Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          +yVNSefEMe2M8PkhN5tf2KNsbhh4txJKosEOLb4U65g=
Subject key identifier:   F0:78:02:A5:34:16:84:82:6A:F4:14:54:00:44:56:70:0F:FA:69:1E
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       019D38664AF5FDCCDD0FDAD1D7D66C1C712D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0A89
Signing time:             Sun 29 Mar 2026 07:02:01 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:01 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:01 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: kc1sBFxA24TxK7PvjYv6inoolx8Xsj87U/x5LyoeP74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:4a:f5:fd:cc:dd:0f:da:d1:d7:d6:6c:1c:71:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Mar 29 07:02:01 2026 GMT
            Not After : Mar 30 07:02:01 2026 GMT
        Subject: CN=f07802a5341684826af41454004456700ffa691e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:5a:34:d6:d3:b3:4f:2a:69:68:53:b9:66:f9:
                    79:a1:4e:fd:15:5c:f6:07:60:c4:f9:89:1e:f4:d7:
                    49:03:98:86:4f:1a:a1:c5:d2:da:19:0a:df:7e:fb:
                    d0:df:02:2c:f2:fe:f2:b3:67:39:ca:ab:d2:df:b1:
                    92:c8:0c:d7:aa:29:93:c7:03:37:26:c2:1c:86:60:
                    7f:23:38:34:a0:d6:13:23:33:22:f2:fe:a2:d8:5c:
                    cd:7d:09:38:da:55:16:02:0b:4d:b2:00:8c:50:df:
                    c0:5e:44:9d:b5:12:df:89:f7:2c:dd:fc:e5:46:2b:
                    9e:87:82:b0:ee:e0:a4:70:2f:b6:72:db:b0:86:d0:
                    a6:7d:ec:55:22:f6:f9:0f:08:81:b3:ae:66:5e:6f:
                    62:88:89:73:f8:da:64:10:97:ec:7f:32:9c:a9:2f:
                    f3:4e:1f:0c:45:2c:21:2b:50:83:ae:8a:04:04:2f:
                    86:c6:5b:95:55:06:a1:5b:e3:8e:84:cb:c7:71:a3:
                    15:b3:51:44:48:81:1f:6b:d4:d4:44:b6:8e:ae:f9:
                    c8:75:2e:ea:a5:a4:0d:6f:20:05:1c:be:c9:9f:bb:
                    61:cd:43:9d:11:42:84:c1:de:81:5b:fb:42:62:7e:
                    52:c7:2c:7d:25:c2:b1:5a:1b:43:09:27:39:2d:4e:
                    98:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:78:02:A5:34:16:84:82:6A:F4:14:54:00:44:56:70:0F:FA:69:1E
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:50:e4:a4:d9:7c:32:39:06:c1:aa:d9:56:a4:4a:18:9e:90:
         da:ec:42:10:ed:c2:a8:6c:d8:72:eb:6d:75:24:42:d4:94:1b:
         eb:dd:eb:22:a6:81:66:26:8a:e3:72:52:17:6e:3a:cb:43:94:
         1a:1b:c8:76:a1:db:da:01:89:99:f7:ef:6f:21:92:b1:4f:e5:
         bf:d1:22:fb:df:95:69:1c:b9:d6:e8:74:3d:7d:b3:62:7b:4c:
         cc:18:14:0c:49:9a:16:0d:89:ce:86:7c:d1:27:17:92:0d:e6:
         a6:3c:42:e0:09:c4:fd:42:c5:06:02:6b:44:c0:10:8b:55:68:
         e6:0a:73:cd:1e:02:83:06:05:c4:e2:e8:9e:dc:ca:50:d1:88:
         ce:83:a9:7e:7f:d5:77:4f:53:20:ba:ff:dd:c9:22:d4:5b:fa:
         1e:07:03:99:9a:62:7a:65:e7:5b:6c:8d:04:7b:f5:e6:30:6d:
         64:00:a4:9e:f1:c5:a6:90:ca:67:b5:67:72:6a:a0:cf:87:f3:
         fb:00:eb:9a:61:c9:a8:16:b3:d4:cc:e4:c3:40:9d:98:f0:b7:
         3b:1f:9d:fd:cc:9e:65:5f:17:ff:11:3c:05:db:93:96:db:31:
         6e:25:4c:ca:44:2e:35:c5:59:3b:ea:54:6a:2a:58:c5:a8:a8:
         0a:61:ef:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zkr1/czdD9rR19ZsHHEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjYwMzI5MDcwMjAxWhcNMjYwMzMwMDcwMjAxWjAzMTEwLwYDVQQD
EyhmMDc4MDJhNTM0MTY4NDgyNmFmNDE0NTQwMDQ0NTY3MDBmZmE2OTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVo01tOzTyppaFO5Zvl5oU79FVz2
B2DE+Yke9NdJA5iGTxqhxdLaGQrffvvQ3wIs8v7ys2c5yqvS37GSyAzXqimTxwM3
JsIchmB/Izg0oNYTIzMi8v6i2FzNfQk42lUWAgtNsgCMUN/AXkSdtRLfifcs3fzl
Riueh4Kw7uCkcC+2ctuwhtCmfexVIvb5DwiBs65mXm9iiIlz+NpkEJfsfzKcqS/z
Th8MRSwhK1CDrooEBC+GxluVVQahW+OOhMvHcaMVs1FESIEfa9TURLaOrvnIdS7q
paQNbyAFHL7Jn7thzUOdEUKEwd6BW/tCYn5Sxyx9JcKxWhtDCSc5LU6YqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPB4AqU0FoSCavQUVABEVnAP+mkeMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANVDkpNl8
MjkGwarZVqRKGJ6Q2uxCEO3CqGzYcuttdSRC1JQb693rIqaBZiaK43JSF246y0OU
GhvIdqHb2gGJmffvbyGSsU/lv9Ei+9+VaRy51uh0PX2zYntMzBgUDEmaFg2JzoZ8
0ScXkg3mpjxC4AnE/ULFBgJrRMAQi1Vo5gpzzR4CgwYFxOLontzKUNGIzoOpfn/V
d09TILr/3cki1Fv6HgcDmZpiemXnW2yNBHv15jBtZACknvHFppDKZ7Vncmqgz4fz
+wDrmmHJqBaz1Mzkw0CdmPC3Ox+d/cyeZV8X/xE8BduTltsxbiVMykQuNcVZO+pU
aipYxaioCmHvlw==
-----END CERTIFICATE-----