Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          HW67b/aIqAeB7HWXFjf9MNYEWBqLE0n4hpA1HUh0qrs=
Subject key identifier:   BC:49:54:0C:80:10:6E:4E:28:9B:54:42:B1:40:2D:9E:E5:AB:F4:37
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       019CAC46AAA41E08BF2A9E203CBA446C4FDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          051D
Signing time:             Mon 02 Mar 2026 02:00:38 +0000
Manifest this update:     Mon 02 Mar 2026 02:00:38 +0000
Manifest next update:     Tue 03 Mar 2026 02:00:38 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: SrfiWWBBqHjyg/168WUB3Gr4ak61NJDw47cQwgaeN5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:46:aa:a4:1e:08:bf:2a:9e:20:3c:ba:44:6c:4f:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Mar  2 02:00:38 2026 GMT
            Not After : Mar  3 02:00:38 2026 GMT
        Subject: CN=bc49540c80106e4e289b5442b1402d9ee5abf437
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4b:29:e3:3b:16:ed:f8:ff:ac:3f:aa:b4:6d:
                    27:57:62:16:80:70:57:86:51:7f:58:01:41:52:02:
                    d7:a4:12:24:a6:33:93:83:ef:ed:c2:52:5f:24:32:
                    7e:db:5c:5c:df:97:30:04:c4:05:c2:2c:82:d9:11:
                    3e:30:4c:f0:d1:58:da:a9:63:c6:16:90:a4:9a:af:
                    00:29:82:aa:4c:8e:e8:2e:a6:98:d0:a0:ae:9a:ca:
                    cd:5b:0c:41:8c:dc:60:91:01:56:89:31:21:a0:22:
                    fe:4a:9d:6e:b6:93:a3:f5:c0:0c:e3:f1:68:8f:2a:
                    b4:bf:4a:59:4e:c1:d9:80:ad:cd:ab:50:c0:12:73:
                    00:ef:2d:d1:f4:e7:f6:fe:52:7a:f1:07:72:5b:43:
                    f5:d5:e2:ce:44:48:0a:51:51:d8:9d:46:cb:76:db:
                    6d:0c:25:ab:a7:f8:e1:12:86:3f:6a:c1:3f:02:ba:
                    44:d0:63:30:0d:7a:13:08:2c:b6:a2:a6:6e:99:ac:
                    e7:0c:75:27:02:a2:3b:c7:07:23:a0:f8:73:b1:5e:
                    49:13:74:5c:46:31:44:af:ee:04:85:c5:db:ec:cc:
                    8e:7a:68:91:63:9f:a4:df:a0:f2:a2:af:70:12:f6:
                    a6:eb:31:94:d0:49:21:3a:99:d4:37:bc:a1:37:25:
                    63:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:49:54:0C:80:10:6E:4E:28:9B:54:42:B1:40:2D:9E:E5:AB:F4:37
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:ff:03:96:ee:e7:dd:4e:3c:8e:00:a4:32:cf:b9:ee:89:03:
         4c:2d:95:18:d9:9a:f8:ce:c5:35:90:4a:6e:cb:2b:95:80:59:
         25:7a:a2:7f:83:08:e6:05:c4:a6:3f:aa:ba:02:b0:dc:0f:0c:
         67:db:4d:84:f5:84:84:90:44:ed:a6:55:d6:11:9b:1e:22:01:
         24:ba:90:68:eb:12:e5:14:0d:9f:89:74:c3:52:dc:c5:0f:e2:
         b2:82:e5:62:28:5f:eb:87:5b:81:40:62:3d:70:3e:33:6f:10:
         d7:f9:f1:55:0a:66:bb:15:48:6a:72:19:98:7b:05:53:fa:30:
         92:e6:43:05:c4:9e:78:03:aa:5e:99:97:b9:84:bd:47:d1:91:
         88:52:62:20:0b:c4:6a:08:88:b9:af:19:e4:49:de:7a:09:cb:
         25:54:6d:06:97:ce:1a:3d:4b:4e:dd:2a:51:5b:b3:2b:4c:b1:
         45:d2:16:a4:37:98:89:4a:a4:84:41:8d:4a:ed:36:46:1d:9c:
         e9:98:68:28:59:eb:5e:d2:2d:a2:89:81:9f:21:d8:26:14:22:
         db:24:36:cb:d7:a7:5b:92:e1:f0:93:b4:b6:9d:d3:40:35:60:
         13:4a:37:e2:dd:60:4f:cd:01:b7:e9:fe:fa:24:9b:94:4a:4b:
         44:18:ca:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRqqkHgi/Kp4gPLpEbE/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjYwMzAyMDIwMDM4WhcNMjYwMzAzMDIwMDM4WjAzMTEwLwYDVQQD
EyhiYzQ5NTQwYzgwMTA2ZTRlMjg5YjU0NDJiMTQwMmQ5ZWU1YWJmNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEsp4zsW7fj/rD+qtG0nV2IWgHBX
hlF/WAFBUgLXpBIkpjOTg+/twlJfJDJ+21xc35cwBMQFwiyC2RE+MEzw0VjaqWPG
FpCkmq8AKYKqTI7oLqaY0KCumsrNWwxBjNxgkQFWiTEhoCL+Sp1utpOj9cAM4/Fo
jyq0v0pZTsHZgK3Nq1DAEnMA7y3R9Of2/lJ68QdyW0P11eLOREgKUVHYnUbLdttt
DCWrp/jhEoY/asE/ArpE0GMwDXoTCCy2oqZumaznDHUnAqI7xwcjoPhzsV5JE3Rc
RjFEr+4EhcXb7MyOemiRY5+k36Dyoq9wEvam6zGU0EkhOpnUN7yhNyVjqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxJVAyAEG5OKJtUQrFALZ7lq/Q3MB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkv8Dlu7n
3U48jgCkMs+57okDTC2VGNma+M7FNZBKbssrlYBZJXqif4MI5gXEpj+qugKw3A8M
Z9tNhPWEhJBE7aZV1hGbHiIBJLqQaOsS5RQNn4l0w1LcxQ/isoLlYihf64dbgUBi
PXA+M28Q1/nxVQpmuxVIanIZmHsFU/owkuZDBcSeeAOqXpmXuYS9R9GRiFJiIAvE
agiIua8Z5EneegnLJVRtBpfOGj1LTt0qUVuzK0yxRdIWpDeYiUqkhEGNSu02Rh2c
6ZhoKFnrXtItoomBnyHYJhQi2yQ2y9enW5Lh8JO0tp3TQDVgE0o34t1gT80Bt+n+
+iSblEpLRBjK2A==
-----END CERTIFICATE-----