Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          6boalxygkYtmXRMPEdsV+FZKFKdiNqTSO5W4O+JklLA=
Subject key identifier:   89:47:CE:7B:0E:96:39:26:22:48:F1:E1:FC:EE:DB:EA:F6:B4:DB:2E
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       019D39AF76580C24F4B4AD43FBF75B762001
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          188E
Signing time:             Sun 29 Mar 2026 13:01:33 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:33 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:33 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: zFn51rJryiuZEzRyiQaHMeUbnEL2K94A2rj6Thd9BrE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 13:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:76:58:0c:24:f4:b4:ad:43:fb:f7:5b:76:20:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Mar 29 13:01:33 2026 GMT
            Not After : Mar 30 13:01:33 2026 GMT
        Subject: CN=8947ce7b0e9639262248f1e1fceedbeaf6b4db2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d2:90:31:44:02:c2:34:59:6e:a6:14:fd:72:
                    8a:ba:84:6e:03:79:1a:f7:c9:77:ed:61:b4:b1:f5:
                    47:ff:a2:e6:db:7e:7b:d9:ec:53:59:66:ed:0f:ec:
                    f3:7a:e8:a0:9f:8e:f4:30:a9:f7:8a:d9:2b:3f:24:
                    1d:2c:8f:a7:0d:73:22:fc:cd:17:f0:29:86:53:82:
                    af:d9:0e:1c:a5:a7:75:9b:6c:df:0d:3f:c1:e8:e8:
                    3f:51:2c:36:ae:a9:09:43:ba:6d:7c:48:c1:56:b6:
                    50:2f:3d:f3:89:41:f7:ea:bd:4d:6b:47:b7:b5:94:
                    16:8d:f0:17:2a:57:2a:62:94:7e:62:b7:c9:98:41:
                    72:6e:10:7d:30:d2:90:06:b7:50:7d:c1:e4:94:09:
                    1c:01:f1:d2:c9:5b:2d:44:6e:6e:af:a4:e0:a5:1b:
                    8b:f0:fe:69:9f:20:78:01:b8:b1:27:af:73:59:7e:
                    14:a0:27:ce:44:8c:c1:ae:9b:81:5a:5b:2d:82:3b:
                    6f:65:14:ac:bd:35:74:f6:ab:87:ea:21:79:a2:70:
                    e7:4f:05:02:eb:cc:b6:53:8b:55:c6:af:24:9a:3a:
                    8e:2c:de:27:c0:7c:be:4c:2a:f3:86:bb:67:4f:27:
                    5a:ec:d7:78:e9:0a:e6:36:f1:b4:d3:9c:48:dc:99:
                    1a:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:47:CE:7B:0E:96:39:26:22:48:F1:E1:FC:EE:DB:EA:F6:B4:DB:2E
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:4f:d4:59:15:fd:aa:ee:04:ff:d1:88:76:1e:4b:4c:15:4d:
         f6:b4:15:dc:92:61:3c:d0:26:58:47:fe:2a:46:86:1d:66:83:
         0d:77:a5:b1:ff:f8:f3:b9:22:18:c8:d4:f2:55:ff:12:c3:d2:
         9b:cc:58:85:c9:27:d4:10:d5:74:0e:72:75:6c:b7:18:1e:26:
         b0:88:22:f8:c8:13:7c:3f:a5:93:33:7b:b1:7a:dd:36:dd:66:
         27:7b:3e:0d:a0:75:20:de:26:80:e5:6e:95:20:39:7d:88:66:
         ff:a2:3e:fe:ec:ba:98:a3:24:04:dd:4d:dd:37:14:ad:ce:8f:
         fd:5d:dd:92:a7:06:a1:d6:8c:c9:1f:32:55:7d:54:0c:cc:9e:
         37:f8:08:90:4d:54:a1:06:46:a0:14:46:cd:ed:57:0a:25:bf:
         13:14:9d:8a:62:cf:2a:e6:43:51:81:31:55:0a:80:0f:c1:d3:
         b3:18:6b:9f:e1:8c:fa:19:d4:05:fe:3f:5d:fe:73:ae:48:a8:
         ed:95:3b:9a:dc:63:8d:85:10:59:52:ae:2c:74:79:ff:f6:fa:
         bb:8f:90:63:50:90:69:d4:4b:31:74:6b:24:d5:0c:61:85:aa:
         27:6e:36:d1:6c:e8:64:0b:b3:44:30:1d:91:1f:87:f9:21:1a:
         d6:e2:6c:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05r3ZYDCT0tK1D+/dbdiABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjYwMzI5MTMwMTMzWhcNMjYwMzMwMTMwMTMzWjAzMTEwLwYDVQQD
Eyg4OTQ3Y2U3YjBlOTYzOTI2MjI0OGYxZTFmY2VlZGJlYWY2YjRkYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9KQMUQCwjRZbqYU/XKKuoRuA3ka
98l37WG0sfVH/6Lm23572exTWWbtD+zzeuign470MKn3itkrPyQdLI+nDXMi/M0X
8CmGU4Kv2Q4cpad1m2zfDT/B6Og/USw2rqkJQ7ptfEjBVrZQLz3ziUH36r1Na0e3
tZQWjfAXKlcqYpR+YrfJmEFybhB9MNKQBrdQfcHklAkcAfHSyVstRG5ur6TgpRuL
8P5pnyB4AbixJ69zWX4UoCfORIzBrpuBWlstgjtvZRSsvTV09quH6iF5onDnTwUC
68y2U4tVxq8kmjqOLN4nwHy+TCrzhrtnTyda7Nd46QrmNvG005xI3JkaNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlHznsOljkmIkjx4fzu2+r2tNsuMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARE/UWRX9
qu4E/9GIdh5LTBVN9rQV3JJhPNAmWEf+KkaGHWaDDXelsf/487kiGMjU8lX/EsPS
m8xYhckn1BDVdA5ydWy3GB4msIgi+MgTfD+lkzN7sXrdNt1mJ3s+DaB1IN4mgOVu
lSA5fYhm/6I+/uy6mKMkBN1N3TcUrc6P/V3dkqcGodaMyR8yVX1UDMyeN/gIkE1U
oQZGoBRGze1XCiW/ExSdimLPKuZDUYExVQqAD8HTsxhrn+GM+hnUBf4/Xf5zrkio
7ZU7mtxjjYUQWVKuLHR5//b6u4+QY1CQadRLMXRrJNUMYYWqJ2420WzoZAuzRDAd
kR+H+SEa1uJsFw==
-----END CERTIFICATE-----