Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
File:                     HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft (raw, json)
Hash identifier:          Rt3wpQMTHJCOJ/IT+thmHdcWAd4ZoU2EWcy3E1KNvMw=
Subject key identifier:   2E:D6:3B:E1:E7:3C:D0:93:52:01:FC:B9:EC:1F:7A:51:A9:22:BD:46
Authority key identifier: 1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F
Certificate issuer:       /CN=1d8933c193f04e32441e37162dc4defa9744b84f
Certificate serial:       019D37C0D1D83851F7A7B82533207177B650
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
Manifest number:          1653
Signing time:             Sun 29 Mar 2026 04:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:16 +0000
Files and hashes:         1: HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl (hash: 0hIQl5iYvjV4Nk8usuGM6fERx/tpotbLUHk1o4XxKig=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:d1:d8:38:51:f7:a7:b8:25:33:20:71:77:b6:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d8933c193f04e32441e37162dc4defa9744b84f
        Validity
            Not Before: Mar 29 04:01:16 2026 GMT
            Not After : Mar 30 04:01:16 2026 GMT
        Subject: CN=2ed63be1e73cd0935201fcb9ec1f7a51a922bd46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b9:cd:b3:c6:70:0c:b4:ba:15:f7:c3:3c:2e:
                    08:0c:dd:94:c0:f4:49:14:60:71:ff:cb:04:20:58:
                    66:06:b0:47:c5:4a:1b:37:87:89:e0:cf:07:6e:62:
                    5b:e6:85:f1:58:b5:1a:10:86:b0:ca:98:6c:ed:b7:
                    13:f0:20:10:f5:39:3b:87:cc:01:d3:c8:6e:21:97:
                    93:17:cd:94:ac:0e:20:8b:c8:5b:32:ff:ca:37:79:
                    0c:e5:c4:46:d7:f9:c8:e2:a3:73:35:eb:10:67:93:
                    2d:39:02:65:b7:17:db:eb:ac:93:f5:45:93:91:67:
                    22:db:22:c6:70:11:09:64:77:10:06:20:36:52:8a:
                    5d:60:49:b5:93:00:9a:e3:41:9a:d9:4b:d9:95:05:
                    40:6f:f7:82:39:ca:bb:f8:0c:f8:a5:9d:5b:03:32:
                    23:66:17:de:7a:67:48:13:8f:46:27:90:8c:fe:5c:
                    bd:25:6a:46:8a:9a:51:ed:be:ac:e8:c7:9f:4d:ab:
                    f9:bb:06:d6:f4:ce:19:31:cb:1e:bb:1a:c9:3a:3e:
                    99:ee:6e:b9:17:28:d5:b4:78:12:df:40:30:13:73:
                    8e:c5:51:5c:34:04:44:6e:bf:94:34:1d:fb:18:2b:
                    86:36:17:24:8d:0d:78:6e:5c:3e:53:ad:cb:e4:ab:
                    ef:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:D6:3B:E1:E7:3C:D0:93:52:01:FC:B9:EC:1F:7A:51:A9:22:BD:46
            X509v3 Authority Key Identifier:
                keyid:1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:7e:c9:53:ae:51:48:d5:62:37:74:f3:8a:9e:86:53:5a:0a:
         ff:08:b9:8b:28:a0:2c:f6:0a:93:b6:98:71:e7:1b:37:68:15:
         c5:b3:1f:fe:cb:9d:6d:47:6b:2e:3a:4f:51:7d:f3:ba:32:9b:
         7e:29:84:d6:fe:d0:ab:f4:cc:bf:c5:66:9f:5a:19:5a:47:8f:
         24:ef:09:ed:0b:fd:26:92:4e:52:a4:8c:b3:87:24:62:1f:14:
         c4:ca:5f:f5:ba:e0:a7:4b:bb:7e:e6:56:84:b6:63:73:ee:a7:
         23:4b:49:c3:b5:91:fa:81:a7:ae:74:de:20:21:02:68:2e:95:
         71:8e:9c:2a:43:bb:ed:38:df:5a:35:6a:68:a0:3c:5a:85:f0:
         96:f4:10:f8:eb:1b:07:91:0c:db:ed:d2:85:8f:89:a5:14:85:
         36:d8:3b:10:4d:bb:0a:3c:cb:7f:1e:5d:a0:7a:5c:d7:84:d4:
         f2:9a:3c:fc:be:4f:f3:d9:78:2c:d1:bc:05:3c:8a:54:f7:0b:
         fd:ee:84:d8:51:38:ad:89:c4:ef:23:7e:c3:57:9e:6f:25:ed:
         d2:b3:d2:94:f8:17:35:00:b1:52:ca:36:58:0f:92:a8:f4:78:
         90:86:2f:44:79:67:f0:b3:be:0c:26:3d:43:c9:9d:af:e4:5e:
         0b:cc:83:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wNHYOFH3p7glMyBxd7ZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODkzM2MxOTNmMDRlMzI0NDFlMzcxNjJkYzRkZWZhOTc0
NGI4NGYwHhcNMjYwMzI5MDQwMTE2WhcNMjYwMzMwMDQwMTE2WjAzMTEwLwYDVQQD
EygyZWQ2M2JlMWU3M2NkMDkzNTIwMWZjYjllYzFmN2E1MWE5MjJiZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7nNs8ZwDLS6FffDPC4IDN2UwPRJ
FGBx/8sEIFhmBrBHxUobN4eJ4M8HbmJb5oXxWLUaEIawyphs7bcT8CAQ9Tk7h8wB
08huIZeTF82UrA4gi8hbMv/KN3kM5cRG1/nI4qNzNesQZ5MtOQJltxfb66yT9UWT
kWci2yLGcBEJZHcQBiA2UopdYEm1kwCa40Ga2UvZlQVAb/eCOcq7+Az4pZ1bAzIj
ZhfeemdIE49GJ5CM/ly9JWpGippR7b6s6MefTav5uwbW9M4ZMcseuxrJOj6Z7m65
FyjVtHgS30AwE3OOxVFcNAREbr+UNB37GCuGNhckjQ14blw+U63L5KvvxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7WO+HnPNCTUgH8uewfelGpIr1GMB8GA1UdIwQY
MBaAFB2JM8GT8E4yRB43Fi3E3vqXRLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEt
MzQyZDFiMzgxZDg3LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEtMzQyZDFiMzgxZDg3
LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATH7JU65R
SNViN3Tzip6GU1oK/wi5iyigLPYKk7aYcecbN2gVxbMf/sudbUdrLjpPUX3zujKb
fimE1v7Qq/TMv8Vmn1oZWkePJO8J7Qv9JpJOUqSMs4ckYh8UxMpf9brgp0u7fuZW
hLZjc+6nI0tJw7WR+oGnrnTeICECaC6VcY6cKkO77TjfWjVqaKA8WoXwlvQQ+Osb
B5EM2+3ShY+JpRSFNtg7EE27CjzLfx5doHpc14TU8po8/L5P89l4LNG8BTyKVPcL
/e6E2FE4rYnE7yN+w1eebyXt0rPSlPgXNQCxUso2WA+SqPR4kIYvRHln8LO+DCY9
Q8mdr+ReC8yDVA==
-----END CERTIFICATE-----