Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          rZgGm57wH41258+hBsmBHvJzYfboatPBF7tZg2iPi90=
Subject key identifier:   83:C1:50:B0:34:2D:1B:EE:A6:67:EC:6A:00:03:F4:73:78:A2:70:EB
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019CAAC6F3377D297421FDC1B567021C9155
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 19:01:30 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:30 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:30 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: CU/pE6w4hleEdWmCKSgKSVIQN9vUkK+POkHEWzf38uM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 19:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:f3:37:7d:29:74:21:fd:c1:b5:67:02:1c:91:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Mar  1 19:01:30 2026 GMT
            Not After : Mar  2 19:01:30 2026 GMT
        Subject: CN=83c150b0342d1beea667ec6a0003f47378a270eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:f5:91:58:e8:ae:20:c2:f4:b6:0c:ec:68:ee:
                    5d:09:45:18:4e:1d:3c:0a:c2:9c:63:4d:a8:f6:50:
                    b5:66:34:6f:2d:aa:ed:14:3c:d2:0d:0d:0c:d4:0f:
                    eb:74:60:a6:b7:f2:a2:dd:85:31:16:af:c3:9f:5f:
                    f5:eb:96:1e:1f:8f:9c:7f:30:e1:49:f8:f1:ad:df:
                    ac:54:72:33:4a:5a:cf:da:55:f2:71:6f:1c:00:ac:
                    e9:88:1b:3c:0a:21:d0:ff:ae:d4:f9:e2:af:a7:e6:
                    7b:d7:61:13:d0:bd:f6:48:75:c1:d5:44:c6:4b:8a:
                    d0:94:f9:02:d8:02:f0:8a:9b:26:a8:92:f7:f7:a9:
                    ea:cb:c4:40:4d:a6:b0:70:b0:bf:d4:c0:dc:8a:ed:
                    df:65:57:0c:3f:c0:b3:c1:4f:63:6b:fc:02:af:67:
                    8c:5c:0b:c0:a1:21:f3:08:24:46:72:1b:39:1c:9d:
                    14:32:ba:f3:45:11:2e:1a:1d:87:29:98:c7:6b:79:
                    70:0a:f3:e2:f2:9a:0d:d5:90:65:b5:f9:e9:40:bd:
                    1b:48:ab:1e:42:49:df:3b:0d:8c:9a:1c:04:34:b5:
                    b6:54:8f:41:ca:c6:08:51:06:0a:b9:61:05:27:de:
                    88:0d:c8:34:f1:e2:df:0c:bf:4e:38:57:9e:ca:9f:
                    7a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:C1:50:B0:34:2D:1B:EE:A6:67:EC:6A:00:03:F4:73:78:A2:70:EB
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:90:b4:3d:0b:25:59:19:ed:93:9d:19:bf:c1:5c:ba:5e:34:
         69:52:eb:be:18:d8:e8:db:44:74:3c:2d:b3:30:73:9d:24:f0:
         f1:df:db:89:b7:e0:7c:b7:a9:be:69:a9:50:f7:e4:c5:f1:39:
         78:aa:29:d6:61:05:75:4b:11:0a:23:d9:db:87:a6:bb:2e:64:
         d2:3e:17:aa:fb:9b:0a:4a:bb:e5:b6:90:89:d1:5e:ed:d5:36:
         1b:63:e4:38:54:9a:87:19:c2:b2:c0:c3:22:c8:7c:35:d0:87:
         a4:05:6b:fa:2b:26:4a:87:7d:f2:7b:3a:91:5b:a1:52:58:c8:
         13:f2:ce:02:79:4e:96:45:4b:6c:7d:36:49:d9:a6:86:7d:ee:
         ba:56:97:a7:cb:cb:bf:05:17:da:e3:19:18:e2:46:bc:d1:75:
         f9:01:23:ff:1d:26:ed:65:2a:ed:bf:f2:54:70:48:31:fc:8a:
         41:1f:c1:69:07:76:31:89:ba:fb:82:29:f4:aa:ea:22:db:bb:
         82:86:5b:7b:65:d4:f6:28:eb:58:19:be:a4:19:37:66:12:d9:
         cf:cb:7f:59:fb:8d:8e:76:f9:ca:cf:30:b5:03:45:50:ec:ff:
         3d:66:29:8f:15:77:6e:65:66:37:27:1a:30:23:35:26:09:34:
         d6:b8:1c:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxvM3fSl0If3BtWcCHJFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjYwMzAxMTkwMTMwWhcNMjYwMzAyMTkwMTMwWjAzMTEwLwYDVQQD
Eyg4M2MxNTBiMDM0MmQxYmVlYTY2N2VjNmEwMDAzZjQ3Mzc4YTI3MGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fWRWOiuIML0tgzsaO5dCUUYTh08
CsKcY02o9lC1ZjRvLartFDzSDQ0M1A/rdGCmt/Ki3YUxFq/Dn1/165YeH4+cfzDh
Sfjxrd+sVHIzSlrP2lXycW8cAKzpiBs8CiHQ/67U+eKvp+Z712ET0L32SHXB1UTG
S4rQlPkC2ALwipsmqJL396nqy8RATaawcLC/1MDciu3fZVcMP8CzwU9ja/wCr2eM
XAvAoSHzCCRGchs5HJ0UMrrzRREuGh2HKZjHa3lwCvPi8poN1ZBltfnpQL0bSKse
QknfOw2MmhwENLW2VI9BysYIUQYKuWEFJ96IDcg08eLfDL9OOFeeyp96EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPBULA0LRvupmfsagAD9HN4onDrMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATpC0PQsl
WRntk50Zv8Fcul40aVLrvhjY6NtEdDwtszBznSTw8d/bibfgfLepvmmpUPfkxfE5
eKop1mEFdUsRCiPZ24emuy5k0j4XqvubCkq75baQidFe7dU2G2PkOFSahxnCssDD
Ish8NdCHpAVr+ismSod98ns6kVuhUljIE/LOAnlOlkVLbH02Sdmmhn3uulaXp8vL
vwUX2uMZGOJGvNF1+QEj/x0m7WUq7b/yVHBIMfyKQR/BaQd2MYm6+4Ip9KrqItu7
goZbe2XU9ijrWBm+pBk3ZhLZz8t/WfuNjnb5ys8wtQNFUOz/PWYpjxV3bmVmNyca
MCM1Jgk01rgcRQ==
-----END CERTIFICATE-----