Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
File:                     HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft (raw, json)
Hash identifier:          qUsTPgA24pbe9FZXBeyoftClx122dp/8Hdm9l8gFoL0=
Subject key identifier:   EA:D6:6E:FC:A2:EE:E5:91:99:62:D6:B2:83:6A:54:27:20:85:5D:42
Authority key identifier: 1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60
Certificate issuer:       /CN=1c1618e04372d9b27f417d229f82614027bc3c60
Certificate serial:       019CA97C81E36DECF5D18B1B94B38BECC50F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
Manifest number:          0BA1
Signing time:             Sun 01 Mar 2026 13:00:35 +0000
Manifest this update:     Sun 01 Mar 2026 13:00:35 +0000
Manifest next update:     Mon 02 Mar 2026 13:00:35 +0000
Files and hashes:         1: HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl (hash: kdX1YpCBuYaADtvHfR7IyOgoDosrb2kiascjIKhJ7nM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7c:81:e3:6d:ec:f5:d1:8b:1b:94:b3:8b:ec:c5:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1618e04372d9b27f417d229f82614027bc3c60
        Validity
            Not Before: Mar  1 13:00:35 2026 GMT
            Not After : Mar  2 13:00:35 2026 GMT
        Subject: CN=ead66efca2eee5919962d6b2836a542720855d42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:04:bf:63:02:d9:82:70:b5:db:1b:ea:6c:d7:
                    e6:78:8f:ef:03:22:36:91:e8:c2:a1:b4:5c:f7:5c:
                    28:3a:00:c6:51:6f:9c:1f:35:3a:c1:59:5f:59:f2:
                    fa:7a:04:2f:d0:d8:f2:65:f0:fa:24:5e:44:1d:72:
                    52:59:4a:a6:65:34:80:9f:50:20:23:aa:05:33:6d:
                    02:3b:3d:a4:f6:1a:8e:0e:30:97:e9:3a:36:25:e9:
                    52:8f:a5:fd:d2:69:d5:c5:69:aa:b5:61:49:4d:5b:
                    9e:33:7f:74:8a:39:ec:17:c1:f0:6d:fd:f4:65:5b:
                    98:cf:a4:26:79:49:b9:a4:f2:c6:d5:93:3d:9a:70:
                    91:60:a0:70:c5:0c:a0:c4:96:c6:e0:6c:e8:b0:c6:
                    df:98:87:74:ee:0d:e3:eb:41:7b:6d:a4:5f:1e:0c:
                    98:18:7a:7e:5c:f9:0c:93:11:5e:9c:ae:4e:53:5c:
                    c4:e8:b5:b3:75:6b:e3:bb:be:b7:31:91:6b:36:0c:
                    cf:6b:91:68:ff:4f:f9:24:32:8c:a5:26:ad:13:5f:
                    0f:da:f3:e9:9c:1b:c0:27:07:6d:c8:20:58:f0:93:
                    0d:18:ba:5b:f5:53:4a:91:d0:5b:29:15:f3:07:87:
                    e4:19:12:44:aa:ec:85:de:e1:b2:ce:60:e2:76:6f:
                    9f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:D6:6E:FC:A2:EE:E5:91:99:62:D6:B2:83:6A:54:27:20:85:5D:42
            X509v3 Authority Key Identifier:
                keyid:1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:d9:d9:2d:3b:59:1c:a2:a4:31:9a:36:08:7a:69:00:fc:ef:
         a9:ba:be:c2:bd:d4:cd:3b:60:5b:82:92:05:9e:45:5d:ac:e7:
         04:df:0a:e2:da:a1:b6:21:fa:d3:03:2c:75:93:4d:da:8a:35:
         38:d1:0f:af:ff:f2:f1:56:53:6c:61:20:57:2b:5d:78:b0:b2:
         e1:15:f9:f5:f2:1d:73:59:85:22:85:70:99:ad:87:68:21:e3:
         ee:8f:66:18:27:e3:b3:e5:ee:49:bc:e8:88:0b:18:e7:85:46:
         12:86:b8:0a:28:8e:bf:6a:05:ad:74:b3:39:a9:42:81:3b:f0:
         0c:3d:d0:33:e5:3e:0a:ea:3e:ef:7c:92:88:a1:66:87:05:58:
         bd:67:92:51:47:dd:c9:e4:2e:ee:40:fb:29:1a:c5:9f:b3:8e:
         7f:53:b5:41:7e:15:e1:49:0b:1e:00:f0:e1:62:f9:bf:9b:86:
         67:90:53:a4:a3:68:ef:58:f6:47:04:e8:96:a0:79:86:a7:aa:
         a3:e9:e6:10:ab:74:41:e5:ec:dc:ae:68:d8:c4:be:50:0c:4b:
         5d:8d:b7:e7:41:46:30:d4:99:3c:37:b2:09:b9:9b:b9:9c:26:
         c1:a1:69:8e:5a:c6:9c:a9:06:3b:ee:6a:6b:49:05:ab:5a:ef:
         3a:5e:82:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfIHjbez10YsblLOL7MUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMTYxOGUwNDM3MmQ5YjI3ZjQxN2QyMjlmODI2MTQwMjdi
YzNjNjAwHhcNMjYwMzAxMTMwMDM1WhcNMjYwMzAyMTMwMDM1WjAzMTEwLwYDVQQD
EyhlYWQ2NmVmY2EyZWVlNTkxOTk2MmQ2YjI4MzZhNTQyNzIwODU1ZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AS/YwLZgnC12xvqbNfmeI/vAyI2
kejCobRc91woOgDGUW+cHzU6wVlfWfL6egQv0NjyZfD6JF5EHXJSWUqmZTSAn1Ag
I6oFM20COz2k9hqODjCX6To2JelSj6X90mnVxWmqtWFJTVueM390ijnsF8Hwbf30
ZVuYz6QmeUm5pPLG1ZM9mnCRYKBwxQygxJbG4GzosMbfmId07g3j60F7baRfHgyY
GHp+XPkMkxFenK5OU1zE6LWzdWvju763MZFrNgzPa5Fo/0/5JDKMpSatE18P2vPp
nBvAJwdtyCBY8JMNGLpb9VNKkdBbKRXzB4fkGRJEquyF3uGyzmDidm+fkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrWbvyi7uWRmWLWsoNqVCcghV1CMB8GA1UdIwQY
MBaAFBwWGOBDctmyf0F9Ip+CYUAnvDxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2Qt
YTM5NWFiMzVkOGVhLzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2QtYTM5NWFiMzVkOGVh
LzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALtnZLTtZ
HKKkMZo2CHppAPzvqbq+wr3UzTtgW4KSBZ5FXaznBN8K4tqhtiH60wMsdZNN2oo1
ONEPr//y8VZTbGEgVytdeLCy4RX59fIdc1mFIoVwma2HaCHj7o9mGCfjs+XuSbzo
iAsY54VGEoa4CiiOv2oFrXSzOalCgTvwDD3QM+U+Cuo+73ySiKFmhwVYvWeSUUfd
yeQu7kD7KRrFn7OOf1O1QX4V4UkLHgDw4WL5v5uGZ5BTpKNo71j2RwTolqB5hqeq
o+nmEKt0QeXs3K5o2MS+UAxLXY2350FGMNSZPDeyCbmbuZwmwaFpjlrGnKkGO+5q
a0kFq1rvOl6CaQ==
-----END CERTIFICATE-----