Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.mft
File:                     HZGUbJzTuATxrX507zS_U7u6gws.mft (raw, json)
Hash identifier:          aZ25IowWL4kpdUJaC2PkD5JmTg4nt0/MwIWfphgpPGI=
Subject key identifier:   11:EF:2A:79:0E:F9:5F:FD:E7:E6:66:F8:37:B2:06:F7:67:85:A4:61
Authority key identifier: 1D:91:94:6C:9C:D3:B8:04:F1:AD:7E:74:EF:34:BF:53:BB:BA:83:0B
Certificate issuer:       /CN=1d91946c9cd3b804f1ad7e74ef34bf53bbba830b
Certificate serial:       019D389BBFA8E86DDD6AD27677E3936E834A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HZGUbJzTuATxrX507zS_U7u6gws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.mft
Manifest number:          01E7
Signing time:             Sun 29 Mar 2026 08:00:24 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:24 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:24 +0000
Files and hashes:         1: HZGUbJzTuATxrX507zS_U7u6gws.crl (hash: cDSXUkgeVJjrxm6LYTgRtiYhxhBqR4bw6kWqkIPmEO8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HZGUbJzTuATxrX507zS_U7u6gws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:bf:a8:e8:6d:dd:6a:d2:76:77:e3:93:6e:83:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d91946c9cd3b804f1ad7e74ef34bf53bbba830b
        Validity
            Not Before: Mar 29 08:00:24 2026 GMT
            Not After : Mar 30 08:00:24 2026 GMT
        Subject: CN=11ef2a790ef95ffde7e666f837b206f76785a461
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:28:24:fa:a5:b3:65:a7:00:b3:bb:0e:e4:4d:
                    fb:d2:2a:75:2f:1e:2f:84:51:e4:0f:e1:f6:f4:ad:
                    b8:82:97:18:12:9c:35:14:03:4b:2e:af:9c:50:ca:
                    70:eb:93:2f:81:f9:fc:63:bd:b7:1e:fc:75:e1:03:
                    63:22:38:8a:eb:b7:0e:73:fb:de:ef:89:ee:bc:c9:
                    00:82:97:48:ed:70:26:7f:bc:49:37:39:0c:f6:bd:
                    84:32:22:1e:7e:a5:a0:60:95:b5:c1:77:af:a4:36:
                    a1:0c:57:89:19:8d:fc:6b:03:95:5c:47:fb:f1:ad:
                    98:34:3d:0d:c0:92:1c:0e:80:bd:f1:6f:d8:69:60:
                    d1:2b:bf:9e:48:58:4a:79:52:8c:3c:d5:80:78:85:
                    d3:7d:c0:bd:10:e2:5e:ef:1c:a5:be:1c:48:9f:7d:
                    2c:8b:65:0d:cb:ee:7a:8e:72:c7:f7:73:57:5c:f9:
                    dd:40:6f:95:0e:26:c8:f8:ad:33:a0:89:63:e0:ff:
                    78:4a:00:6b:f0:02:ea:ce:a0:26:59:9d:ec:44:e7:
                    91:8e:5d:80:fb:5b:3e:68:d1:fe:ef:1c:d2:88:c6:
                    fd:da:56:1e:64:57:b5:ed:55:77:d8:be:9d:9f:d8:
                    3f:0e:5d:05:88:cc:be:7b:b3:70:c6:36:ea:6c:db:
                    d9:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:EF:2A:79:0E:F9:5F:FD:E7:E6:66:F8:37:B2:06:F7:67:85:A4:61
            X509v3 Authority Key Identifier:
                keyid:1D:91:94:6C:9C:D3:B8:04:F1:AD:7E:74:EF:34:BF:53:BB:BA:83:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZGUbJzTuATxrX507zS_U7u6gws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:0c:2e:4c:2d:ae:73:6b:42:b9:22:b9:90:9e:e8:b7:8b:3d:
         f7:80:b4:2f:81:1a:04:63:5b:76:59:d0:3c:2e:6f:54:d6:22:
         7e:cd:ab:22:07:f3:00:9e:ba:f7:eb:6a:6f:c6:e1:0c:c4:61:
         94:91:c7:0b:80:9b:ea:21:8b:61:27:3b:55:99:c7:10:b5:17:
         06:6c:3b:70:a9:a4:48:79:4c:57:25:d5:d9:25:4d:7b:47:fc:
         cc:a0:71:88:51:b0:6d:8f:92:53:4a:f0:4b:4c:b9:be:f7:65:
         9e:f5:39:8b:8e:7a:ab:2e:d1:28:29:e2:83:c5:ac:14:07:bf:
         e1:cb:17:68:78:eb:df:3d:45:2c:1c:09:bc:5c:37:63:37:26:
         41:a8:62:81:b7:56:04:39:80:05:f9:a7:7b:59:d1:58:2f:5b:
         fd:2b:e4:29:6b:dd:24:b9:f7:36:b7:4d:20:86:77:c0:1c:3a:
         11:6e:a5:85:05:e8:5f:1d:e6:eb:be:4b:29:6d:3a:d3:00:3e:
         05:f1:b1:6d:ed:37:f6:72:80:f2:0f:07:9d:8b:63:0f:42:24:
         c2:20:1c:96:a2:eb:83:78:73:6c:75:da:cf:32:7e:0e:61:b3:
         aa:bd:d2:e6:7f:dd:63:7f:6a:8a:d5:a3:1f:07:b8:23:9b:df:
         41:cd:6f:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m7+o6G3datJ2d+OTboNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOTE5NDZjOWNkM2I4MDRmMWFkN2U3NGVmMzRiZjUzYmJi
YTgzMGIwHhcNMjYwMzI5MDgwMDI0WhcNMjYwMzMwMDgwMDI0WjAzMTEwLwYDVQQD
EygxMWVmMmE3OTBlZjk1ZmZkZTdlNjY2ZjgzN2IyMDZmNzY3ODVhNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSgk+qWzZacAs7sO5E370ip1Lx4v
hFHkD+H29K24gpcYEpw1FANLLq+cUMpw65Mvgfn8Y723Hvx14QNjIjiK67cOc/ve
74nuvMkAgpdI7XAmf7xJNzkM9r2EMiIefqWgYJW1wXevpDahDFeJGY38awOVXEf7
8a2YND0NwJIcDoC98W/YaWDRK7+eSFhKeVKMPNWAeIXTfcC9EOJe7xylvhxIn30s
i2UNy+56jnLH93NXXPndQG+VDibI+K0zoIlj4P94SgBr8ALqzqAmWZ3sROeRjl2A
+1s+aNH+7xzSiMb92lYeZFe17VV32L6dn9g/Dl0FiMy+e7NwxjbqbNvZ2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHvKnkO+V/95+Zm+DeyBvdnhaRhMB8GA1UdIwQY
MBaAFB2RlGyc07gE8a1+dO80v1O7uoMLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFpHVWJKelR1QVR4clg1MDd6U19VN3U2Z3dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8yZjBiOWItMDYyOS00MzgyLTkzODkt
ODJkNmFkYjZjOTE4LzEvSFpHVWJKelR1QVR4clg1MDd6U19VN3U2Z3dzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8yZjBiOWItMDYyOS00MzgyLTkzODktODJkNmFkYjZjOTE4
LzEvSFpHVWJKelR1QVR4clg1MDd6U19VN3U2Z3dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARAwuTC2u
c2tCuSK5kJ7ot4s994C0L4EaBGNbdlnQPC5vVNYifs2rIgfzAJ669+tqb8bhDMRh
lJHHC4Cb6iGLYSc7VZnHELUXBmw7cKmkSHlMVyXV2SVNe0f8zKBxiFGwbY+SU0rw
S0y5vvdlnvU5i456qy7RKCnig8WsFAe/4csXaHjr3z1FLBwJvFw3YzcmQahigbdW
BDmABfmne1nRWC9b/SvkKWvdJLn3NrdNIIZ3wBw6EW6lhQXoXx3m675LKW060wA+
BfGxbe039nKA8g8HnYtjD0IkwiAclqLrg3hzbHXazzJ+DmGzqr3S5n/dY39qitWj
Hwe4I5vfQc1veg==
-----END CERTIFICATE-----