Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          aqrPG5va14+2dGAKvRoqAcUV/Tf3ZXHhggRu6IVG46E=
Subject key identifier:   4D:10:45:42:7C:E1:7A:A8:8F:D1:81:F1:40:93:9F:EA:49:5F:F8:3A
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019D98508D0A44A3E88AB2BF881D52F616C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          18BE
Signing time:             Thu 16 Apr 2026 22:01:48 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:48 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:48 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: tQppI3KatqwU/Yf2XJnxPeaJgkNTnSKqi5hbftOlPxQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:8d:0a:44:a3:e8:8a:b2:bf:88:1d:52:f6:16:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Apr 16 22:01:48 2026 GMT
            Not After : Apr 17 22:01:48 2026 GMT
        Subject: CN=4d1045427ce17aa88fd181f140939fea495ff83a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1e:3f:bf:79:52:1f:fb:ca:36:38:1e:ca:3f:
                    5d:d8:04:e0:69:0d:7f:04:78:06:2b:a9:5d:3c:29:
                    0f:d4:de:1b:33:3c:4e:e7:3e:61:cc:fb:e3:47:89:
                    a7:ce:31:e0:55:4a:3b:2b:5d:19:a5:a1:cb:7e:cb:
                    1e:4b:87:e6:73:70:fe:ac:b5:b1:b7:e0:c3:6c:64:
                    9d:31:c8:08:73:cd:72:f9:8a:cf:03:ef:2f:da:b8:
                    ff:12:a3:15:8c:b1:e8:dd:8b:49:a2:bf:80:c7:97:
                    57:10:75:e2:79:f7:ae:77:48:3c:81:86:a4:27:a8:
                    86:62:03:b3:e5:d5:6e:d3:9f:c2:0e:af:38:0b:c9:
                    c5:f8:26:ba:36:a9:59:25:db:2c:86:cb:c8:63:eb:
                    a7:4e:98:03:8e:1b:c4:34:e6:36:ca:bb:98:2d:f2:
                    7e:00:3c:8b:38:f3:57:3f:93:b0:d4:35:5d:d8:77:
                    52:df:da:f4:2c:4f:db:65:49:ad:ab:36:3c:e8:3a:
                    5d:9c:20:6d:f1:55:a8:c2:f5:df:6c:67:de:01:a3:
                    ba:ad:c1:a8:08:9a:da:56:3b:a7:f1:c6:a4:65:45:
                    73:e8:ae:45:6f:31:a4:d9:43:25:05:0e:6a:55:fc:
                    59:7b:62:f2:c9:ae:ce:98:dd:de:eb:1a:0c:26:30:
                    ec:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:10:45:42:7C:E1:7A:A8:8F:D1:81:F1:40:93:9F:EA:49:5F:F8:3A
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:c5:ce:45:b3:0d:6a:8f:e3:37:17:7e:8c:aa:00:b9:e6:e0:
         b6:6a:96:36:c8:da:6f:0c:73:76:80:68:62:26:67:63:3d:44:
         7d:c5:cf:33:cc:17:c5:d4:ce:a6:cb:1d:4d:ff:6a:4d:18:97:
         03:1d:4b:42:08:e2:95:0b:af:cd:7a:3d:99:d6:77:02:21:46:
         ab:bc:d2:f4:bf:a6:24:4f:a5:5d:3a:6f:63:2a:34:c9:26:91:
         4f:82:77:29:59:88:c3:2a:2c:23:c2:48:19:3a:50:fd:8b:51:
         dd:80:19:e6:2d:3b:35:01:5a:b3:f4:5e:a7:0f:55:90:c7:d7:
         0a:88:a0:29:02:33:b8:bf:5e:ea:f7:77:92:07:94:5f:7f:85:
         63:df:04:6c:53:7d:a0:c9:6e:2e:6a:6c:de:2f:99:55:99:c0:
         5a:37:af:01:2e:b2:60:ed:b1:08:52:aa:4a:eb:2b:01:ef:ca:
         0d:19:f0:08:0c:0e:87:b3:8d:94:d7:4f:b1:70:67:8d:52:c9:
         30:d4:a3:a1:3f:99:ec:44:d1:cc:77:72:23:ac:89:b2:e7:7c:
         28:90:52:32:ed:43:37:69:fb:7b:49:bb:99:d0:e7:33:dc:6e:
         30:bd:57:6a:c5:08:fd:5e:5e:d9:33:57:21:67:05:db:e4:9a:
         03:a2:39:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUI0KRKPoirK/iB1S9hbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjYwNDE2MjIwMTQ4WhcNMjYwNDE3MjIwMTQ4WjAzMTEwLwYDVQQD
Eyg0ZDEwNDU0MjdjZTE3YWE4OGZkMTgxZjE0MDkzOWZlYTQ5NWZmODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx4/v3lSH/vKNjgeyj9d2ATgaQ1/
BHgGK6ldPCkP1N4bMzxO5z5hzPvjR4mnzjHgVUo7K10ZpaHLfsseS4fmc3D+rLWx
t+DDbGSdMcgIc81y+YrPA+8v2rj/EqMVjLHo3YtJor+Ax5dXEHXiefeud0g8gYak
J6iGYgOz5dVu05/CDq84C8nF+Ca6NqlZJdsshsvIY+unTpgDjhvENOY2yruYLfJ+
ADyLOPNXP5Ow1DVd2HdS39r0LE/bZUmtqzY86DpdnCBt8VWowvXfbGfeAaO6rcGo
CJraVjun8cakZUVz6K5FbzGk2UMlBQ5qVfxZe2Lyya7OmN3e6xoMJjDs5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0QRUJ84Xqoj9GB8UCTn+pJX/g6MB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABsXORbMN
ao/jNxd+jKoAuebgtmqWNsjabwxzdoBoYiZnYz1EfcXPM8wXxdTOpssdTf9qTRiX
Ax1LQgjilQuvzXo9mdZ3AiFGq7zS9L+mJE+lXTpvYyo0ySaRT4J3KVmIwyosI8JI
GTpQ/YtR3YAZ5i07NQFas/Repw9VkMfXCoigKQIzuL9e6vd3kgeUX3+FY98EbFN9
oMluLmps3i+ZVZnAWjevAS6yYO2xCFKqSusrAe/KDRnwCAwOh7ONlNdPsXBnjVLJ
MNSjoT+Z7ETRzHdyI6yJsud8KJBSMu1DN2n7e0m7mdDnM9xuML1XasUI/V5e2TNX
IWcF2+SaA6I5IA==
-----END CERTIFICATE-----