Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          Pt7ZRljE6MsNUkwCEKpZShl9hWNaiDkpc2oA3SOD8T0=
Subject key identifier:   CE:DC:CE:51:C8:CF:1F:F7:29:98:E3:35:49:58:62:5B:3F:D7:03:F4
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       019D3940B1B880DF91EDE9C0CAD0F3CFC1FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          0566
Signing time:             Sun 29 Mar 2026 11:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:34 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: 0sJUyDdnVzz4IR34xAKBRGV/VEhI6rfm9UewoA1q4jg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:b1:b8:80:df:91:ed:e9:c0:ca:d0:f3:cf:c1:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Mar 29 11:00:34 2026 GMT
            Not After : Mar 30 11:00:34 2026 GMT
        Subject: CN=cedcce51c8cf1ff72998e3354958625b3fd703f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:53:d9:19:06:96:47:59:45:74:19:b5:f7:31:
                    f2:5c:02:00:51:66:b3:6e:87:c6:e7:7f:32:af:52:
                    4c:eb:c7:9d:93:ee:dd:e9:c7:f5:9e:1b:5d:cf:01:
                    a7:81:a2:18:21:26:d1:08:e3:ca:3f:ae:a3:0a:0d:
                    f0:fc:33:c2:b1:06:a5:11:fb:a4:d0:1e:f9:b4:6b:
                    f1:1b:a1:06:7a:6b:c7:0a:ac:53:dc:5f:5a:55:51:
                    25:de:58:5b:43:8e:8c:46:d1:14:0b:1b:25:75:24:
                    b2:90:10:38:6e:01:6c:cc:c7:f9:1e:d3:88:46:39:
                    45:1c:24:fd:40:e3:59:3b:ae:7e:a3:35:43:be:12:
                    4e:f1:c8:08:05:c3:36:e7:e2:00:1e:c3:02:d8:6f:
                    1e:bf:d1:6c:43:9d:05:98:e0:a7:06:3b:22:0e:2b:
                    09:44:cf:2a:a9:20:30:82:40:43:7d:79:42:9f:81:
                    c1:23:ef:e7:cf:19:91:56:ca:ce:63:dd:4c:2a:13:
                    4d:7c:39:f1:d9:ac:78:55:ff:41:ce:b0:da:b2:81:
                    e7:89:dc:3c:ef:95:ba:57:49:68:af:e9:f8:99:6e:
                    9a:aa:3a:2e:1b:a1:d4:63:c8:c0:0f:de:3c:6a:f3:
                    03:11:2f:f4:0b:87:cc:92:70:25:ea:11:fd:28:de:
                    8c:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:DC:CE:51:C8:CF:1F:F7:29:98:E3:35:49:58:62:5B:3F:D7:03:F4
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:0c:48:0c:9a:a7:98:db:e7:41:34:08:bd:9e:d8:cd:f1:a2:
         d8:25:ab:66:25:b0:46:9e:2e:25:54:50:dc:3f:f3:df:af:54:
         da:0d:c1:e8:3d:b9:4a:92:3d:89:2c:70:19:16:99:ce:7c:ee:
         96:15:d6:8f:1d:a8:a4:c3:f5:02:29:30:d7:96:a6:1c:6e:5a:
         9d:9f:0e:ac:b6:f1:1f:65:0d:45:f4:dd:93:78:1f:50:b1:4e:
         8b:ff:ca:04:1b:76:fc:26:71:e1:ad:9e:e4:aa:6b:ae:89:79:
         c0:86:84:31:23:2f:95:dd:e3:2f:0c:e6:6a:78:61:c9:40:eb:
         bf:0f:49:8e:76:34:af:0b:10:b4:6b:03:91:72:e3:b0:99:1f:
         c3:f0:39:ee:99:52:d6:42:bb:dc:0c:7b:fc:b3:df:5c:63:d2:
         2e:af:fa:95:3b:64:2a:34:8a:13:7d:e4:d2:ae:8d:e0:9f:9a:
         a5:b9:b2:38:1c:fa:75:c5:1a:de:fa:6d:76:1d:22:04:c3:26:
         b5:f0:6d:23:14:00:77:f0:13:7c:fe:ff:7d:8b:b8:32:f7:b6:
         5d:c9:a3:a0:44:e8:fa:a6:12:f5:c5:f8:18:df:70:d2:7f:cf:
         61:c4:04:a1:fb:4e:2b:84:2f:2f:30:a6:6a:c6:66:60:ab:5f:
         e8:52:4a:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QLG4gN+R7enAytDzz8H9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjYwMzI5MTEwMDM0WhcNMjYwMzMwMTEwMDM0WjAzMTEwLwYDVQQD
EyhjZWRjY2U1MWM4Y2YxZmY3Mjk5OGUzMzU0OTU4NjI1YjNmZDcwM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFPZGQaWR1lFdBm19zHyXAIAUWaz
bofG538yr1JM68edk+7d6cf1nhtdzwGngaIYISbRCOPKP66jCg3w/DPCsQalEfuk
0B75tGvxG6EGemvHCqxT3F9aVVEl3lhbQ46MRtEUCxsldSSykBA4bgFszMf5HtOI
RjlFHCT9QONZO65+ozVDvhJO8cgIBcM25+IAHsMC2G8ev9FsQ50FmOCnBjsiDisJ
RM8qqSAwgkBDfXlCn4HBI+/nzxmRVsrOY91MKhNNfDnx2ax4Vf9BzrDasoHnidw8
75W6V0lor+n4mW6aqjouG6HUY8jAD948avMDES/0C4fMknAl6hH9KN6M+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM7czlHIzx/3KZjjNUlYYls/1wP0MB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATgxIDJqn
mNvnQTQIvZ7YzfGi2CWrZiWwRp4uJVRQ3D/z369U2g3B6D25SpI9iSxwGRaZznzu
lhXWjx2opMP1Aikw15amHG5anZ8OrLbxH2UNRfTdk3gfULFOi//KBBt2/CZx4a2e
5Kprrol5wIaEMSMvld3jLwzmanhhyUDrvw9JjnY0rwsQtGsDkXLjsJkfw/A57plS
1kK73Ax7/LPfXGPSLq/6lTtkKjSKE33k0q6N4J+apbmyOBz6dcUa3vptdh0iBMMm
tfBtIxQAd/ATfP7/fYu4Mve2XcmjoETo+qYS9cX4GN9w0n/PYcQEoftOK4QvLzCm
asZmYKtf6FJK0A==
-----END CERTIFICATE-----