Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          851zUB19ucewAxVxxdtHhaW5vqOiLCpVWI3Sojh0bxU=
Subject key identifier:   62:9C:B6:8D:8E:DD:AE:1D:93:05:FB:86:C9:A2:28:2B:90:78:8D:7C
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       019CAF489193F81A4715063697FDA4A0B15E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0A42
Signing time:             Mon 02 Mar 2026 16:01:34 +0000
Manifest this update:     Mon 02 Mar 2026 16:01:34 +0000
Manifest next update:     Tue 03 Mar 2026 16:01:34 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: kP9LnFvFoT7w2XlM/oZ6TOU84QpLVlUpvfe++j4TmQY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:48:91:93:f8:1a:47:15:06:36:97:fd:a4:a0:b1:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Mar  2 16:01:34 2026 GMT
            Not After : Mar  3 16:01:34 2026 GMT
        Subject: CN=629cb68d8eddae1d9305fb86c9a2282b90788d7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:76:3d:e0:88:b8:ae:a8:0f:27:24:01:21:2a:
                    21:ef:a4:78:f8:c5:85:24:24:8d:cd:b6:83:e9:26:
                    92:1f:c5:47:d3:98:5a:1c:5d:52:2f:28:9f:e9:1f:
                    49:f3:1d:51:5d:57:c1:b2:dc:04:11:b9:69:af:c4:
                    dd:16:3e:f2:10:a8:e2:18:5c:4f:ba:fd:8a:61:6c:
                    4b:30:a5:ce:6b:cd:9e:70:95:8f:ca:64:4e:c5:e8:
                    8e:ef:88:66:1e:39:ae:1e:75:0c:76:ba:6f:bb:cd:
                    48:44:b8:24:7e:3c:15:1e:09:2d:21:f8:63:48:5a:
                    49:85:85:a8:4e:41:12:99:21:ea:a2:67:dd:3f:fa:
                    38:0c:ab:0d:80:e4:c3:72:c5:92:f2:84:ca:ca:7a:
                    cb:1f:d9:a0:45:e7:3f:74:99:9d:33:f1:aa:26:b6:
                    c0:41:20:6f:76:b2:99:48:9a:fe:95:d0:19:17:44:
                    42:c3:58:c2:35:d3:05:88:8d:51:64:5b:e8:ec:4f:
                    58:c6:c8:d5:05:90:1c:e5:5c:35:41:81:41:d8:11:
                    24:1a:a6:a0:83:fa:08:bc:69:07:4b:37:f1:92:40:
                    f4:4b:fb:7e:1c:30:f1:cb:17:61:05:68:18:0b:66:
                    9a:c5:71:29:cb:42:f4:86:b5:d0:b2:9f:3d:80:b6:
                    50:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:9C:B6:8D:8E:DD:AE:1D:93:05:FB:86:C9:A2:28:2B:90:78:8D:7C
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:cd:cd:36:06:94:74:c1:dc:7e:09:ef:58:5f:7e:89:dd:5b:
         41:60:0c:42:6b:3c:4f:5c:7a:0c:84:40:cf:9e:c0:62:be:4c:
         75:d0:a7:c8:f5:30:e6:9c:b2:60:67:90:60:03:1c:ac:1e:b9:
         c7:87:27:13:a5:92:f6:60:36:48:bd:0e:14:01:62:f3:f3:c4:
         3b:c0:8b:36:07:9f:2a:92:09:50:d9:6a:cc:41:50:2a:69:e7:
         16:33:b9:8a:61:0f:d4:3b:5e:fb:f2:96:c8:04:6a:c6:d1:df:
         66:2e:16:51:c2:64:c9:30:d0:a8:89:9b:79:35:13:31:a2:fb:
         d6:86:00:f3:18:31:97:3a:17:c6:8a:41:e0:26:95:d2:28:58:
         27:7b:61:12:38:9f:77:71:04:58:c3:ad:2e:6e:bb:ea:51:f8:
         ee:8a:96:ee:37:56:26:ba:ed:df:98:b8:ca:ed:62:f1:ae:86:
         5a:bf:2c:68:95:63:9d:7d:1f:9b:0e:d6:57:55:69:e2:f1:6f:
         67:27:d8:aa:76:59:1d:fc:b0:8b:d7:de:55:08:96:f4:30:92:
         cf:b4:a8:05:03:f7:20:fd:db:35:e6:b7:3c:43:e5:41:98:81:
         ed:66:12:4d:69:d1:00:b1:be:df:39:3b:67:ec:e9:73:b1:f9:
         a1:10:e1:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvSJGT+BpHFQY2l/2koLFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjYwMzAyMTYwMTM0WhcNMjYwMzAzMTYwMTM0WjAzMTEwLwYDVQQD
Eyg2MjljYjY4ZDhlZGRhZTFkOTMwNWZiODZjOWEyMjgyYjkwNzg4ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3Y94Ii4rqgPJyQBISoh76R4+MWF
JCSNzbaD6SaSH8VH05haHF1SLyif6R9J8x1RXVfBstwEEblpr8TdFj7yEKjiGFxP
uv2KYWxLMKXOa82ecJWPymROxeiO74hmHjmuHnUMdrpvu81IRLgkfjwVHgktIfhj
SFpJhYWoTkESmSHqomfdP/o4DKsNgOTDcsWS8oTKynrLH9mgRec/dJmdM/GqJrbA
QSBvdrKZSJr+ldAZF0RCw1jCNdMFiI1RZFvo7E9YxsjVBZAc5Vw1QYFB2BEkGqag
g/oIvGkHSzfxkkD0S/t+HDDxyxdhBWgYC2aaxXEpy0L0hrXQsp89gLZQ1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGKcto2O3a4dkwX7hsmiKCuQeI18MB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxs3NNgaU
dMHcfgnvWF9+id1bQWAMQms8T1x6DIRAz57AYr5MddCnyPUw5pyyYGeQYAMcrB65
x4cnE6WS9mA2SL0OFAFi8/PEO8CLNgefKpIJUNlqzEFQKmnnFjO5imEP1Dte+/KW
yARqxtHfZi4WUcJkyTDQqImbeTUTMaL71oYA8xgxlzoXxopB4CaV0ihYJ3thEjif
d3EEWMOtLm676lH47oqW7jdWJrrt35i4yu1i8a6GWr8saJVjnX0fmw7WV1Vp4vFv
ZyfYqnZZHfywi9feVQiW9DCSz7SoBQP3IP3bNea3PEPlQZiB7WYSTWnRALG+3zk7
Z+zpc7H5oRDhwQ==
-----END CERTIFICATE-----