Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          X+HfCch53LCz02coy1Q2GSBMV2IrXaxkoE0s9TIuKRc=
Subject key identifier:   33:61:31:ED:FD:E6:CF:25:BF:2F:AE:A9:E5:37:22:0E:41:03:96:15
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       019D97E222B2221AAB6E425695301BC49D24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          0597
Signing time:             Thu 16 Apr 2026 20:01:12 +0000
Manifest this update:     Thu 16 Apr 2026 20:01:12 +0000
Manifest next update:     Fri 17 Apr 2026 20:01:12 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: hfdmy06Q+asBiWHAMVD/OgzPXF/HvfDuStCXka9TUOY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 20:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:e2:22:b2:22:1a:ab:6e:42:56:95:30:1b:c4:9d:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Apr 16 20:01:12 2026 GMT
            Not After : Apr 17 20:01:12 2026 GMT
        Subject: CN=336131edfde6cf25bf2faea9e537220e41039615
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:89:ad:db:f4:0c:ae:40:96:99:c3:30:f8:d9:
                    54:cc:be:36:40:2a:22:0c:9a:a0:93:26:f3:71:2c:
                    c6:60:27:a9:24:47:f9:1c:22:2f:e6:73:4a:a7:32:
                    1f:04:35:c5:9f:0e:5d:0a:25:2e:15:80:0c:4a:e1:
                    f9:c2:83:9b:ad:8e:9e:de:29:8f:7d:c9:57:0e:de:
                    9c:b6:cb:12:19:d0:e3:74:53:17:d6:fa:a4:bd:60:
                    95:92:b8:c6:d8:3c:12:90:74:75:cc:d8:b9:6b:10:
                    5b:0b:9a:df:28:7b:fb:fd:80:40:a1:bc:1d:91:95:
                    3f:71:4d:85:62:16:0a:d5:97:ee:25:e4:a8:58:0e:
                    40:eb:c6:d6:06:a0:1b:73:91:b5:f0:07:fb:ac:eb:
                    50:ab:af:d6:f4:0e:a2:37:c0:f4:fd:0c:e6:4b:1b:
                    ae:bb:2d:86:5b:ed:c4:61:7b:a9:1a:44:74:90:53:
                    38:9c:0a:38:fd:e5:10:8b:ae:e0:92:76:08:67:a0:
                    4e:40:64:91:73:9e:91:10:16:83:2d:8e:b8:ad:39:
                    05:4c:2c:43:8b:5d:3d:72:9f:3d:91:6f:5f:7b:7b:
                    bf:63:5e:46:48:81:32:a9:22:77:d1:f8:91:65:e9:
                    b4:a7:8f:c6:48:ec:90:7f:ed:19:96:7d:ac:8a:fc:
                    28:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:61:31:ED:FD:E6:CF:25:BF:2F:AE:A9:E5:37:22:0E:41:03:96:15
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:b9:ff:cd:b5:00:a8:0b:05:b2:fd:5d:e1:80:74:61:6a:6a:
         a3:48:97:36:78:f5:44:aa:9f:29:84:92:4d:28:10:28:b3:2d:
         bd:4d:65:d7:0f:36:21:a6:db:98:fe:af:fb:f1:8a:ca:e0:ea:
         40:0f:37:f9:9b:bc:e4:9c:1f:89:96:12:3c:fc:2c:01:ae:2a:
         bd:9d:bc:26:89:e3:35:4f:1b:f5:1b:c1:4e:7d:fb:7f:eb:2e:
         34:d2:83:ef:76:fb:b6:e4:b4:50:65:49:eb:ae:68:1a:a5:ae:
         05:44:ce:24:0a:99:50:4f:89:f8:93:2f:d9:c4:e0:ae:58:d2:
         7b:ff:5d:76:fb:1b:e1:69:b0:d1:e7:39:77:1e:b1:68:2c:b0:
         c9:f8:e4:80:6c:d2:15:ec:82:e1:9a:fb:be:1f:3a:d2:bb:72:
         bc:fb:ff:39:04:94:02:50:2b:29:03:38:58:15:ed:8a:c0:64:
         24:5c:eb:d8:17:1d:c4:d4:0d:dc:95:a2:7d:88:f7:55:35:87:
         77:2e:94:01:cc:8b:76:f1:3d:ef:3c:d4:16:a6:5f:e7:ce:bf:
         e2:60:01:97:61:8e:a4:81:fc:f7:6e:e9:39:67:8f:96:bc:b9:
         26:c8:8b:0f:5c:4d:0f:04:8c:62:3a:66:e5:19:24:ad:58:6b:
         8d:b8:69:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4iKyIhqrbkJWlTAbxJ0kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjYwNDE2MjAwMTEyWhcNMjYwNDE3MjAwMTEyWjAzMTEwLwYDVQQD
EygzMzYxMzFlZGZkZTZjZjI1YmYyZmFlYTllNTM3MjIwZTQxMDM5NjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoomt2/QMrkCWmcMw+NlUzL42QCoi
DJqgkybzcSzGYCepJEf5HCIv5nNKpzIfBDXFnw5dCiUuFYAMSuH5woObrY6e3imP
fclXDt6ctssSGdDjdFMX1vqkvWCVkrjG2DwSkHR1zNi5axBbC5rfKHv7/YBAobwd
kZU/cU2FYhYK1ZfuJeSoWA5A68bWBqAbc5G18Af7rOtQq6/W9A6iN8D0/QzmSxuu
uy2GW+3EYXupGkR0kFM4nAo4/eUQi67gknYIZ6BOQGSRc56REBaDLY64rTkFTCxD
i109cp89kW9fe3u/Y15GSIEyqSJ30fiRZem0p4/GSOyQf+0Zln2sivwo+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNhMe395s8lvy+uqeU3Ig5BA5YVMB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWrn/zbUA
qAsFsv1d4YB0YWpqo0iXNnj1RKqfKYSSTSgQKLMtvU1l1w82IabbmP6v+/GKyuDq
QA83+Zu85JwfiZYSPPwsAa4qvZ28JonjNU8b9RvBTn37f+suNNKD73b7tuS0UGVJ
665oGqWuBUTOJAqZUE+J+JMv2cTgrljSe/9ddvsb4Wmw0ec5dx6xaCywyfjkgGzS
FeyC4Zr7vh860rtyvPv/OQSUAlArKQM4WBXtisBkJFzr2BcdxNQN3JWifYj3VTWH
dy6UAcyLdvE97zzUFqZf586/4mABl2GOpIH8927pOWePlry5JsiLD1xNDwSMYjpm
5RkkrVhrjbhp8g==
-----END CERTIFICATE-----