Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          V2Q5/sDn0AmxpMYxQcynym0sDlF7duRh0iN2f4gJQ5w=
Subject key identifier:   64:FE:09:7D:53:BF:7A:09:EB:4B:88:6D:52:60:04:DA:12:8B:F0:1F
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       019D985049A3C7AF522B28046CA59FD8E9F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          06F6
Signing time:             Thu 16 Apr 2026 22:01:31 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:31 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:31 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: G44wQk5efwSlwkLaKsD8Knf5/pCoBE3LOPH9ADisTkk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:49:a3:c7:af:52:2b:28:04:6c:a5:9f:d8:e9:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Apr 16 22:01:31 2026 GMT
            Not After : Apr 17 22:01:31 2026 GMT
        Subject: CN=64fe097d53bf7a09eb4b886d526004da128bf01f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:30:25:8c:fd:05:67:f4:31:f5:53:38:9c:98:
                    38:9a:af:16:ba:73:f8:88:c4:06:c5:90:0f:53:9b:
                    0e:18:51:80:d5:0e:50:d7:a9:6e:27:67:ce:c4:7e:
                    e7:6c:70:ee:b9:26:13:f7:10:9b:b9:5b:13:ca:c9:
                    be:4c:a0:7a:52:2f:5e:9d:36:d7:e1:81:b4:5f:3a:
                    41:10:9e:00:d9:22:ce:e2:34:ab:43:6a:70:33:2d:
                    c6:22:be:51:78:ce:28:27:00:0d:23:2f:22:b1:4e:
                    2f:41:59:dc:bc:ff:4e:e5:0e:c9:88:99:22:16:19:
                    44:3b:63:b2:fd:76:9b:a0:6d:6e:55:35:b0:e2:9e:
                    4c:42:3e:a2:9b:f0:03:9d:3a:b6:b6:77:49:1f:86:
                    de:64:90:ea:56:22:51:06:ae:09:2e:ba:53:a6:f3:
                    9f:46:9d:6a:8d:46:3e:f0:a3:df:81:ec:e5:f1:37:
                    02:b0:ee:26:dc:dd:f3:c3:11:82:bc:a0:4d:01:78:
                    19:be:f8:26:a9:01:e6:c1:66:c3:48:ed:a5:a8:d4:
                    a5:39:15:6d:b2:13:aa:56:bf:8b:c3:56:90:52:19:
                    83:e7:af:7f:98:03:3d:ae:62:44:b1:45:22:03:96:
                    38:ff:77:6e:4d:f7:7a:76:1c:7c:cd:01:29:b7:f5:
                    49:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:FE:09:7D:53:BF:7A:09:EB:4B:88:6D:52:60:04:DA:12:8B:F0:1F
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:de:87:0d:81:ab:71:df:f1:cb:71:c8:5b:ce:e3:bc:e7:91:
         17:5f:a6:61:16:09:db:f6:04:8b:da:91:bf:70:e1:21:bb:d3:
         c5:d6:1e:a5:a4:1d:42:0e:4c:d4:f2:b2:f9:22:62:2d:a9:5f:
         e1:05:41:4d:ea:73:71:10:59:d5:82:8c:8a:38:27:12:ff:ea:
         9c:c5:ff:80:4c:1a:c2:57:78:96:fc:8b:a6:06:aa:7d:f1:30:
         0d:28:46:1d:c3:29:e9:75:61:a7:ba:0a:21:a5:19:e5:cf:4a:
         81:9a:76:2f:a2:8f:01:21:91:70:b6:d4:a5:20:bf:84:de:c6:
         8e:ff:4f:b5:de:56:9c:c7:c2:0d:7e:22:46:9a:67:5b:e4:96:
         12:a7:57:7e:3b:4f:c0:fe:ee:23:1d:58:a4:79:86:af:03:5b:
         8e:5e:43:fa:66:62:e8:6f:b0:1a:b3:59:f6:71:c0:37:4f:64:
         12:fe:5c:48:ab:58:76:c7:fc:3e:6b:9f:00:d0:5e:97:c2:92:
         2b:f1:03:78:72:c1:6d:30:c4:5a:c7:01:a5:cf:27:4f:18:db:
         73:bc:32:fe:f5:61:b6:99:13:e1:64:58:cf:ab:ab:c2:1d:d3:
         0e:16:de:32:33:fc:e1:e3:ed:23:de:8f:06:ab:a1:d6:9a:82:
         ad:8b:79:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUEmjx69SKygEbKWf2On4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjYwNDE2MjIwMTMxWhcNMjYwNDE3MjIwMTMxWjAzMTEwLwYDVQQD
Eyg2NGZlMDk3ZDUzYmY3YTA5ZWI0Yjg4NmQ1MjYwMDRkYTEyOGJmMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DAljP0FZ/Qx9VM4nJg4mq8WunP4
iMQGxZAPU5sOGFGA1Q5Q16luJ2fOxH7nbHDuuSYT9xCbuVsTysm+TKB6Ui9enTbX
4YG0XzpBEJ4A2SLO4jSrQ2pwMy3GIr5ReM4oJwANIy8isU4vQVncvP9O5Q7JiJki
FhlEO2Oy/XaboG1uVTWw4p5MQj6im/ADnTq2tndJH4beZJDqViJRBq4JLrpTpvOf
Rp1qjUY+8KPfgezl8TcCsO4m3N3zwxGCvKBNAXgZvvgmqQHmwWbDSO2lqNSlORVt
shOqVr+Lw1aQUhmD569/mAM9rmJEsUUiA5Y4/3duTfd6dhx8zQEpt/VJtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGT+CX1Tv3oJ60uIbVJgBNoSi/AfMB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhd6HDYGr
cd/xy3HIW87jvOeRF1+mYRYJ2/YEi9qRv3DhIbvTxdYepaQdQg5M1PKy+SJiLalf
4QVBTepzcRBZ1YKMijgnEv/qnMX/gEwawld4lvyLpgaqffEwDShGHcMp6XVhp7oK
IaUZ5c9KgZp2L6KPASGRcLbUpSC/hN7Gjv9Ptd5WnMfCDX4iRppnW+SWEqdXfjtP
wP7uIx1YpHmGrwNbjl5D+mZi6G+wGrNZ9nHAN09kEv5cSKtYdsf8PmufANBel8KS
K/EDeHLBbTDEWscBpc8nTxjbc7wy/vVhtpkT4WRYz6urwh3TDhbeMjP84ePtI96P
Bquh1pqCrYt59A==
-----END CERTIFICATE-----