:
                    a7:98:2e:1a:4b:0d:34:ae:ad:e2:4c:0e:57:c6:cf:
                    66:c0:e4:39:72:8a:4d:79:2b:81:ce:f3:00:d3:8c:
                    1e:c4:d5:87:c4:0d:0c:14:18:32:3a:d0:2b:24:09:
                    9f:80:2e:b0:25:31:d0:d5:8d:8d:cb:b1:cc:42:93:
                    5f:7b:55:c7:11:54:13:95:74:30:63:57:6d:3c:72:
                    d1:ed:85:a1:5a:ca:02:12:0e:66:62:d6:cb:8d:f1:
                    96:80:b2:98:34:99:d4:89:56:ff:f9:6c:9d:27:95:
                    57:5b:09:3e:7e:a4:73:26:b4:52:e4:35:e2:ca:27:
                    d9:bc:5f:b0:bc:43:9d:66:35:73:e7:69:f0:88:c9:
                    2c:2c:f2:10:4a:55:a0:ae:ea:80:59:02:a3:17:c2:
                    5c:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:CF:E9:46:68:8F:E3:17:01:A5:55:68:D6:CA:51:43:6D:75:B2:BA
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:28:44:cb:58:55:86:54:da:de:5b:36:d9:09:96:8f:4e:f5:
         20:52:0f:4d:f1:2e:c8:f8:fd:e6:e8:98:86:af:78:05:ef:c0:
         69:5a:f2:df:39:4f:de:b0:83:18:17:20:45:c9:ac:dd:81:92:
         8c:55:36:51:04:9f:18:4f:c8:0f:b6:9a:9c:2a:16:74:d5:2d:
         a4:22:4a:ca:9b:27:f7:26:dc:48:44:5f:0d:0c:c1:ca:2f:13:
         b8:50:1a:55:06:ca:94:c1:8a:5f:1b:42:64:39:59:0a:b3:fd:
         ad:57:b0:f6:d8:08:0c:37:20:2e:23:11:4e:e4:c1:32:0f:92:
         21:70:ce:f8:e7:e1:94:d1:8b:20:00:a7:1f:01:ba:34:53:59:
         5d:d5:14:9c:fa:9a:a4:52:ae:0a:cf:a8:d7:5f:41:67:e3:c3:
         77:fb:3e:92:6d:58:cf:c3:bc:39:fd:e1:f4:60:ea:0b:cd:37:
         19:39:af:42:3b:1e:7d:d5:4f:71:b7:06:a2:a9:3a:c3:78:40:
         53:5c:c1:df:8d:8a:c4:b7:f0:b7:b5:85:b3:85:ca:6a:e1:29:
         43:a8:15:ea:f5:34:e4:bd:f7:22:0f:45:98:21:cc:e7:2d:d4:
         6f:6e:b0:e3:a0:7e:e9:75:69:4c:43:41:92:5f:54:cc:71:83:
         67:90:47:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rnSERiUo23ziImebYAOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjYwMzI5MTMwMDI3WhcNMjYwMzMwMTMwMDI3WjAzMTEwLwYDVQQD
EygzY2NmZTk0NjY4OGZlMzE3MDFhNTU1NjhkNmNhNTE0MzZkNzViMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaY7crxPWB3uLBD/vvv4DaYISOWI
qNYOKjGsx/kohAtPe4snPSPI9mfg9O4mLz3p7iddzzz2FWvmG78tdxdjcUQoaB4E
g6tKOIJZMqqSsp6dZB2Ps8YG0JmQmbMO7Lc6lwpooEOPqZinmC4aSw00rq3iTA5X
xs9mwOQ5copNeSuBzvMA04wexNWHxA0MFBgyOtArJAmfgC6wJTHQ1Y2Ny7HMQpNf
e1XHEVQTlXQwY1dtPHLR7YWhWsoCEg5mYtbLjfGWgLKYNJnUiVb/+WydJ5VXWwk+
fqRzJrRS5DXiyifZvF+wvEOdZjVz52nwiMksLPIQSlWgruqAWQKjF8Jc9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzP6UZoj+MXAaVVaNbKUUNtdbK6MB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUShEy1hV
hlTa3ls22QmWj071IFIPTfEuyPj95uiYhq94Be/AaVry3zlP3rCDGBcgRcms3YGS
jFU2UQSfGE/ID7aanCoWdNUtpCJKypsn9ybcSERfDQzByi8TuFAaVQbKlMGKXxtC
ZDlZCrP9rVew9tgIDDcgLiMRTuTBMg+SIXDO+OfhlNGLIACnHwG6NFNZXdUUnPqa
pFKuCs+o119BZ+PDd/s+km1Yz8O8Of3h9GDqC803GTmvQjsefdVPcbcGoqk6w3hA
U1zB342KxLfwt7WFs4XKauEpQ6gV6vU05L33Ig9FmCHM5y3Ub26w46B+6XVpTENB
kl9UzHGDZ5BHuQ==
-----END CERTIFICATE-----