Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
File:                     HqtOAMDZLLUBu7IjrPA54nCR204.mft (raw, json)
Hash identifier:          kkI/nl+STAsZAdiPstjNDBRSmQ7G3S7wwP6CT/orAjw=
Subject key identifier:   D3:C4:91:43:8F:E8:69:5D:A1:B7:25:23:8B:89:28:FF:C6:75:91:1B
Authority key identifier: 1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E
Certificate issuer:       /CN=1eab4e00c0d92cb501bbb223acf039e27091db4e
Certificate serial:       019F3C06B834AE27027B3D66758BF3665C7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
Manifest number:          1866
Signing time:             Tue 07 Jul 2026 10:01:41 +0000
Manifest this update:     Tue 07 Jul 2026 10:01:41 +0000
Manifest next update:     Wed 08 Jul 2026 10:01:41 +0000
Files and hashes:         1: HqtOAMDZLLUBu7IjrPA54nCR204.crl (hash: /9cvX7VvNZIfUFOeZe8DrdA5t/rlDf980z6r6TkSTCQ=)
                          2: whXPzPuEVZS_Ryn2sgcT7m9P8dA.roa (hash: JcZ3tM12MerqC0+RrqC4HBYHgE8TDlz33TUN53BsW3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 08 Jul 2026 08:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:3c:06:b8:34:ae:27:02:7b:3d:66:75:8b:f3:66:5c:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1eab4e00c0d92cb501bbb223acf039e27091db4e
        Validity
            Not Before: Jul  7 10:01:41 2026 GMT
            Not After : Jul  8 10:01:41 2026 GMT
        Subject: CN=d3c491438fe8695da1b725238b8928ffc675911b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:9b:ce:da:55:21:b8:c4:11:31:ec:58:77:fc:
                    14:66:40:bf:52:6b:bf:50:f2:1c:cc:12:7b:55:39:
                    68:56:0f:a9:f8:ed:1e:fb:e0:f2:96:bf:b4:91:53:
                    93:8b:64:82:08:bc:94:9a:c8:66:62:b8:16:9a:a8:
                    15:1d:f2:04:50:7c:76:fc:b7:eb:8d:89:7c:05:9c:
                    1e:10:6b:b0:30:61:66:c1:2f:31:c6:a8:c5:13:c5:
                    f2:77:92:34:66:b9:df:c4:3b:aa:85:a6:08:6d:cf:
                    b3:6f:5a:aa:f9:fd:ec:05:30:ec:c8:6a:e6:a3:f0:
                    48:8a:6b:61:9b:bb:05:cd:83:dc:bf:8f:5d:d6:69:
                    19:ab:a1:61:f8:43:61:15:22:5f:75:5f:4a:a6:a8:
                    70:4c:f1:c9:e2:a7:c7:37:6a:2c:61:c9:f9:f5:e4:
                    f5:0c:30:59:e3:f1:0b:c6:28:86:f1:a9:31:ed:9d:
                    31:78:63:c6:07:91:ad:87:ec:c2:c4:96:b6:92:a3:
                    e2:4b:3b:a3:4e:3c:05:2c:cf:12:e5:f2:bf:e9:c9:
                    69:50:62:8b:9d:c1:d9:ce:12:ca:18:1d:e6:2e:4e:
                    58:34:b3:28:8e:30:14:25:dd:54:77:cc:39:73:a2:
                    e6:44:b3:3e:eb:c6:30:4f:f1:0f:98:ad:80:2b:69:
                    29:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:C4:91:43:8F:E8:69:5D:A1:B7:25:23:8B:89:28:FF:C6:75:91:1B
            X509v3 Authority Key Identifier:
                keyid:1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:b3:01:7a:26:72:9b:95:2f:59:b5:96:95:73:2d:03:7b:96:
         34:09:6f:70:d5:80:93:1a:ec:09:c5:9b:ec:54:0e:49:72:0c:
         1f:06:66:08:a9:fe:9e:44:e6:58:cb:9d:22:11:87:2f:af:6a:
         d7:d0:44:88:18:18:a4:a5:a2:5a:42:90:bc:d1:41:45:a0:1e:
         36:45:d6:39:5b:93:28:73:c5:1b:7c:e3:c1:08:49:1f:0c:d7:
         5c:6e:49:45:5e:43:46:d0:14:b5:8e:25:c9:7f:2a:50:af:a5:
         e1:9f:c2:08:8a:38:34:df:63:fc:f7:d3:f6:4f:8c:64:70:02:
         87:03:63:ca:b6:b4:38:1e:ab:e4:6b:bd:2a:02:e4:8c:52:a0:
         c5:a3:6a:73:48:96:d0:e0:77:f9:cf:04:2a:8f:2e:1d:7e:14:
         15:fe:f5:4a:69:27:9d:da:82:77:d1:68:de:40:75:cc:81:00:
         1f:a0:82:f6:23:16:53:a4:e8:19:d3:a9:3a:c8:2f:e4:da:e1:
         b5:a8:eb:8b:91:3b:8d:18:62:0a:0c:1f:4d:d6:2f:5a:48:3a:
         b0:72:1b:c8:9c:d3:99:24:e6:ff:92:bf:c2:05:1c:1b:c3:30:
         5e:36:19:6e:a4:22:b4:40:b1:55:3f:be:e8:6d:1b:47:71:1d:
         1b:56:ee:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ88Brg0ricCez1mdYvzZlx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWI0ZTAwYzBkOTJjYjUwMWJiYjIyM2FjZjAzOWUyNzA5
MWRiNGUwHhcNMjYwNzA3MTAwMTQxWhcNMjYwNzA4MTAwMTQxWjAzMTEwLwYDVQQD
EyhkM2M0OTE0MzhmZTg2OTVkYTFiNzI1MjM4Yjg5MjhmZmM2NzU5MTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5vO2lUhuMQRMexYd/wUZkC/Umu/
UPIczBJ7VTloVg+p+O0e++Dylr+0kVOTi2SCCLyUmshmYrgWmqgVHfIEUHx2/Lfr
jYl8BZweEGuwMGFmwS8xxqjFE8Xyd5I0ZrnfxDuqhaYIbc+zb1qq+f3sBTDsyGrm
o/BIimthm7sFzYPcv49d1mkZq6Fh+ENhFSJfdV9KpqhwTPHJ4qfHN2osYcn59eT1
DDBZ4/ELxiiG8akx7Z0xeGPGB5Gth+zCxJa2kqPiSzujTjwFLM8S5fK/6clpUGKL
ncHZzhLKGB3mLk5YNLMojjAUJd1Ud8w5c6LmRLM+68YwT/EPmK2AK2kpbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPEkUOP6GldobclI4uJKP/GdZEbMB8GA1UdIwQY
MBaAFB6rTgDA2Sy1AbuyI6zwOeJwkdtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMt
MTliYTg0ZDg0YWYwLzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMtMTliYTg0ZDg0YWYw
LzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU7MBeiZy
m5UvWbWWlXMtA3uWNAlvcNWAkxrsCcWb7FQOSXIMHwZmCKn+nkTmWMudIhGHL69q
19BEiBgYpKWiWkKQvNFBRaAeNkXWOVuTKHPFG3zjwQhJHwzXXG5JRV5DRtAUtY4l
yX8qUK+l4Z/CCIo4NN9j/PfT9k+MZHAChwNjyra0OB6r5Gu9KgLkjFKgxaNqc0iW
0OB3+c8EKo8uHX4UFf71SmknndqCd9Fo3kB1zIEAH6CC9iMWU6ToGdOpOsgv5Nrh
tajri5E7jRhiCgwfTdYvWkg6sHIbyJzTmSTm/5K/wgUcG8MwXjYZbqQitECxVT++
6G0bR3EdG1bukg==
-----END CERTIFICATE-----
Generated at Tue Jul 7 11:49:46 2026 by rpki-client