Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          ShTEwSqwEGlK2XFaefh9cPoMsz6Eb+qd3EwoIn0dTLk=
Subject key identifier:   67:A9:B3:10:9E:3A:41:7A:76:34:FC:B3:23:00:2C:1D:77:50:F1:88
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       019CAAC681DF97E0009A5927ACB6EAC9677F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          067B
Signing time:             Sun 01 Mar 2026 19:01:01 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:01 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:01 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: cfZFHHmXESd5oMFi5InQt1R8Qzzmmb8Ud7HLyPcvcSc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:81:df:97:e0:00:9a:59:27:ac:b6:ea:c9:67:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Mar  1 19:01:01 2026 GMT
            Not After : Mar  2 19:01:01 2026 GMT
        Subject: CN=67a9b3109e3a417a7634fcb323002c1d7750f188
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:05:c3:e6:91:f1:e5:89:d3:1a:70:7d:63:ac:
                    4b:83:a2:d8:cb:e0:3a:e8:0a:d8:0e:ce:d1:7a:17:
                    48:7c:38:29:d4:28:28:75:8b:28:b0:90:08:bf:da:
                    3c:80:6c:be:e9:87:b4:ae:d9:af:af:9d:4b:13:0a:
                    88:24:74:06:25:ad:d9:43:d6:0e:fe:2a:a4:3f:b6:
                    b7:f6:3d:05:17:b8:62:c5:9c:e4:ec:1e:c7:fd:58:
                    9b:3e:98:90:9e:a5:53:62:1b:3a:45:59:9f:02:92:
                    02:10:51:91:37:ab:f2:42:79:7f:38:d1:96:04:8b:
                    37:d6:80:16:3b:a9:3e:0b:32:93:ee:7e:41:9f:5e:
                    dc:5e:b4:9b:0a:37:5e:30:af:21:9e:f3:6d:23:93:
                    fc:12:f8:9b:de:95:15:e4:0e:8e:e0:6c:2d:51:ec:
                    33:43:dd:0e:59:b8:83:1d:a8:b8:59:53:07:5e:87:
                    d3:98:99:a6:a3:3a:9f:de:ff:79:f7:61:f0:e1:90:
                    ca:79:fa:d3:b4:3f:ea:c0:39:f3:14:67:48:93:6f:
                    db:db:23:fb:5d:86:7b:51:96:0e:82:ed:cd:ef:cb:
                    13:14:a9:69:bc:ec:05:a6:b7:aa:d9:16:51:b8:8a:
                    1b:2c:3e:74:ab:fe:e9:62:ee:0b:22:70:6d:68:2f:
                    9d:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:A9:B3:10:9E:3A:41:7A:76:34:FC:B3:23:00:2C:1D:77:50:F1:88
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:cd:73:bc:cb:f5:37:d7:8a:8b:a6:5c:a4:6e:20:3a:38:db:
         10:13:fd:ac:00:c8:ca:17:77:cd:9f:8d:42:5b:71:24:30:d6:
         19:e5:27:3f:f0:76:3e:1f:3c:3a:4e:2b:bc:7e:9e:31:72:e2:
         08:5c:6c:4c:38:82:68:51:7c:af:0b:5c:29:10:ca:45:95:39:
         e1:b3:b9:cf:50:80:e0:4c:89:ef:62:a1:99:61:76:31:4e:41:
         ee:58:22:fa:7c:3e:8f:f2:5d:5c:7e:34:b7:3b:22:3b:26:8f:
         6a:35:9f:78:2d:92:f7:c4:ab:e4:eb:4d:62:d0:4b:83:2f:f4:
         08:fc:ec:b4:75:8a:a0:d6:0c:03:7e:b3:78:72:a2:dc:1b:42:
         99:2c:11:60:41:ec:e3:26:95:67:39:7f:f1:ce:b9:b9:1f:a1:
         f4:42:28:6e:a6:66:63:7f:05:24:87:00:db:b8:64:6a:bd:0c:
         f2:d4:5a:44:de:a6:38:d1:5f:d9:94:92:71:ed:b0:11:70:a1:
         1b:1a:22:80:20:e5:c6:15:14:23:15:3f:b6:46:41:b3:31:ca:
         10:e1:0d:35:fd:cb:8b:55:88:c9:6c:0b:92:9b:9d:ce:24:56:
         48:6f:33:d4:dd:e0:7c:e0:23:8a:d5:0e:12:46:09:63:1b:45:
         b3:ba:90:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxoHfl+AAmlknrLbqyWd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjYwMzAxMTkwMTAxWhcNMjYwMzAyMTkwMTAxWjAzMTEwLwYDVQQD
Eyg2N2E5YjMxMDllM2E0MTdhNzYzNGZjYjMyMzAwMmMxZDc3NTBmMTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQXD5pHx5YnTGnB9Y6xLg6LYy+A6
6ArYDs7RehdIfDgp1CgodYsosJAIv9o8gGy+6Ye0rtmvr51LEwqIJHQGJa3ZQ9YO
/iqkP7a39j0FF7hixZzk7B7H/VibPpiQnqVTYhs6RVmfApICEFGRN6vyQnl/ONGW
BIs31oAWO6k+CzKT7n5Bn17cXrSbCjdeMK8hnvNtI5P8Evib3pUV5A6O4GwtUewz
Q90OWbiDHai4WVMHXofTmJmmozqf3v9592Hw4ZDKefrTtD/qwDnzFGdIk2/b2yP7
XYZ7UZYOgu3N78sTFKlpvOwFpreq2RZRuIobLD50q/7pYu4LInBtaC+dYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGepsxCeOkF6djT8syMALB13UPGIMB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOs1zvMv1
N9eKi6ZcpG4gOjjbEBP9rADIyhd3zZ+NQltxJDDWGeUnP/B2Ph88Ok4rvH6eMXLi
CFxsTDiCaFF8rwtcKRDKRZU54bO5z1CA4EyJ72KhmWF2MU5B7lgi+nw+j/JdXH40
tzsiOyaPajWfeC2S98Sr5OtNYtBLgy/0CPzstHWKoNYMA36zeHKi3BtCmSwRYEHs
4yaVZzl/8c65uR+h9EIobqZmY38FJIcA27hkar0M8tRaRN6mONFf2ZSSce2wEXCh
GxoigCDlxhUUIxU/tkZBszHKEOENNf3Li1WIyWwLkpudziRWSG8z1N3gfOAjitUO
EkYJYxtFs7qQmg==
-----END CERTIFICATE-----