Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          rS91Qe3dYXG9fKP6gfgXGpvuCpNA+SXBVhhznlLeWfo=
Subject key identifier:   D1:62:83:C5:A0:C1:D7:F7:8B:6C:34:14:32:31:22:12:6C:B6:FF:C5
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       019D98F4CF5192CEF39101D241443857970F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0ABB
Signing time:             Fri 17 Apr 2026 01:01:13 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:13 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:13 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: lmCFc08MJJK0EI4JlbQvYWRnDZWxxXSYPhEdE1iuXxY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:cf:51:92:ce:f3:91:01:d2:41:44:38:57:97:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Apr 17 01:01:13 2026 GMT
            Not After : Apr 18 01:01:13 2026 GMT
        Subject: CN=d16283c5a0c1d7f78b6c3414323122126cb6ffc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f7:3e:66:ad:4d:cd:46:85:42:3d:8a:a8:f8:
                    bc:a0:76:c9:e3:e0:49:14:8c:b3:54:be:ca:b3:0b:
                    d3:40:b1:81:ef:d7:04:9a:95:d4:62:de:f0:42:f8:
                    ff:ca:e3:79:5f:46:4f:58:47:1e:3f:3e:58:6d:4c:
                    6a:f5:c3:a1:53:25:a8:ca:13:fd:87:40:8f:c5:5c:
                    89:85:85:6d:fe:a8:76:d3:da:11:86:f3:5c:18:f4:
                    7c:7e:56:2e:c5:b2:23:5d:dc:ae:41:85:27:ac:71:
                    85:f2:e9:c3:cc:13:ef:88:dc:02:38:2f:8c:e4:ce:
                    26:56:fc:19:8d:13:c7:9e:c4:dd:27:fc:22:0e:0e:
                    a2:61:6a:d1:67:9e:c8:ce:0c:d3:45:e7:fe:67:f1:
                    79:fc:58:b6:fe:ba:6d:fd:89:98:c0:4e:10:ce:ac:
                    da:9e:86:ea:92:e7:cb:ec:34:88:47:e7:79:59:bc:
                    62:cd:60:5e:c8:7a:19:6d:c7:be:63:29:3a:3a:83:
                    fa:04:44:b8:b1:81:04:bc:20:90:08:96:ee:36:88:
                    32:89:eb:71:a1:c4:75:3b:ab:a7:37:06:c9:c7:c9:
                    df:1b:9b:0c:69:f9:a8:b2:b5:5d:a3:c6:cd:09:a4:
                    09:3e:6d:bf:31:d9:b6:18:53:af:5b:8d:c2:f3:4b:
                    1d:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:62:83:C5:A0:C1:D7:F7:8B:6C:34:14:32:31:22:12:6C:B6:FF:C5
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:d8:8d:92:e8:ca:14:32:4b:c6:e3:e4:3d:ea:46:f6:f2:3d:
         2d:18:40:67:ec:bf:bf:08:ed:79:da:8b:c4:e6:85:c0:15:76:
         0d:c7:8e:3f:f0:95:03:82:b4:f3:b3:2e:cb:f4:b4:2d:ef:9a:
         96:de:42:fe:2b:34:a1:93:c2:4c:c3:f0:d8:1b:2e:ed:71:af:
         57:79:35:b4:6a:27:cd:9b:95:0f:d8:79:05:17:01:04:de:bb:
         25:3b:b4:6e:93:70:99:fa:aa:f6:30:60:cd:e9:6e:28:76:f1:
         98:0b:00:90:2a:83:b0:bd:33:3d:63:b0:34:9b:c4:59:c8:e5:
         87:03:6b:21:3b:09:d2:a8:75:0f:28:e0:4e:e8:18:db:35:49:
         ff:28:f8:b3:16:cb:0d:d7:31:71:cc:89:46:73:e7:94:ab:18:
         26:4c:8d:c6:6a:01:bc:89:c0:1d:c0:6d:8d:79:62:f7:28:88:
         68:98:59:04:29:7f:1b:49:b2:2d:cc:87:41:84:41:f2:02:9e:
         bf:90:78:3f:15:0b:c9:18:ec:3c:f3:fd:5a:4b:0c:79:34:0e:
         27:4e:cf:5d:69:e8:cb:91:92:83:ac:6f:61:b2:38:fb:4e:97:
         bd:31:91:55:4a:1b:1d:b7:86:ba:11:16:38:7b:95:8d:b8:01:
         18:64:71:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9M9Rks7zkQHSQUQ4V5cPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjYwNDE3MDEwMTEzWhcNMjYwNDE4MDEwMTEzWjAzMTEwLwYDVQQD
EyhkMTYyODNjNWEwYzFkN2Y3OGI2YzM0MTQzMjMxMjIxMjZjYjZmZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvc+Zq1NzUaFQj2KqPi8oHbJ4+BJ
FIyzVL7KswvTQLGB79cEmpXUYt7wQvj/yuN5X0ZPWEcePz5YbUxq9cOhUyWoyhP9
h0CPxVyJhYVt/qh209oRhvNcGPR8flYuxbIjXdyuQYUnrHGF8unDzBPviNwCOC+M
5M4mVvwZjRPHnsTdJ/wiDg6iYWrRZ57IzgzTRef+Z/F5/Fi2/rpt/YmYwE4Qzqza
nobqkufL7DSIR+d5WbxizWBeyHoZbce+Yyk6OoP6BES4sYEEvCCQCJbuNogyietx
ocR1O6unNwbJx8nfG5sMafmosrVdo8bNCaQJPm2/Mdm2GFOvW43C80sdGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFig8Wgwdf3i2w0FDIxIhJstv/FMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApNiNkujK
FDJLxuPkPepG9vI9LRhAZ+y/vwjtedqLxOaFwBV2DceOP/CVA4K087Muy/S0Le+a
lt5C/is0oZPCTMPw2Bsu7XGvV3k1tGonzZuVD9h5BRcBBN67JTu0bpNwmfqq9jBg
zeluKHbxmAsAkCqDsL0zPWOwNJvEWcjlhwNrITsJ0qh1DyjgTugY2zVJ/yj4sxbL
DdcxccyJRnPnlKsYJkyNxmoBvInAHcBtjXli9yiIaJhZBCl/G0myLcyHQYRB8gKe
v5B4PxULyRjsPPP9WksMeTQOJ07PXWnoy5GSg6xvYbI4+06XvTGRVUobHbeGuhEW
OHuVjbgBGGRxyA==
-----END CERTIFICATE-----