Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
File:                     HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft (raw, json)
Hash identifier:          EJL+i5Web+RT229KIjkFts2Q6uI6RxBsgvFGRPRSz/s=
Subject key identifier:   A6:96:C9:FC:BE:C0:F9:53:EF:40:72:1A:C2:0E:8C:78:81:39:E4:DA
Authority key identifier: 1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D
Certificate issuer:       /CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d
Certificate serial:       019D9B87C3CAB04C877C5E05DE4E182F235A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
Manifest number:          160F
Signing time:             Fri 17 Apr 2026 13:00:58 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:58 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:58 +0000
Files and hashes:         1: HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl (hash: mGAUe3A3TTbiP5PfMEfngzoJBQskuMgO1916CB6CqQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:c3:ca:b0:4c:87:7c:5e:05:de:4e:18:2f:23:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d
        Validity
            Not Before: Apr 17 13:00:58 2026 GMT
            Not After : Apr 18 13:00:58 2026 GMT
        Subject: CN=a696c9fcbec0f953ef40721ac20e8c788139e4da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:63:28:94:6f:82:53:d2:d2:db:bd:34:a3:62:
                    b1:85:80:85:d6:36:d7:fb:08:7d:73:e8:38:2d:67:
                    bc:fc:82:ab:94:1b:89:83:a8:13:bd:6d:e0:2a:cb:
                    48:0b:2a:a0:1b:fc:ec:7b:d4:24:15:ae:82:e6:2d:
                    1b:a4:3c:46:5f:74:16:7c:51:2e:89:bf:d9:d1:ec:
                    21:04:3d:20:22:44:d9:f7:d0:af:4e:97:3e:a7:57:
                    0e:ba:2e:01:c9:00:0a:b9:7c:67:d6:58:1d:a7:5a:
                    c8:d2:18:da:70:31:10:ac:41:05:1c:d0:65:ee:76:
                    13:cd:c6:14:c2:05:c3:6f:3b:79:a3:48:6c:88:16:
                    a0:71:40:76:03:70:db:09:22:5b:91:ca:5a:95:2a:
                    a7:f7:b9:02:b7:70:80:71:61:1b:42:69:e5:d8:09:
                    f3:69:77:81:ee:8c:23:a6:87:69:09:25:31:97:c3:
                    ca:0d:6f:95:b0:30:7e:03:0a:6f:cf:2a:df:28:5b:
                    b1:63:8a:b3:65:15:03:b4:8b:b2:66:e6:8e:56:a5:
                    5e:56:a6:01:0a:24:ff:70:b4:e1:54:8c:c9:90:f5:
                    5f:78:40:27:00:e3:f7:bc:f4:6b:2e:d1:c4:ca:37:
                    de:7a:46:0d:8c:de:02:e4:b4:ae:20:9d:2a:26:ff:
                    48:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:96:C9:FC:BE:C0:F9:53:EF:40:72:1A:C2:0E:8C:78:81:39:E4:DA
            X509v3 Authority Key Identifier:
                keyid:1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:b1:fe:cd:dc:ed:fb:f1:32:6e:4d:16:4c:88:47:42:36:c2:
         54:c6:ec:51:35:d5:39:f8:d7:3e:00:7f:5c:80:c9:ef:0d:bb:
         ee:51:cc:c9:d4:b8:dc:36:f5:2a:33:de:c2:fc:ca:77:8e:a2:
         51:b3:98:c9:bf:03:ce:b1:55:e0:75:00:ed:20:6d:da:71:c5:
         4a:12:bd:1a:05:b8:70:b1:27:c8:68:d4:aa:67:14:69:14:c3:
         8c:de:95:d5:55:dc:10:85:90:18:4d:c8:2a:e6:d9:bf:4a:fe:
         92:29:e2:a4:4a:44:33:b5:11:14:86:d3:fc:68:b4:3d:48:59:
         ea:f4:22:dc:d1:e0:33:ad:04:be:d8:da:1d:ef:91:2c:71:da:
         ce:d1:7d:e4:4c:f8:b1:5d:59:48:fe:d4:1f:62:78:7c:96:98:
         dd:a7:d6:a5:dc:6b:7d:fb:c4:da:85:3b:f0:c8:3a:24:2f:57:
         da:49:c8:a7:2f:86:73:87:5d:c0:a7:28:c5:7d:a3:8b:a4:be:
         98:44:15:d9:54:1a:95:c5:08:12:11:99:bb:ab:61:bf:e8:1e:
         c2:e9:65:3b:42:ca:5a:fc:8d:e2:50:a8:21:8e:25:89:bb:1f:
         bd:33:40:d8:86:b7:86:d9:a0:ac:a9:64:8d:d9:73:18:20:f1:
         f3:8d:47:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh8PKsEyHfF4F3k4YLyNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGMzOTFlZGQ1Y2JlZTFhMTRlMGFiM2Y5M2Q4MzRmYWU1
MTFlNGQwHhcNMjYwNDE3MTMwMDU4WhcNMjYwNDE4MTMwMDU4WjAzMTEwLwYDVQQD
EyhhNjk2YzlmY2JlYzBmOTUzZWY0MDcyMWFjMjBlOGM3ODgxMzllNGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2MolG+CU9LS2700o2KxhYCF1jbX
+wh9c+g4LWe8/IKrlBuJg6gTvW3gKstICyqgG/zse9QkFa6C5i0bpDxGX3QWfFEu
ib/Z0ewhBD0gIkTZ99CvTpc+p1cOui4ByQAKuXxn1lgdp1rI0hjacDEQrEEFHNBl
7nYTzcYUwgXDbzt5o0hsiBagcUB2A3DbCSJbkcpalSqn97kCt3CAcWEbQmnl2Anz
aXeB7owjpodpCSUxl8PKDW+VsDB+AwpvzyrfKFuxY4qzZRUDtIuyZuaOVqVeVqYB
CiT/cLThVIzJkPVfeEAnAOP3vPRrLtHEyjfeekYNjN4C5LSuIJ0qJv9I2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaWyfy+wPlT70ByGsIOjHiBOeTaMB8GA1UdIwQY
MBaAFB0MOR7dXL7hoU4Ks/k9g0+uUR5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQt
MGY4OTllMGMyMGNkLzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQtMGY4OTllMGMyMGNk
LzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAILH+zdzt
+/Eybk0WTIhHQjbCVMbsUTXVOfjXPgB/XIDJ7w277lHMydS43Db1KjPewvzKd46i
UbOYyb8DzrFV4HUA7SBt2nHFShK9GgW4cLEnyGjUqmcUaRTDjN6V1VXcEIWQGE3I
KubZv0r+kinipEpEM7URFIbT/Gi0PUhZ6vQi3NHgM60EvtjaHe+RLHHaztF95Ez4
sV1ZSP7UH2J4fJaY3afWpdxrffvE2oU78Mg6JC9X2knIpy+Gc4ddwKcoxX2ji6S+
mEQV2VQalcUIEhGZu6thv+gewullO0LKWvyN4lCoIY4libsfvTNA2Ia3htmgrKlk
jdlzGCDx841Hnw==
-----END CERTIFICATE-----