Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
File:                     hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft (raw, json)
Hash identifier:          tT5GqJhn1fiJZeNJc/kqRY3AVBpEQzX1mAZqNPaX6ow=
Subject key identifier:   75:02:E4:CA:34:78:A8:35:D3:19:39:94:F7:C8:6F:E2:5B:26:B1:A6
Authority key identifier: 86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE
Certificate issuer:       /CN=8649aa4b328735536d27c168cdbf4ea177701dce
Certificate serial:       019D37C05EB20ED9A1BA57085D834663033F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 04:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:47 +0000
Files and hashes:         1: hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl (hash: Iy4WkGXVRcx7z8pcFJA7z0A/zi/LvLUyfcf6xP16Weo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:5e:b2:0e:d9:a1:ba:57:08:5d:83:46:63:03:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8649aa4b328735536d27c168cdbf4ea177701dce
        Validity
            Not Before: Mar 29 04:00:47 2026 GMT
            Not After : Mar 30 04:00:47 2026 GMT
        Subject: CN=7502e4ca3478a835d3193994f7c86fe25b26b1a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:62:bf:43:39:1c:e3:68:4a:b4:6a:7d:7e:8a:
                    ba:a1:8d:43:00:08:46:cb:0c:0f:ba:61:4d:e4:b3:
                    d7:5f:17:3a:ce:30:9c:7b:c6:21:eb:3b:15:8e:26:
                    d8:9c:c6:c5:ba:2a:5e:85:6c:4b:c4:c5:02:ff:9f:
                    53:14:80:2f:04:31:be:64:2e:3b:8b:8a:71:7e:9d:
                    b3:50:00:2b:76:45:73:e6:98:ae:ed:8b:15:51:cd:
                    61:6a:e0:08:17:59:61:0b:8d:5d:f6:03:38:eb:c3:
                    34:46:af:9e:f1:fe:81:d8:ae:12:68:52:7d:63:34:
                    b2:88:22:90:6e:03:ff:f8:b9:be:82:3c:a9:6a:e8:
                    06:2c:24:b0:f9:ca:e4:07:19:6a:ec:ed:fe:2a:7a:
                    09:1e:eb:94:f4:aa:67:77:df:2d:c3:ab:f7:4d:b9:
                    c3:80:ed:65:1f:3f:f6:31:82:a1:5e:92:6e:33:00:
                    49:1a:97:55:8e:e7:36:b5:e5:ab:5e:1b:44:16:91:
                    3f:63:ec:25:df:89:fe:8c:5c:12:8d:13:3c:6f:0e:
                    09:94:bd:70:f4:b0:0a:c1:12:7a:91:ff:97:4e:b6:
                    df:f3:d8:28:0f:8e:be:d7:ff:e4:4a:41:da:44:96:
                    a2:cd:2b:29:8a:23:b7:d4:05:7c:9a:97:31:fc:81:
                    45:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:02:E4:CA:34:78:A8:35:D3:19:39:94:F7:C8:6F:E2:5B:26:B1:A6
            X509v3 Authority Key Identifier:
                keyid:86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:0a:52:26:77:35:d9:58:fc:78:5a:39:8a:0f:03:b8:96:75:
         75:14:2d:1b:9a:5b:34:d0:ab:68:b8:d9:e0:46:85:f3:a7:ed:
         5b:ae:35:6a:d0:e2:c3:a3:14:fe:62:4d:9a:79:5a:ae:71:3c:
         9c:5d:f0:66:ff:7e:d2:90:70:50:a8:f4:7f:3c:dd:b0:19:2e:
         3d:29:5c:ec:ed:f0:22:9f:64:05:95:40:3b:8c:a0:01:cd:ac:
         67:d6:e0:0f:af:58:de:0b:e2:44:95:63:a1:88:84:1d:10:7f:
         e2:1b:31:f5:50:3a:88:88:02:44:6e:1f:9a:c2:f7:49:85:32:
         f2:69:d8:15:c2:ba:c0:82:02:66:88:74:f3:51:ce:74:d9:a7:
         28:d6:0c:27:f2:d8:bc:17:80:ac:d7:05:8f:8c:4d:8f:61:b3:
         67:1b:1b:9c:d2:b6:99:31:f0:0b:cc:2d:97:86:27:38:79:49:
         ae:68:ee:4c:84:a0:e3:f6:17:47:89:df:60:ab:52:a2:90:66:
         63:aa:e8:81:4b:6d:3a:7e:49:f9:34:63:6d:40:c5:85:3c:07:
         59:64:bd:4a:e2:95:d2:99:bc:02:64:6f:78:52:08:dd:ab:e9:
         aa:46:f2:48:8d:a4:0f:6e:80:66:e2:47:ef:6b:91:d2:1f:4e:
         dc:cd:f0:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wF6yDtmhulcIXYNGYwM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDlhYTRiMzI4NzM1NTM2ZDI3YzE2OGNkYmY0ZWExNzc3
MDFkY2UwHhcNMjYwMzI5MDQwMDQ3WhcNMjYwMzMwMDQwMDQ3WjAzMTEwLwYDVQQD
Eyg3NTAyZTRjYTM0NzhhODM1ZDMxOTM5OTRmN2M4NmZlMjViMjZiMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWK/Qzkc42hKtGp9foq6oY1DAAhG
ywwPumFN5LPXXxc6zjCce8Yh6zsVjibYnMbFuipehWxLxMUC/59TFIAvBDG+ZC47
i4pxfp2zUAArdkVz5piu7YsVUc1hauAIF1lhC41d9gM468M0Rq+e8f6B2K4SaFJ9
YzSyiCKQbgP/+Lm+gjypaugGLCSw+crkBxlq7O3+KnoJHuuU9Kpnd98tw6v3TbnD
gO1lHz/2MYKhXpJuMwBJGpdVjuc2teWrXhtEFpE/Y+wl34n+jFwSjRM8bw4JlL1w
9LAKwRJ6kf+XTrbf89goD46+1//kSkHaRJaizSspiiO31AV8mpcx/IFFywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHUC5Mo0eKg10xk5lPfIb+JbJrGmMB8GA1UdIwQY
MBaAFIZJqksyhzVTbSfBaM2/TqF3cB3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMt
MTlmMWRhYjJkMWI0LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMtMTlmMWRhYjJkMWI0
LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQpSJnc1
2Vj8eFo5ig8DuJZ1dRQtG5pbNNCraLjZ4EaF86ftW641atDiw6MU/mJNmnlarnE8
nF3wZv9+0pBwUKj0fzzdsBkuPSlc7O3wIp9kBZVAO4ygAc2sZ9bgD69Y3gviRJVj
oYiEHRB/4hsx9VA6iIgCRG4fmsL3SYUy8mnYFcK6wIICZoh081HOdNmnKNYMJ/LY
vBeArNcFj4xNj2GzZxsbnNK2mTHwC8wtl4YnOHlJrmjuTISg4/YXR4nfYKtSopBm
Y6rogUttOn5J+TRjbUDFhTwHWWS9SuKV0pm8AmRveFII3avpqkbySI2kD26AZuJH
72uR0h9O3M3wBg==
-----END CERTIFICATE-----