Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft
File:                     Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft (raw, json)
Hash identifier:          2mxxRrDskAatnvMQDifNdDbnuFT86iaRWHkm6zKw+e8=
Subject key identifier:   CF:31:EE:9A:29:4A:89:E5:E2:C2:5A:38:8C:DE:5F:A3:F9:1A:B2:39
Authority key identifier: 1E:DC:3A:97:F1:CC:AE:F7:F1:08:69:91:CF:7B:10:A4:10:CE:19:42
Certificate issuer:       /CN=1edc3a97f1ccaef7f1086991cf7b10a410ce1942
Certificate serial:       019DA3E6E95C2655D410B2D7E99B01296F76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Htw6l_HMrvfxCGmRz3sQpBDOGUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft
Manifest number:          17D9
Signing time:             Sun 19 Apr 2026 04:01:52 +0000
Manifest this update:     Sun 19 Apr 2026 04:01:52 +0000
Manifest next update:     Mon 20 Apr 2026 04:01:52 +0000
Files and hashes:         1: Htw6l_HMrvfxCGmRz3sQpBDOGUI.crl (hash: VzfZCjxHdRqOt20ugmVy1T2KEmlYUfTSpE5VZuN1tIM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Htw6l_HMrvfxCGmRz3sQpBDOGUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:e6:e9:5c:26:55:d4:10:b2:d7:e9:9b:01:29:6f:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1edc3a97f1ccaef7f1086991cf7b10a410ce1942
        Validity
            Not Before: Apr 19 04:01:52 2026 GMT
            Not After : Apr 20 04:01:52 2026 GMT
        Subject: CN=cf31ee9a294a89e5e2c25a388cde5fa3f91ab239
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:96:61:a9:9e:e2:2f:9a:0a:b6:2c:a7:80:54:
                    ab:a8:b4:dc:9f:1a:b5:5e:f7:18:9c:6f:0e:9e:fc:
                    57:8a:2c:14:ab:b6:ed:9f:e3:75:78:db:eb:ee:ab:
                    0e:06:25:13:9d:1f:52:0c:85:90:c9:b8:e2:06:ff:
                    d8:f9:5b:f6:54:b0:7f:f0:5e:36:14:4e:69:44:bf:
                    e3:b0:a6:c9:85:13:ff:d5:64:1e:9e:4e:81:b4:65:
                    02:a2:45:33:8a:66:e2:82:f1:b2:45:50:ed:c4:5f:
                    6b:bc:96:53:30:f9:5d:c0:15:b8:0f:ed:d6:91:e6:
                    fb:41:19:ef:26:8c:1d:18:08:84:1c:f9:b4:79:ce:
                    4d:5b:e4:fa:ba:36:1c:13:fe:a3:b1:62:da:f3:60:
                    64:e7:ca:68:76:e7:15:dc:05:1e:52:cd:bb:a1:53:
                    8a:15:58:37:f8:21:ec:f6:02:11:42:31:d5:0b:11:
                    56:4c:7b:a6:b4:7b:1b:77:70:59:a3:10:bc:64:b3:
                    77:16:13:bd:45:6a:f0:26:a6:30:9c:bc:db:32:70:
                    95:74:6d:10:62:e8:6b:71:53:f2:87:97:d7:cc:81:
                    22:79:24:78:dc:08:1c:3f:ca:e4:ef:ad:22:c3:06:
                    17:b0:ca:93:cf:5f:7b:a1:0b:0b:74:32:4a:46:1c:
                    cb:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:31:EE:9A:29:4A:89:E5:E2:C2:5A:38:8C:DE:5F:A3:F9:1A:B2:39
            X509v3 Authority Key Identifier:
                keyid:1E:DC:3A:97:F1:CC:AE:F7:F1:08:69:91:CF:7B:10:A4:10:CE:19:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Htw6l_HMrvfxCGmRz3sQpBDOGUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:32:20:d1:23:e3:df:db:d5:08:ba:2e:98:a1:38:f6:cf:94:
         1f:33:d2:5c:cf:f2:25:5e:02:ee:ae:77:d1:2f:ed:c7:28:cf:
         9d:f0:0b:8b:3c:42:9e:c0:47:c9:cf:d3:be:73:17:06:6f:ac:
         96:48:2a:4c:c8:01:f1:36:da:ee:a0:76:91:d9:93:d9:e1:24:
         8d:ce:0f:f4:74:44:e9:fb:98:7e:76:75:9a:12:5f:fd:aa:ac:
         e0:58:1b:d3:ba:84:ac:ee:2c:9c:89:5f:6b:d1:26:32:19:55:
         78:f1:03:e3:cd:39:82:35:a9:e5:51:17:ce:55:c3:42:d5:5d:
         9e:d4:5a:e7:7b:77:c3:8a:1b:4e:ec:f8:d0:13:69:5c:0e:3b:
         6c:d3:81:46:b9:82:ee:60:91:20:7a:02:1c:b1:b2:bd:95:9d:
         cf:f3:c9:4f:7f:35:66:44:49:9a:2b:f3:a5:7d:79:1c:d0:dd:
         ca:a7:f2:63:97:ed:36:3b:5f:c4:61:df:65:4d:ba:a8:a3:20:
         f3:56:10:cc:e9:54:de:0e:fe:54:0a:65:2d:f8:2c:b7:b7:69:
         bb:f1:7b:92:49:df:11:c6:f2:df:dc:9b:d1:c5:c1:4c:1c:d6:
         f5:03:43:1f:6b:d1:d5:c3:72:c1:4f:31:c8:97:33:9f:f6:24:
         c0:30:3d:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5ulcJlXUELLX6ZsBKW92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZGMzYTk3ZjFjY2FlZjdmMTA4Njk5MWNmN2IxMGE0MTBj
ZTE5NDIwHhcNMjYwNDE5MDQwMTUyWhcNMjYwNDIwMDQwMTUyWjAzMTEwLwYDVQQD
EyhjZjMxZWU5YTI5NGE4OWU1ZTJjMjVhMzg4Y2RlNWZhM2Y5MWFiMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZZhqZ7iL5oKtiyngFSrqLTcnxq1
XvcYnG8OnvxXiiwUq7btn+N1eNvr7qsOBiUTnR9SDIWQybjiBv/Y+Vv2VLB/8F42
FE5pRL/jsKbJhRP/1WQenk6BtGUCokUzimbigvGyRVDtxF9rvJZTMPldwBW4D+3W
keb7QRnvJowdGAiEHPm0ec5NW+T6ujYcE/6jsWLa82Bk58poducV3AUeUs27oVOK
FVg3+CHs9gIRQjHVCxFWTHumtHsbd3BZoxC8ZLN3FhO9RWrwJqYwnLzbMnCVdG0Q
YuhrcVPyh5fXzIEieSR43AgcP8rk760iwwYXsMqTz197oQsLdDJKRhzLTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8x7popSonl4sJaOIzeX6P5GrI5MB8GA1UdIwQY
MBaAFB7cOpfxzK738Qhpkc97EKQQzhlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHR3NmxfSE1ydmZ4Q0dtUnozc1FwQkRPR1VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8wZDA3MjQtNTVmNS00NzU1LTk5YzIt
NjEyNjUxYWUzZWIzLzEvSHR3NmxfSE1ydmZ4Q0dtUnozc1FwQkRPR1VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8wZDA3MjQtNTVmNS00NzU1LTk5YzItNjEyNjUxYWUzZWIz
LzEvSHR3NmxfSE1ydmZ4Q0dtUnozc1FwQkRPR1VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZDIg0SPj
39vVCLoumKE49s+UHzPSXM/yJV4C7q530S/txyjPnfALizxCnsBHyc/TvnMXBm+s
lkgqTMgB8Tba7qB2kdmT2eEkjc4P9HRE6fuYfnZ1mhJf/aqs4Fgb07qErO4snIlf
a9EmMhlVePED4805gjWp5VEXzlXDQtVdntRa53t3w4obTuz40BNpXA47bNOBRrmC
7mCRIHoCHLGyvZWdz/PJT381ZkRJmivzpX15HNDdyqfyY5ftNjtfxGHfZU26qKMg
81YQzOlU3g7+VAplLfgst7dpu/F7kknfEcby39yb0cXBTBzW9QNDH2vR1cNywU8x
yJczn/YkwDA93A==
-----END CERTIFICATE-----