Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft
File:                     HwGmewzRspUViU7OlrUurL4EG9Q.mft (raw, json)
Hash identifier:          mf4/TQNxoCHq3JrPpX+exoHAPmvGP4ybn+jUBZPGqE8=
Subject key identifier:   E6:2D:BB:5C:AF:2C:DF:C5:66:65:36:AC:81:27:07:8C:14:BC:12:97
Authority key identifier: 1F:01:A6:7B:0C:D1:B2:95:15:89:4E:CE:96:B5:2E:AC:BE:04:1B:D4
Certificate issuer:       /CN=1f01a67b0cd1b29515894ece96b52eacbe041bd4
Certificate serial:       019D98BD6E9AFA8411870B74D2E3CB7E0C5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HwGmewzRspUViU7OlrUurL4EG9Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft
Manifest number:          0BF3
Signing time:             Fri 17 Apr 2026 00:00:44 +0000
Manifest this update:     Fri 17 Apr 2026 00:00:44 +0000
Manifest next update:     Sat 18 Apr 2026 00:00:44 +0000
Files and hashes:         1: HwGmewzRspUViU7OlrUurL4EG9Q.crl (hash: 9bwx1/ajvpcMsCnG8EMnDeLVFmSGVfIoRHTUXfmmxnc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HwGmewzRspUViU7OlrUurL4EG9Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 00:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:bd:6e:9a:fa:84:11:87:0b:74:d2:e3:cb:7e:0c:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f01a67b0cd1b29515894ece96b52eacbe041bd4
        Validity
            Not Before: Apr 17 00:00:44 2026 GMT
            Not After : Apr 18 00:00:44 2026 GMT
        Subject: CN=e62dbb5caf2cdfc5666536ac8127078c14bc1297
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:41:34:b6:88:f6:79:52:d4:30:5c:cf:ce:de:
                    02:20:ff:77:38:13:03:cd:f8:da:40:75:ad:34:06:
                    46:d1:c0:d2:f3:dd:ed:7f:da:39:b2:22:75:88:a7:
                    0b:64:2d:02:64:da:9c:56:5d:24:6a:d1:78:bf:56:
                    90:2b:77:e3:5c:3b:49:02:73:5a:bc:18:92:86:e5:
                    51:b1:70:16:ec:b9:a2:d2:68:82:d5:78:19:fc:18:
                    6c:8a:ae:4a:a9:2d:cc:c7:9c:10:1b:6e:e6:36:ed:
                    77:3d:e8:14:50:22:b0:a9:82:de:2c:1c:75:76:78:
                    d0:12:f3:0b:62:27:b2:c2:3e:5f:10:53:f8:fa:58:
                    37:09:5f:76:ba:54:1e:6b:5b:45:84:23:63:68:ea:
                    74:7e:3f:2d:b0:34:5e:ad:52:e5:8c:d1:80:89:c2:
                    dc:77:61:53:ef:72:33:90:dd:9e:41:2f:a2:33:89:
                    5e:78:1c:8c:38:22:47:1e:5a:97:19:f5:d5:26:2f:
                    90:d9:68:ed:57:36:57:60:05:a2:46:4a:68:76:fd:
                    c2:dd:5a:e1:e3:53:18:78:2d:d7:4a:14:20:3f:88:
                    0e:92:6b:7a:4f:9f:4c:f4:ee:66:b2:80:56:03:64:
                    1e:f2:24:e5:e0:cc:5d:a3:16:90:a4:11:e2:e9:f1:
                    46:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:2D:BB:5C:AF:2C:DF:C5:66:65:36:AC:81:27:07:8C:14:BC:12:97
            X509v3 Authority Key Identifier:
                keyid:1F:01:A6:7B:0C:D1:B2:95:15:89:4E:CE:96:B5:2E:AC:BE:04:1B:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwGmewzRspUViU7OlrUurL4EG9Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:7d:67:9c:34:90:58:44:82:60:fd:76:95:fb:64:e8:ff:c9:
         23:86:1d:a6:63:6a:e2:a9:92:2a:cc:88:41:27:65:cb:55:4b:
         aa:65:fe:7e:5d:94:9b:e8:a7:10:3e:c7:eb:e6:c9:4c:7d:c2:
         eb:12:7f:d8:d3:19:e2:2c:4a:b6:cb:ce:55:e8:d8:d1:e3:96:
         3f:2c:fe:56:5e:ba:bf:56:c3:0b:6a:a6:91:d3:50:67:b1:ac:
         9b:e8:06:cc:33:5d:2f:c9:42:a9:3d:75:aa:9e:ba:f1:2d:7a:
         8d:0a:f0:6d:ce:73:7e:ec:a5:a0:90:6e:9e:b7:42:82:7a:52:
         18:29:71:77:a9:f1:f0:a4:84:12:4f:cf:64:b5:ca:ea:78:71:
         3d:41:c5:7a:de:18:f6:a0:94:4a:7b:04:03:ab:66:4e:aa:93:
         66:8a:50:c5:f1:27:ca:fd:a0:3b:36:36:fe:72:f7:79:ce:dd:
         c3:2b:21:74:de:f7:8a:6d:a1:17:8d:e4:d9:dc:20:9e:25:f6:
         50:f7:5a:7d:59:3d:c9:ba:b4:f7:c7:39:d7:64:4c:18:56:b7:
         eb:b1:45:6e:75:bb:69:af:66:9a:9d:2c:60:8d:c3:0a:38:0a:
         7d:1e:fa:cb:05:65:54:d6:5a:53:ec:92:ce:9e:58:e2:81:83:
         b1:34:88:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvW6a+oQRhwt00uPLfgxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDFhNjdiMGNkMWIyOTUxNTg5NGVjZTk2YjUyZWFjYmUw
NDFiZDQwHhcNMjYwNDE3MDAwMDQ0WhcNMjYwNDE4MDAwMDQ0WjAzMTEwLwYDVQQD
EyhlNjJkYmI1Y2FmMmNkZmM1NjY2NTM2YWM4MTI3MDc4YzE0YmMxMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUE0toj2eVLUMFzPzt4CIP93OBMD
zfjaQHWtNAZG0cDS893tf9o5siJ1iKcLZC0CZNqcVl0katF4v1aQK3fjXDtJAnNa
vBiShuVRsXAW7Lmi0miC1XgZ/Bhsiq5KqS3Mx5wQG27mNu13PegUUCKwqYLeLBx1
dnjQEvMLYieywj5fEFP4+lg3CV92ulQea1tFhCNjaOp0fj8tsDRerVLljNGAicLc
d2FT73IzkN2eQS+iM4leeByMOCJHHlqXGfXVJi+Q2WjtVzZXYAWiRkpodv3C3Vrh
41MYeC3XShQgP4gOkmt6T59M9O5msoBWA2Qe8iTl4MxdoxaQpBHi6fFGEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOYtu1yvLN/FZmU2rIEnB4wUvBKXMB8GA1UdIwQY
MBaAFB8BpnsM0bKVFYlOzpa1Lqy+BBvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdHbWV3elJzcFVWaVU3T2xyVXVyTDRFRzlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lYTJlOTMtMzFkMC00OGFkLTg3ZWMt
YmRjMTE3MTIyZWZiLzEvSHdHbWV3elJzcFVWaVU3T2xyVXVyTDRFRzlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lYTJlOTMtMzFkMC00OGFkLTg3ZWMtYmRjMTE3MTIyZWZi
LzEvSHdHbWV3elJzcFVWaVU3T2xyVXVyTDRFRzlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY31nnDSQ
WESCYP12lftk6P/JI4YdpmNq4qmSKsyIQSdly1VLqmX+fl2Um+inED7H6+bJTH3C
6xJ/2NMZ4ixKtsvOVejY0eOWPyz+Vl66v1bDC2qmkdNQZ7Gsm+gGzDNdL8lCqT11
qp668S16jQrwbc5zfuyloJBunrdCgnpSGClxd6nx8KSEEk/PZLXK6nhxPUHFet4Y
9qCUSnsEA6tmTqqTZopQxfEnyv2gOzY2/nL3ec7dwyshdN73im2hF43k2dwgniX2
UPdafVk9ybq098c512RMGFa367FFbnW7aa9mmp0sYI3DCjgKfR76ywVlVNZaU+yS
zp5Y4oGDsTSIMA==
-----END CERTIFICATE-----