Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          5ELBG9/rnhPd+7iDpGskqVN/mOS+lpC5I/hxrs0ahlA=
Subject key identifier:   59:3B:B5:E7:22:A6:42:BB:86:AA:E8:88:DA:F0:9C:8F:46:23:8E:24
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       019D9AAC204CF40228B6DF563CEA721E99BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          0C32
Signing time:             Fri 17 Apr 2026 09:01:04 +0000
Manifest this update:     Fri 17 Apr 2026 09:01:04 +0000
Manifest next update:     Sat 18 Apr 2026 09:01:04 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: P9ERd/9KUkp5i4nY4lRaXDoCmR7ecilPYl0/pmghntI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:ac:20:4c:f4:02:28:b6:df:56:3c:ea:72:1e:99:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Apr 17 09:01:04 2026 GMT
            Not After : Apr 18 09:01:04 2026 GMT
        Subject: CN=593bb5e722a642bb86aae888daf09c8f46238e24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:d1:45:23:70:58:4f:2c:ad:15:3d:71:3b:9b:
                    e7:c0:bf:c0:9b:36:dd:d6:b4:c3:80:27:de:d7:8b:
                    a5:88:de:4d:24:ce:f7:e6:4d:6f:67:67:e7:e7:33:
                    e8:ad:3f:39:e5:e4:7e:91:e7:85:26:73:1b:33:b0:
                    1e:84:07:b0:57:e1:bf:f3:8d:74:a9:ed:9e:df:ae:
                    04:91:33:08:b2:f6:e4:82:7b:f9:73:1d:f6:27:1b:
                    2c:60:25:4c:dc:e0:35:38:1d:22:21:69:a6:46:7e:
                    fe:df:f8:6b:5b:d8:47:06:13:b3:f8:d0:02:3d:82:
                    72:30:d4:89:29:bd:8d:2f:42:04:6c:94:58:9d:f6:
                    66:6b:45:b0:6a:d8:39:69:82:21:07:98:5e:be:61:
                    a0:e4:90:d4:01:a1:49:89:0c:e2:57:8f:96:b0:8e:
                    4e:c9:25:db:b8:10:f2:b1:8e:f9:fe:11:7b:a3:3e:
                    bd:c4:2d:7c:8d:30:be:95:1d:35:08:ba:e6:1f:a9:
                    9e:68:0e:84:60:8f:94:4b:f4:1c:dd:c2:cc:88:94:
                    72:12:d8:39:e5:1e:41:51:3a:a2:97:42:54:57:a5:
                    24:1b:03:9b:d8:93:ac:79:7c:93:cd:c7:a2:24:5b:
                    f0:7e:f5:bb:08:7c:95:7b:dd:2a:56:6d:3b:aa:94:
                    90:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:3B:B5:E7:22:A6:42:BB:86:AA:E8:88:DA:F0:9C:8F:46:23:8E:24
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:d6:77:84:ff:b7:39:7e:b7:b8:e3:4d:53:67:40:01:66:8a:
         23:24:45:54:56:e7:39:a2:f3:f4:29:f1:6f:4c:c5:60:59:61:
         0f:3a:52:69:8a:a0:89:36:d3:02:bc:76:82:2b:cf:4e:9b:f4:
         df:ec:0f:76:2d:e3:88:47:7b:fa:ed:1a:1a:c3:22:5d:2a:6a:
         c9:ff:01:99:2b:e6:78:d0:5d:d1:c3:77:79:ea:be:7a:68:e4:
         12:ac:5e:d8:d3:53:de:23:90:80:e9:c5:82:d5:fc:37:0d:e2:
         28:a7:84:be:13:21:49:2e:5c:8f:56:9d:29:89:28:7d:da:43:
         2c:29:4c:04:d2:c7:58:76:bf:bb:8f:a6:0e:5e:e4:17:74:42:
         4f:c6:d8:9f:07:d0:2d:9f:9f:fd:e0:59:71:d2:13:38:09:55:
         ac:e9:28:db:44:78:bc:0a:19:ae:d6:85:72:b0:7d:32:9d:00:
         73:ad:4b:c3:53:a5:db:6d:cb:1a:b5:11:a0:e9:45:96:d7:ab:
         42:1b:a2:65:93:82:b4:8f:82:96:7e:e7:5a:d3:88:81:36:9e:
         f4:7b:4c:2e:80:95:9f:b9:d3:18:bd:72:85:4f:f5:6d:d0:0d:
         69:8a:40:01:bb:75:e8:db:3d:dd:b3:73:a1:43:95:a0:70:36:
         60:36:9c:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2arCBM9AIott9WPOpyHpm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjYwNDE3MDkwMTA0WhcNMjYwNDE4MDkwMTA0WjAzMTEwLwYDVQQD
Eyg1OTNiYjVlNzIyYTY0MmJiODZhYWU4ODhkYWYwOWM4ZjQ2MjM4ZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tFFI3BYTyytFT1xO5vnwL/Amzbd
1rTDgCfe14uliN5NJM735k1vZ2fn5zPorT855eR+keeFJnMbM7AehAewV+G/8410
qe2e364EkTMIsvbkgnv5cx32JxssYCVM3OA1OB0iIWmmRn7+3/hrW9hHBhOz+NAC
PYJyMNSJKb2NL0IEbJRYnfZma0Wwatg5aYIhB5hevmGg5JDUAaFJiQziV4+WsI5O
ySXbuBDysY75/hF7oz69xC18jTC+lR01CLrmH6meaA6EYI+US/Qc3cLMiJRyEtg5
5R5BUTqil0JUV6UkGwOb2JOseXyTzceiJFvwfvW7CHyVe90qVm07qpSQVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFk7tecipkK7hqroiNrwnI9GI44kMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALNZ3hP+3
OX63uONNU2dAAWaKIyRFVFbnOaLz9Cnxb0zFYFlhDzpSaYqgiTbTArx2givPTpv0
3+wPdi3jiEd7+u0aGsMiXSpqyf8BmSvmeNBd0cN3eeq+emjkEqxe2NNT3iOQgOnF
gtX8Nw3iKKeEvhMhSS5cj1adKYkofdpDLClMBNLHWHa/u4+mDl7kF3RCT8bYnwfQ
LZ+f/eBZcdITOAlVrOko20R4vAoZrtaFcrB9Mp0Ac61Lw1Ol223LGrURoOlFlter
QhuiZZOCtI+Cln7nWtOIgTae9HtMLoCVn7nTGL1yhU/1bdANaYpAAbt16Ns93bNz
oUOVoHA2YDacPA==
-----END CERTIFICATE-----