Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          LYOTFg7f/0LsQKQaOSHOcMC8pM0ROLwXiz+DT6/QwNw=
Subject key identifier:   4D:37:2D:06:52:C8:9A:BE:E1:13:76:16:D5:CC:0D:F0:BA:74:96:CD
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       019D3865735E22709B4669D5E19B56D3A0E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:05 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: 4nY+NIvM2PunDfp8CwJlRU3zgJflUc56ZvrvCdoQ7N8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:73:5e:22:70:9b:46:69:d5:e1:9b:56:d3:a0:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Mar 29 07:01:05 2026 GMT
            Not After : Mar 30 07:01:05 2026 GMT
        Subject: CN=4d372d0652c89abee1137616d5cc0df0ba7496cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c8:1c:1c:cd:4e:f4:4c:5b:61:49:f2:2a:74:
                    4d:de:31:5f:73:cf:75:d1:48:0c:2e:a2:48:c0:49:
                    c7:67:fd:de:50:ab:eb:3c:66:0a:68:b6:2d:1c:0e:
                    5a:81:71:bb:a2:9a:5e:ae:9e:93:2f:b5:4f:16:a2:
                    07:6f:99:85:47:12:cb:9a:64:47:a3:22:66:89:63:
                    1a:76:9a:4e:2c:d9:89:05:36:f2:99:34:47:a2:6d:
                    d3:14:6d:dd:b8:82:a1:7f:cc:c2:bb:5e:4f:95:b7:
                    46:6f:7c:c8:e1:bc:0b:9c:1e:49:ce:c5:9e:df:94:
                    4d:30:dc:10:8e:bb:5d:21:39:d8:90:ec:29:b5:44:
                    fc:2c:33:8d:a0:e5:de:38:cd:dd:dc:fd:45:95:0c:
                    a2:bc:ac:dd:5c:cc:6d:66:a0:d2:64:73:65:62:51:
                    98:ec:1d:64:6a:b0:fc:b8:2b:7a:db:b1:6e:89:00:
                    99:31:c5:82:65:28:d2:35:2d:ff:28:26:37:23:a4:
                    6e:38:7c:95:c7:8c:1f:80:93:0a:22:57:50:11:cd:
                    05:8f:ea:22:15:2f:b0:b3:3e:63:b9:3b:75:9a:3f:
                    b6:ef:68:24:78:38:0d:bc:9f:03:bf:3d:d5:df:85:
                    97:84:23:b3:15:ed:01:4b:3b:cb:f8:f2:51:57:46:
                    96:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:37:2D:06:52:C8:9A:BE:E1:13:76:16:D5:CC:0D:F0:BA:74:96:CD
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:a5:28:f2:ae:23:65:80:08:ac:9a:1b:5d:0a:b4:3b:7b:9b:
         ad:ca:27:ee:2c:45:e5:b1:5d:3f:c0:6b:a0:d3:70:0a:d4:88:
         32:fa:3e:06:53:35:9e:f0:0e:82:7d:5d:ee:b8:d5:85:ed:57:
         5d:60:e7:85:73:7e:1e:14:b4:0f:0d:2a:be:73:2a:77:bd:ee:
         37:c9:fa:66:12:88:a6:d5:5c:4b:5d:69:05:b7:fd:2d:13:90:
         54:04:bf:98:23:d9:2f:86:fb:02:57:ea:d9:4e:bf:94:f8:d1:
         a5:16:81:b7:80:95:43:a2:f7:7d:b2:0b:6d:b6:3b:4c:77:9f:
         3e:92:72:eb:3a:53:6e:93:cb:7b:a6:f6:e7:6f:4f:11:e8:19:
         cb:39:2c:db:0a:ad:b5:ca:c2:0f:db:4e:76:ea:00:11:51:2c:
         e3:74:78:91:a4:eb:bc:2c:3e:ee:27:48:63:ad:d0:a9:03:96:
         56:c9:82:c8:0e:dc:ed:47:72:68:6e:26:cb:b2:dc:18:3c:e7:
         67:fe:04:8c:3a:01:6b:eb:97:3d:0b:12:b7:47:63:15:6c:6d:
         69:35:49:a2:c0:76:87:b8:e3:63:01:71:b3:f0:c8:21:0e:6e:
         d2:aa:d2:db:90:91:e5:3f:e6:92:9d:5a:0f:e6:85:2d:a6:55:
         b8:6a:b0:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXNeInCbRmnV4ZtW06DiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjYwMzI5MDcwMTA1WhcNMjYwMzMwMDcwMTA1WjAzMTEwLwYDVQQD
Eyg0ZDM3MmQwNjUyYzg5YWJlZTExMzc2MTZkNWNjMGRmMGJhNzQ5NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucgcHM1O9ExbYUnyKnRN3jFfc891
0UgMLqJIwEnHZ/3eUKvrPGYKaLYtHA5agXG7opperp6TL7VPFqIHb5mFRxLLmmRH
oyJmiWMadppOLNmJBTbymTRHom3TFG3duIKhf8zCu15PlbdGb3zI4bwLnB5JzsWe
35RNMNwQjrtdITnYkOwptUT8LDONoOXeOM3d3P1FlQyivKzdXMxtZqDSZHNlYlGY
7B1karD8uCt627FuiQCZMcWCZSjSNS3/KCY3I6RuOHyVx4wfgJMKIldQEc0Fj+oi
FS+wsz5juTt1mj+272gkeDgNvJ8Dvz3V34WXhCOzFe0BSzvL+PJRV0aWAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE03LQZSyJq+4RN2FtXMDfC6dJbNMB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh6Uo8q4j
ZYAIrJobXQq0O3ubrcon7ixF5bFdP8BroNNwCtSIMvo+BlM1nvAOgn1d7rjVhe1X
XWDnhXN+HhS0Dw0qvnMqd73uN8n6ZhKIptVcS11pBbf9LROQVAS/mCPZL4b7Alfq
2U6/lPjRpRaBt4CVQ6L3fbILbbY7THefPpJy6zpTbpPLe6b2529PEegZyzks2wqt
tcrCD9tOduoAEVEs43R4kaTrvCw+7idIY63QqQOWVsmCyA7c7UdyaG4my7LcGDzn
Z/4EjDoBa+uXPQsSt0djFWxtaTVJosB2h7jjYwFxs/DIIQ5u0qrS25CR5T/mkp1a
D+aFLaZVuGqwHw==
-----END CERTIFICATE-----