Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
File:                     HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json)
Hash identifier:          vj4/wM4FGFuCNAgDFrjCgusB8P8/hbnLjGWSdwP6+8c=
Subject key identifier:   1C:A8:3A:A0:9A:98:ED:ED:E4:81:BD:37:53:58:E7:AC:12:C7:A4:52
Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71
Certificate issuer:       /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
Certificate serial:       019CAD5A1521691FD6495282C45A8E604313
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
Manifest number:          067B
Signing time:             Mon 02 Mar 2026 07:01:27 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:27 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:27 +0000
Files and hashes:         1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: e+Mrb1HnHnbIqzb/vWVNBeLnud38PVppc3bmXgsooXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:15:21:69:1f:d6:49:52:82:c4:5a:8e:60:43:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
        Validity
            Not Before: Mar  2 07:01:27 2026 GMT
            Not After : Mar  3 07:01:27 2026 GMT
        Subject: CN=1ca83aa09a98edede481bd375358e7ac12c7a452
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:13:79:dd:45:e5:7c:14:3c:99:11:65:e9:9a:
                    0f:09:3b:22:f6:0b:49:8d:2b:53:31:a2:52:31:7a:
                    d1:5a:b7:60:b7:19:7c:23:ca:2b:90:8e:01:12:13:
                    72:52:ab:e4:7a:8f:e2:19:30:8f:24:d4:85:f7:77:
                    c3:97:23:5b:40:da:68:bb:d3:ea:c5:c8:98:b6:2b:
                    bf:90:6d:b2:82:a4:03:06:90:fe:b7:3c:36:2a:4b:
                    0f:ff:77:f7:f2:91:cd:89:92:18:3e:63:f5:82:62:
                    fa:f1:69:d5:65:20:58:a5:53:5f:35:28:d0:4c:00:
                    fa:20:d3:9b:94:9d:8c:f0:b7:c8:fa:ea:87:25:d6:
                    ab:7e:59:79:a7:19:bc:b4:08:a1:59:80:b2:fc:94:
                    33:0a:45:f0:21:db:88:a3:cf:8f:30:24:d5:3d:c1:
                    5f:e5:c6:58:50:25:ce:2d:fd:35:39:8f:81:63:ae:
                    db:06:81:a3:7b:b5:48:b8:53:8f:fe:ea:d7:09:ce:
                    dd:19:5f:2a:8b:00:db:3b:75:65:fb:e8:bf:38:c4:
                    65:c5:dd:2b:ed:b8:51:e1:cc:30:86:d3:1a:d5:aa:
                    f2:05:8f:27:6d:e6:1f:05:ff:2d:10:ee:3d:9c:8d:
                    ae:a8:92:7f:45:e6:9d:2c:8f:5e:36:3d:6d:ac:75:
                    a3:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:A8:3A:A0:9A:98:ED:ED:E4:81:BD:37:53:58:E7:AC:12:C7:A4:52
            X509v3 Authority Key Identifier:
                keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:d7:ee:4a:ae:7c:21:1c:fe:8e:1f:da:97:be:b3:68:33:0d:
         4c:f8:98:76:71:6d:35:2f:98:a2:a3:57:0b:89:e1:13:5d:a8:
         72:75:4d:0c:b5:0b:de:42:15:4a:65:76:3d:79:55:cb:1c:8e:
         53:87:3f:b8:62:3d:69:bd:bf:93:de:68:f9:99:5a:f4:b5:ba:
         7f:0b:ad:06:7b:9f:99:db:5b:d9:3f:81:e6:32:04:fe:5c:71:
         c0:1a:2a:25:0f:85:77:5d:80:ff:f4:fa:2a:29:20:b6:2a:d9:
         ed:16:34:bf:c0:1f:8e:80:a9:b7:fd:03:7d:6b:b4:27:cd:e2:
         a8:3f:01:ed:14:6d:f5:54:95:70:93:32:fa:54:0f:86:8e:3e:
         74:8b:db:cc:fe:58:25:fe:ec:e2:ed:51:20:49:f4:26:81:83:
         20:30:04:47:cb:cf:3f:b5:66:8a:85:79:9e:46:af:7e:7c:52:
         b3:e9:45:e3:ce:4d:f2:d9:d8:a1:2b:c8:14:f5:4f:65:10:4a:
         81:32:58:18:a5:87:fe:e8:83:d9:64:ea:5a:12:c0:fc:c5:1b:
         d6:b1:bc:b2:45:a3:0a:11:83:e7:6f:c2:91:73:e4:44:a7:04:
         6b:3c:6e:7e:dc:e3:a5:34:c4:d5:04:22:19:78:d2:f6:f5:f1:
         cb:33:b6:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWhUhaR/WSVKCxFqOYEMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx
MzI4NzEwHhcNMjYwMzAyMDcwMTI3WhcNMjYwMzAzMDcwMTI3WjAzMTEwLwYDVQQD
EygxY2E4M2FhMDlhOThlZGVkZTQ4MWJkMzc1MzU4ZTdhYzEyYzdhNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRN53UXlfBQ8mRFl6ZoPCTsi9gtJ
jStTMaJSMXrRWrdgtxl8I8orkI4BEhNyUqvkeo/iGTCPJNSF93fDlyNbQNpou9Pq
xciYtiu/kG2ygqQDBpD+tzw2KksP/3f38pHNiZIYPmP1gmL68WnVZSBYpVNfNSjQ
TAD6INOblJ2M8LfI+uqHJdarfll5pxm8tAihWYCy/JQzCkXwIduIo8+PMCTVPcFf
5cZYUCXOLf01OY+BY67bBoGje7VIuFOP/urXCc7dGV8qiwDbO3Vl++i/OMRlxd0r
7bhR4cwwhtMa1aryBY8nbeYfBf8tEO49nI2uqJJ/ReadLI9eNj1trHWjOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByoOqCamO3t5IG9N1NY56wSx6RSMB8GA1UdIwQY
MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt
NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl
LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMdfuSq58
IRz+jh/al76zaDMNTPiYdnFtNS+YoqNXC4nhE12ocnVNDLUL3kIVSmV2PXlVyxyO
U4c/uGI9ab2/k95o+Zla9LW6fwutBnufmdtb2T+B5jIE/lxxwBoqJQ+Fd12A//T6
KikgtirZ7RY0v8AfjoCpt/0DfWu0J83iqD8B7RRt9VSVcJMy+lQPho4+dIvbzP5Y
Jf7s4u1RIEn0JoGDIDAER8vPP7VmioV5nkavfnxSs+lF485N8tnYoSvIFPVPZRBK
gTJYGKWH/uiD2WTqWhLA/MUb1rG8skWjChGD52/CkXPkRKcEazxuftzjpTTE1QQi
GXjS9vXxyzO2ng==
-----END CERTIFICATE-----