Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
File:                     HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft (raw, json)
Hash identifier:          c5sMwqbrzm2G6uDzLQfGIYBPqp9ctgtmE9J6b8iSwI8=
Subject key identifier:   2B:AE:90:FF:30:29:79:A3:80:BB:86:A3:C8:BD:A7:E3:D2:B4:A7:94
Authority key identifier: 1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50
Certificate issuer:       /CN=1c5353a86abd33b1a236e407ce469261d0636150
Certificate serial:       019D375256A2D6535BD6BD61604FA99E9C85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
Manifest number:          0B13
Signing time:             Sun 29 Mar 2026 02:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:36 +0000
Files and hashes:         1: HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl (hash: 6uGIRuad5HGPknjdsKWK2ql11BM2a3FMA1aeVHo+0iA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:56:a2:d6:53:5b:d6:bd:61:60:4f:a9:9e:9c:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5353a86abd33b1a236e407ce469261d0636150
        Validity
            Not Before: Mar 29 02:00:36 2026 GMT
            Not After : Mar 30 02:00:36 2026 GMT
        Subject: CN=2bae90ff302979a380bb86a3c8bda7e3d2b4a794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:7c:c9:d2:5c:27:7d:ef:87:d9:7b:8d:ce:81:
                    30:0c:f2:a0:a6:6d:29:c9:43:81:7f:f5:8a:b6:03:
                    4a:cb:51:04:de:34:bf:59:03:ae:c9:a3:04:80:e5:
                    7c:cf:ca:ac:26:74:f9:d4:66:f7:0c:7c:d2:e6:1c:
                    60:c3:44:05:03:28:ed:6e:ab:74:4f:93:a9:cd:ac:
                    d7:9b:ce:a4:28:b2:23:ed:cf:a2:1b:4d:7e:6f:18:
                    17:d0:ef:21:ac:5c:a6:e8:cd:32:58:2c:72:e8:0b:
                    98:b7:f4:19:e8:0e:7d:af:78:f7:e7:ed:06:1d:90:
                    7d:d3:d2:da:ee:65:53:01:fb:d6:06:70:f6:7f:3f:
                    01:64:06:df:5b:a2:37:ee:3a:a1:b8:96:ab:1a:b3:
                    a7:36:3a:4d:c7:82:7f:9e:67:df:87:98:6b:43:bb:
                    f5:4b:cd:24:a2:62:f2:2b:dd:6c:62:d0:f5:bc:ed:
                    0f:f7:bd:bb:9b:bd:20:2f:1c:2e:0e:3f:2a:6c:86:
                    6a:2d:f0:78:a9:56:9f:86:ee:98:3e:5e:8e:de:64:
                    21:ef:97:02:11:b9:a2:7f:b0:18:5a:1d:fc:40:f7:
                    d6:bb:bf:a9:bd:9c:9a:56:ce:13:c1:47:79:06:82:
                    94:ad:47:e0:f6:5f:39:c0:c9:da:46:39:ac:6d:cd:
                    63:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:AE:90:FF:30:29:79:A3:80:BB:86:A3:C8:BD:A7:E3:D2:B4:A7:94
            X509v3 Authority Key Identifier:
                keyid:1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:93:62:f7:cd:0e:db:04:96:92:76:7e:1d:77:8e:cf:71:91:
         60:6f:88:dd:c1:70:c3:85:3c:78:db:cb:6d:14:1d:76:12:9b:
         86:27:94:9a:66:7f:0d:c5:63:10:ab:44:c9:2b:1c:c4:9f:ae:
         77:68:13:8b:02:c8:4f:ca:1b:90:21:a5:3a:29:e2:c7:8b:ff:
         ca:92:36:9a:be:c6:65:72:2d:55:67:de:c2:e4:76:92:34:62:
         29:78:be:df:b1:3b:9a:1c:76:47:99:fa:80:3b:1d:29:a1:8d:
         1e:b8:ba:37:40:75:fb:c3:03:8d:48:e2:42:1f:73:91:33:7b:
         ec:6f:fa:6f:0f:af:a6:a5:dd:ba:25:62:dd:df:fa:ed:7f:e8:
         b2:fd:ed:29:b5:a7:85:26:b4:39:a7:ad:e0:63:87:9c:05:ee:
         c1:c0:b5:8c:16:d2:6c:17:0c:43:a7:5a:ca:e9:74:8d:b8:51:
         c9:bf:50:fa:f3:25:90:80:f2:60:1b:a5:cb:cc:52:14:6f:8a:
         f4:05:cd:c0:5c:03:c7:f6:de:0e:e1:8a:14:4e:9f:e4:75:b1:
         08:c5:50:0b:50:bb:34:1a:cc:6c:cf:55:e0:96:1f:ec:58:9c:
         77:81:ac:4c:21:cf:8a:8f:c6:56:b3:82:0d:e5:46:b2:90:70:
         11:ff:b3:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Ulai1lNb1r1hYE+pnpyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTM1M2E4NmFiZDMzYjFhMjM2ZTQwN2NlNDY5MjYxZDA2
MzYxNTAwHhcNMjYwMzI5MDIwMDM2WhcNMjYwMzMwMDIwMDM2WjAzMTEwLwYDVQQD
EygyYmFlOTBmZjMwMjk3OWEzODBiYjg2YTNjOGJkYTdlM2QyYjRhNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnzJ0lwnfe+H2XuNzoEwDPKgpm0p
yUOBf/WKtgNKy1EE3jS/WQOuyaMEgOV8z8qsJnT51Gb3DHzS5hxgw0QFAyjtbqt0
T5OpzazXm86kKLIj7c+iG01+bxgX0O8hrFym6M0yWCxy6AuYt/QZ6A59r3j35+0G
HZB909La7mVTAfvWBnD2fz8BZAbfW6I37jqhuJarGrOnNjpNx4J/nmffh5hrQ7v1
S80komLyK91sYtD1vO0P9727m70gLxwuDj8qbIZqLfB4qVafhu6YPl6O3mQh75cC
Ebmif7AYWh38QPfWu7+pvZyaVs4TwUd5BoKUrUfg9l85wMnaRjmsbc1jPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuukP8wKXmjgLuGo8i9p+PStKeUMB8GA1UdIwQY
MBaAFBxTU6hqvTOxojbkB85GkmHQY2FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMt
YzRlMThiOGJiMWNmLzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMtYzRlMThiOGJiMWNm
LzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo5Ni980O
2wSWknZ+HXeOz3GRYG+I3cFww4U8eNvLbRQddhKbhieUmmZ/DcVjEKtEySscxJ+u
d2gTiwLIT8obkCGlOinix4v/ypI2mr7GZXItVWfewuR2kjRiKXi+37E7mhx2R5n6
gDsdKaGNHri6N0B1+8MDjUjiQh9zkTN77G/6bw+vpqXduiVi3d/67X/osv3tKbWn
hSa0Oaet4GOHnAXuwcC1jBbSbBcMQ6dayul0jbhRyb9Q+vMlkIDyYBuly8xSFG+K
9AXNwFwDx/beDuGKFE6f5HWxCMVQC1C7NBrMbM9V4JYf7Ficd4GsTCHPio/GVrOC
DeVGspBwEf+zUQ==
-----END CERTIFICATE-----