Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
File:                     HqtOAMDZLLUBu7IjrPA54nCR204.mft (raw, json)
Hash identifier:          4+E5QkRHIYT90Qy4gFNK2Ss+Pv58TcRIjjx4vpHGYXk=
Subject key identifier:   CF:A4:72:20:CB:1A:09:BC:86:47:0D:D8:23:17:3A:86:6C:A1:B5:DA
Authority key identifier: 1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E
Certificate issuer:       /CN=1eab4e00c0d92cb501bbb223acf039e27091db4e
Certificate serial:       019F3A181FE69E3D8A0BA3BF7B228F2978DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
Manifest number:          1865
Signing time:             Tue 07 Jul 2026 01:01:27 +0000
Manifest this update:     Tue 07 Jul 2026 01:01:27 +0000
Manifest next update:     Wed 08 Jul 2026 01:01:27 +0000
Files and hashes:         1: HqtOAMDZLLUBu7IjrPA54nCR204.crl (hash: PVO1mGirYLYqWZGQplMobpC6hrvDrMgRkkgKYsyuPGg=)
                          2: whXPzPuEVZS_Ryn2sgcT7m9P8dA.roa (hash: JcZ3tM12MerqC0+RrqC4HBYHgE8TDlz33TUN53BsW3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 08 Jul 2026 01:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:3a:18:1f:e6:9e:3d:8a:0b:a3:bf:7b:22:8f:29:78:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1eab4e00c0d92cb501bbb223acf039e27091db4e
        Validity
            Not Before: Jul  7 01:01:27 2026 GMT
            Not After : Jul  8 01:01:27 2026 GMT
        Subject: CN=cfa47220cb1a09bc86470dd823173a866ca1b5da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:94:68:88:85:3b:ed:bb:4a:f3:1e:40:52:2b:
                    3e:9e:01:bb:ee:86:58:ab:7b:36:1e:c6:8e:12:7d:
                    6e:04:56:a5:1d:06:ad:7f:a1:ee:10:8f:e7:40:03:
                    bc:52:1c:d5:1a:7e:fe:ce:3a:15:5f:53:e2:0e:13:
                    aa:94:e8:23:34:de:73:da:79:c1:11:44:fa:b9:0f:
                    fb:36:ef:19:db:bd:25:27:34:5f:79:cd:54:95:79:
                    fd:93:81:df:b4:af:b0:8d:34:7d:3b:66:5d:9a:62:
                    e3:cd:84:66:e5:06:d0:e5:0b:a8:ba:52:fd:6b:2b:
                    d2:ee:3a:7f:66:da:8f:83:00:4a:19:e5:63:dd:54:
                    85:f2:5f:5f:9a:52:c4:82:f0:be:d6:f4:4e:83:5b:
                    df:f2:c4:15:2c:c4:81:dd:4d:1d:45:a9:5f:28:d0:
                    9e:21:7f:f3:93:eb:4e:a9:67:7a:da:ac:b0:49:fd:
                    88:87:4a:6b:a6:9d:11:41:a4:12:fe:68:72:70:e2:
                    52:95:ed:f8:af:76:52:6f:8b:b3:d8:16:78:d1:db:
                    65:a5:6e:7a:36:ef:f5:44:a9:dd:83:02:2a:da:a7:
                    ba:b4:0d:b4:75:07:a9:1b:d9:e4:e5:3c:9b:21:e2:
                    59:ea:a9:80:ac:7d:b7:22:08:94:58:35:23:57:62:
                    0e:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:A4:72:20:CB:1A:09:BC:86:47:0D:D8:23:17:3A:86:6C:A1:B5:DA
            X509v3 Authority Key Identifier:
                keyid:1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:b1:3e:44:f8:cb:89:c8:e7:f9:0d:5d:79:39:3c:0c:7d:80:
         92:a3:d6:95:34:17:a1:fe:42:f3:f7:2c:04:ed:d3:7f:3c:30:
         d3:b0:67:d3:7d:9f:81:75:92:5a:6b:60:2b:da:51:75:1e:dc:
         2f:e6:43:f1:26:d5:a1:22:dc:2f:58:1b:16:14:e3:a9:b2:ec:
         ad:8c:46:91:53:02:ee:86:d6:86:95:42:27:45:39:56:8b:6b:
         30:bb:77:b0:f1:aa:49:54:d2:0c:99:b6:1e:40:58:5a:71:1c:
         9c:84:a7:3b:02:1e:50:c8:41:2b:69:34:07:39:64:ab:39:8e:
         d5:eb:3d:4f:08:c4:0a:d9:2e:bc:22:a2:54:30:b4:8e:4c:93:
         f5:2c:d4:55:f7:8b:43:8b:10:f6:9f:f7:93:0c:53:fa:d8:b4:
         f9:59:e6:05:95:20:50:13:00:5c:c6:a4:ac:6c:ec:50:81:98:
         3e:f2:85:38:5e:ae:c1:00:3c:38:b2:7c:82:d0:14:be:d7:eb:
         44:24:f5:0a:dd:95:78:e3:60:2b:08:e9:fb:ce:1d:b3:e4:af:
         cc:fe:61:41:17:be:74:02:a5:e9:bb:26:13:e2:ea:94:78:5c:
         6f:a8:0f:91:8a:06:29:f7:fc:5c:ec:3f:22:04:5f:e8:51:e0:
         56:71:df:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ86GB/mnj2KC6O/eyKPKXjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWI0ZTAwYzBkOTJjYjUwMWJiYjIyM2FjZjAzOWUyNzA5
MWRiNGUwHhcNMjYwNzA3MDEwMTI3WhcNMjYwNzA4MDEwMTI3WjAzMTEwLwYDVQQD
EyhjZmE0NzIyMGNiMWEwOWJjODY0NzBkZDgyMzE3M2E4NjZjYTFiNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pRoiIU77btK8x5AUis+ngG77oZY
q3s2HsaOEn1uBFalHQatf6HuEI/nQAO8UhzVGn7+zjoVX1PiDhOqlOgjNN5z2nnB
EUT6uQ/7Nu8Z270lJzRfec1UlXn9k4HftK+wjTR9O2ZdmmLjzYRm5QbQ5QuoulL9
ayvS7jp/ZtqPgwBKGeVj3VSF8l9fmlLEgvC+1vROg1vf8sQVLMSB3U0dRalfKNCe
IX/zk+tOqWd62qywSf2Ih0prpp0RQaQS/mhycOJSle34r3ZSb4uz2BZ40dtlpW56
Nu/1RKndgwIq2qe6tA20dQepG9nk5TybIeJZ6qmArH23IgiUWDUjV2IORwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+kciDLGgm8hkcN2CMXOoZsobXaMB8GA1UdIwQY
MBaAFB6rTgDA2Sy1AbuyI6zwOeJwkdtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMt
MTliYTg0ZDg0YWYwLzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMtMTliYTg0ZDg0YWYw
LzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH7E+RPjL
icjn+Q1deTk8DH2AkqPWlTQXof5C8/csBO3Tfzww07Bn032fgXWSWmtgK9pRdR7c
L+ZD8SbVoSLcL1gbFhTjqbLsrYxGkVMC7obWhpVCJ0U5VotrMLt3sPGqSVTSDJm2
HkBYWnEcnISnOwIeUMhBK2k0BzlkqzmO1es9TwjECtkuvCKiVDC0jkyT9SzUVfeL
Q4sQ9p/3kwxT+ti0+VnmBZUgUBMAXMakrGzsUIGYPvKFOF6uwQA8OLJ8gtAUvtfr
RCT1Ct2VeONgKwjp+84ds+SvzP5hQRe+dAKl6bsmE+LqlHhcb6gPkYoGKff8XOw/
IgRf6FHgVnHffA==
-----END CERTIFICATE-----
Generated at Tue Jul 7 10:46:55 2026 by rpki-client