Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          9fFHX/p5seBzR3byxsP3coKLVJc0Ym0gnzc9DBnXhA8=
Subject key identifier:   D3:39:B1:20:D2:0A:E4:58:65:22:D5:B5:2B:77:79:65:53:92:81:BB
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       019D9AE2927498E09170FC926D2378446FD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          148F
Signing time:             Fri 17 Apr 2026 10:00:32 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:32 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:32 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: E5kyq7Dz6hXglvy0RakPNX4WroBpDPKjY/VERIRWjE8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:92:74:98:e0:91:70:fc:92:6d:23:78:44:6f:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Apr 17 10:00:32 2026 GMT
            Not After : Apr 18 10:00:32 2026 GMT
        Subject: CN=d339b120d20ae4586522d5b52b777965539281bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:92:37:0b:27:64:54:86:91:d4:06:05:15:ed:
                    32:7f:2f:51:ba:ed:fd:5e:0f:e6:fe:da:13:ae:c8:
                    80:f2:00:2a:ee:90:0f:40:90:4a:f8:15:a4:97:6d:
                    0c:1f:a4:31:e5:23:ed:e8:f1:b7:89:a8:ad:c6:db:
                    40:0d:11:0d:7c:99:c2:e0:b4:a7:33:28:fa:78:57:
                    b3:b5:63:b8:93:26:c9:ab:ff:10:6e:88:b2:ce:35:
                    88:df:7a:d5:8f:b1:1c:40:1f:1a:07:d7:60:ef:3a:
                    90:9a:2a:05:85:11:83:77:95:16:04:ac:8e:23:04:
                    6a:6c:3b:24:1a:26:a2:c9:53:d0:c1:19:6e:d7:aa:
                    71:a4:91:54:ea:32:a9:55:f9:9f:83:cd:cb:ee:41:
                    37:e9:44:4b:bf:c9:03:a0:2e:56:69:9b:76:4a:c8:
                    be:3e:ed:92:de:c9:bc:1d:cf:d5:0c:09:a0:70:1c:
                    83:fe:00:9a:1f:57:1e:28:1e:ae:85:92:55:cd:52:
                    0e:0c:58:ed:11:40:c3:92:b9:4b:a2:59:f9:8b:48:
                    08:ba:f7:14:b1:bc:82:ba:ca:85:b8:bd:54:65:13:
                    07:5c:34:0a:af:73:c8:03:f1:9e:85:6b:7f:b2:12:
                    16:84:22:8f:11:23:43:6c:2c:9f:3e:04:63:90:86:
                    35:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:39:B1:20:D2:0A:E4:58:65:22:D5:B5:2B:77:79:65:53:92:81:BB
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:96:d2:ff:53:33:84:80:2b:c9:4a:c3:b3:a1:57:73:98:51:
         50:29:26:ad:f5:e1:f4:0e:c9:b9:f2:bc:72:17:e2:c8:0b:3d:
         ce:5d:3a:e5:ca:69:38:10:4b:bb:5d:48:8b:b0:04:14:eb:a9:
         31:29:9a:07:94:b3:cf:64:fd:27:e9:7a:a5:c9:09:9e:b7:45:
         25:fd:81:b1:2e:3b:cc:29:f0:ef:78:e1:74:b1:32:a6:d2:30:
         52:a5:1b:60:68:4f:b6:1e:72:d3:9a:a2:ee:cd:c9:0d:25:72:
         39:16:ff:ab:4e:1c:f3:06:65:44:9f:6e:06:eb:25:0e:1d:dd:
         24:c1:72:e4:63:39:4b:fb:1f:4d:27:eb:d4:e4:85:ae:8c:fc:
         03:5b:f5:68:3c:54:a7:25:39:6c:8a:87:fa:8c:1a:74:ab:08:
         a9:ca:27:aa:ee:bd:60:b2:ff:e9:6f:38:35:e2:77:6a:d1:41:
         08:46:42:d8:50:7d:a7:f3:f4:7a:38:36:bc:e8:26:ca:ee:0a:
         cf:8f:29:61:90:ce:73:53:d9:76:39:a6:30:b6:f0:55:61:ae:
         8a:84:25:f2:87:7c:9c:af:04:65:df:9b:82:6e:55:4e:52:c9:
         f2:de:c9:6d:eb:82:03:47:4b:35:75:00:31:e1:81:72:fa:67:
         48:39:a2:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4pJ0mOCRcPySbSN4RG/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjYwNDE3MTAwMDMyWhcNMjYwNDE4MTAwMDMyWjAzMTEwLwYDVQQD
EyhkMzM5YjEyMGQyMGFlNDU4NjUyMmQ1YjUyYjc3Nzk2NTUzOTI4MWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJI3CydkVIaR1AYFFe0yfy9Ruu39
Xg/m/toTrsiA8gAq7pAPQJBK+BWkl20MH6Qx5SPt6PG3iaitxttADRENfJnC4LSn
Myj6eFeztWO4kybJq/8QboiyzjWI33rVj7EcQB8aB9dg7zqQmioFhRGDd5UWBKyO
IwRqbDskGiaiyVPQwRlu16pxpJFU6jKpVfmfg83L7kE36URLv8kDoC5WaZt2Ssi+
Pu2S3sm8Hc/VDAmgcByD/gCaH1ceKB6uhZJVzVIODFjtEUDDkrlLoln5i0gIuvcU
sbyCusqFuL1UZRMHXDQKr3PIA/GehWt/shIWhCKPESNDbCyfPgRjkIY1rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNM5sSDSCuRYZSLVtSt3eWVTkoG7MB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr5bS/1Mz
hIAryUrDs6FXc5hRUCkmrfXh9A7JufK8chfiyAs9zl065cppOBBLu11Ii7AEFOup
MSmaB5Szz2T9J+l6pckJnrdFJf2BsS47zCnw73jhdLEyptIwUqUbYGhPth5y05qi
7s3JDSVyORb/q04c8wZlRJ9uBuslDh3dJMFy5GM5S/sfTSfr1OSFroz8A1v1aDxU
pyU5bIqH+owadKsIqconqu69YLL/6W84NeJ3atFBCEZC2FB9p/P0ejg2vOgmyu4K
z48pYZDOc1PZdjmmMLbwVWGuioQl8od8nK8EZd+bgm5VTlLJ8t7JbeuCA0dLNXUA
MeGBcvpnSDmieQ==
-----END CERTIFICATE-----