Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          B40OwDsobbWD7DZWjOslsGlmv/J8Jl0YC8hxjyivuW0=
Subject key identifier:   15:05:3D:09:01:DF:2F:30:70:36:58:34:88:7B:BB:B1:B5:3E:A4:12
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       019D9A3DEFFA537FD303EB62B93352F326D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          18C0
Signing time:             Fri 17 Apr 2026 07:00:43 +0000
Manifest this update:     Fri 17 Apr 2026 07:00:43 +0000
Manifest next update:     Sat 18 Apr 2026 07:00:43 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: AvAMnWdNlitBTc5fQK4vZlzUdYVJWAffK2xpOowftVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3d:ef:fa:53:7f:d3:03:eb:62:b9:33:52:f3:26:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Apr 17 07:00:43 2026 GMT
            Not After : Apr 18 07:00:43 2026 GMT
        Subject: CN=15053d0901df2f3070365834887bbbb1b53ea412
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:a3:3d:1f:0b:83:37:9a:b5:31:86:18:f9:5a:
                    44:ed:9e:ce:b4:91:d9:33:15:ca:95:e6:9e:9a:dc:
                    a2:73:b7:da:2b:89:fc:b2:50:d4:24:ae:fb:57:d1:
                    f2:f4:1b:1e:e4:66:ad:62:0d:d7:66:9c:a2:2e:76:
                    05:1f:47:b8:05:6a:a1:35:7b:16:6e:4f:6d:8b:27:
                    e7:f7:9d:9e:a6:7c:9e:77:ad:25:71:f4:16:d3:21:
                    02:78:32:0a:ba:d1:42:2f:0d:0d:fd:26:c4:4c:5d:
                    b5:71:c3:ab:d6:81:4f:28:ca:72:e0:53:42:e8:da:
                    5f:92:7f:82:36:85:8f:91:2d:09:b4:70:3b:37:18:
                    e2:a9:f3:a2:5d:fa:e1:7c:bb:d1:43:36:77:39:a1:
                    02:27:2b:00:5b:34:37:31:0f:19:03:8c:bc:7d:05:
                    5f:ec:35:01:eb:3a:0a:82:7b:ae:d2:af:b3:63:d9:
                    46:a3:cb:d2:81:27:e0:5b:45:e1:cb:58:9b:9a:29:
                    16:78:e5:ac:18:35:b3:ae:52:6d:22:52:49:69:cb:
                    12:47:b3:87:57:a2:30:81:df:69:31:eb:0d:16:1f:
                    ce:ba:cd:b7:a5:d2:68:50:62:74:64:f6:1f:be:0c:
                    49:5e:71:e3:a1:85:0c:ac:58:c5:04:68:62:fc:7d:
                    8f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:05:3D:09:01:DF:2F:30:70:36:58:34:88:7B:BB:B1:B5:3E:A4:12
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:33:de:89:ec:c5:6d:c6:d6:12:1c:af:26:a3:cd:1f:c0:89:
         0a:06:59:53:fb:15:a1:54:71:cd:b8:67:1c:9c:d1:fe:d6:3d:
         12:e9:b7:30:ea:19:51:be:4c:f1:93:29:fa:c6:77:b4:12:02:
         9e:ac:ee:9c:e4:ca:2f:bc:be:12:05:88:18:2d:0b:cc:9f:e5:
         1d:94:8f:40:5e:41:6b:a9:13:88:9a:65:bc:1c:f6:49:9d:66:
         75:ed:b2:fd:0c:62:e4:22:38:8e:8c:58:15:9e:3a:c5:36:f9:
         8a:8c:09:cb:4e:7a:45:70:57:1b:44:da:17:38:15:b5:81:b1:
         cc:4c:5a:f6:64:5b:dd:0e:1b:fb:12:5e:cd:e9:1d:b9:71:17:
         a8:86:cd:df:42:40:5c:8c:a2:32:16:2f:7a:d1:c9:45:68:a1:
         59:13:89:24:c5:16:32:2a:b0:e9:9f:11:21:16:ea:17:4c:51:
         d1:ae:4f:a1:d9:a1:ce:36:d0:f6:1c:83:f6:f0:ab:fc:5a:a3:
         69:dd:7b:d4:12:ea:55:69:d6:8a:63:e4:4f:cc:61:d1:51:4b:
         8e:38:af:42:25:83:11:eb:51:df:16:09:db:e4:81:d9:fe:cd:
         c5:a3:ee:49:4c:5c:50:99:97:ef:c8:d4:a7:59:17:66:ef:6a:
         5f:05:b7:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPe/6U3/TA+tiuTNS8ybTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjYwNDE3MDcwMDQzWhcNMjYwNDE4MDcwMDQzWjAzMTEwLwYDVQQD
EygxNTA1M2QwOTAxZGYyZjMwNzAzNjU4MzQ4ODdiYmJiMWI1M2VhNDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqM9HwuDN5q1MYYY+VpE7Z7OtJHZ
MxXKleaemtyic7faK4n8slDUJK77V9Hy9Bse5GatYg3XZpyiLnYFH0e4BWqhNXsW
bk9tiyfn952epnyed60lcfQW0yECeDIKutFCLw0N/SbETF21ccOr1oFPKMpy4FNC
6Npfkn+CNoWPkS0JtHA7NxjiqfOiXfrhfLvRQzZ3OaECJysAWzQ3MQ8ZA4y8fQVf
7DUB6zoKgnuu0q+zY9lGo8vSgSfgW0Xhy1ibmikWeOWsGDWzrlJtIlJJacsSR7OH
V6Iwgd9pMesNFh/Ous23pdJoUGJ0ZPYfvgxJXnHjoYUMrFjFBGhi/H2PqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUFPQkB3y8wcDZYNIh7u7G1PqQSMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIjPeiezF
bcbWEhyvJqPNH8CJCgZZU/sVoVRxzbhnHJzR/tY9Eum3MOoZUb5M8ZMp+sZ3tBIC
nqzunOTKL7y+EgWIGC0LzJ/lHZSPQF5Ba6kTiJplvBz2SZ1mde2y/Qxi5CI4joxY
FZ46xTb5iowJy056RXBXG0TaFzgVtYGxzExa9mRb3Q4b+xJezekduXEXqIbN30JA
XIyiMhYvetHJRWihWROJJMUWMiqw6Z8RIRbqF0xR0a5PodmhzjbQ9hyD9vCr/Fqj
ad171BLqVWnWimPkT8xh0VFLjjivQiWDEetR3xYJ2+SB2f7NxaPuSUxcUJmX78jU
p1kXZu9qXwW3xQ==
-----END CERTIFICATE-----