Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
File:                     HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json)
Hash identifier:          oTawcYGaOig5WbgleOVt0Bzmd00G04ijO48HJxd3Epw=
Subject key identifier:   5A:52:BC:F7:3A:9C:B5:88:8A:57:29:29:BD:00:75:54:AB:1D:BA:8A
Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71
Certificate issuer:       /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
Certificate serial:       019D9AE264698A9C85C49292157CA0B843DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
Manifest number:          06F6
Signing time:             Fri 17 Apr 2026 10:00:21 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:21 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:21 +0000
Files and hashes:         1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: zIqFGxJIBG6bhiY8J9uKLjUH7nW0B7LzefypYA9DSaU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:64:69:8a:9c:85:c4:92:92:15:7c:a0:b8:43:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
        Validity
            Not Before: Apr 17 10:00:21 2026 GMT
            Not After : Apr 18 10:00:21 2026 GMT
        Subject: CN=5a52bcf73a9cb5888a572929bd007554ab1dba8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d6:64:31:79:20:42:50:e2:74:3c:e9:63:bb:
                    ce:39:97:49:a4:12:12:2e:51:f6:dc:5e:51:c4:7d:
                    ce:02:b2:77:aa:01:0e:d5:aa:0f:93:a8:df:12:1b:
                    93:e8:3f:55:7c:f1:bb:a7:b8:8a:b0:9a:ac:38:83:
                    67:ed:05:c4:17:1c:1d:c9:94:f1:bb:27:ce:ce:8e:
                    10:f5:87:3d:78:aa:be:63:28:fa:c9:e4:bf:32:31:
                    96:fe:53:d7:c0:18:99:50:8c:e6:87:53:15:ca:5f:
                    ed:00:3f:48:fc:0d:c5:33:83:ef:8f:a7:f0:73:5d:
                    b8:fd:54:23:c2:a2:2f:0b:fb:74:64:b0:55:76:29:
                    a0:fe:21:6d:12:50:99:fe:00:c5:93:01:0f:c4:3b:
                    fa:6e:c9:f3:6e:cc:db:d5:ed:c4:b5:6a:fe:58:89:
                    8b:33:a3:74:e1:b7:34:d6:60:2f:41:62:d0:1e:95:
                    e5:a1:ce:8c:c4:01:6c:6f:f5:cb:1a:fa:0b:5a:c8:
                    8e:2f:0c:0b:85:bf:65:a3:5b:c5:59:87:f7:96:1b:
                    bf:13:49:45:dc:86:52:6f:f9:18:5d:89:84:82:bb:
                    e1:85:6d:64:96:cb:89:dd:23:56:b2:76:d7:89:2b:
                    13:70:35:20:6f:c5:d1:96:cd:4c:8b:bc:52:fe:39:
                    fa:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:52:BC:F7:3A:9C:B5:88:8A:57:29:29:BD:00:75:54:AB:1D:BA:8A
            X509v3 Authority Key Identifier:
                keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:8c:74:45:08:eb:7c:aa:f8:5f:55:de:34:9c:e3:a2:8e:dc:
         c5:71:c0:ae:79:a0:f8:72:83:d0:16:f3:75:af:97:f6:ad:53:
         ba:20:09:76:60:5c:cb:d1:7e:c6:ea:d9:d2:66:53:57:cf:cb:
         9f:87:9b:e3:db:7b:97:0d:60:85:9a:5b:f3:e9:ee:0b:23:12:
         3a:e2:73:a8:85:38:95:cd:8f:82:0b:fb:aa:03:7d:bf:de:12:
         5b:fc:98:a7:84:78:43:a5:45:9a:27:f8:06:0d:0f:21:57:dc:
         9f:08:7e:75:45:b2:9c:d6:a5:69:f5:62:f0:35:ff:a8:36:ca:
         cb:7b:e7:88:1a:0a:c2:b2:38:e8:83:f0:0f:54:a8:26:dd:dc:
         f8:31:2e:93:13:1b:cb:07:5e:aa:4b:58:da:a3:96:b5:fc:a0:
         55:de:fd:92:f2:b0:5b:f2:94:a0:a3:60:14:7d:c2:ef:f1:3c:
         78:ce:13:51:1f:50:6f:62:70:ab:ab:4a:b0:c0:7c:6f:5b:e0:
         b7:ef:46:5f:5b:58:95:87:4e:c7:18:57:ed:47:f9:69:5d:a7:
         96:46:0d:ce:0f:f1:b8:57:fc:94:c9:42:63:bf:b6:54:af:86:
         52:25:1c:2b:a1:13:4b:53:6c:97:da:9c:2e:3d:19:b1:71:09:
         1e:d3:ae:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4mRpipyFxJKSFXyguEPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx
MzI4NzEwHhcNMjYwNDE3MTAwMDIxWhcNMjYwNDE4MTAwMDIxWjAzMTEwLwYDVQQD
Eyg1YTUyYmNmNzNhOWNiNTg4OGE1NzI5MjliZDAwNzU1NGFiMWRiYThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltZkMXkgQlDidDzpY7vOOZdJpBIS
LlH23F5RxH3OArJ3qgEO1aoPk6jfEhuT6D9VfPG7p7iKsJqsOINn7QXEFxwdyZTx
uyfOzo4Q9Yc9eKq+Yyj6yeS/MjGW/lPXwBiZUIzmh1MVyl/tAD9I/A3FM4Pvj6fw
c124/VQjwqIvC/t0ZLBVdimg/iFtElCZ/gDFkwEPxDv6bsnzbszb1e3EtWr+WImL
M6N04bc01mAvQWLQHpXloc6MxAFsb/XLGvoLWsiOLwwLhb9lo1vFWYf3lhu/E0lF
3IZSb/kYXYmEgrvhhW1klsuJ3SNWsnbXiSsTcDUgb8XRls1Mi7xS/jn6dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpSvPc6nLWIilcpKb0AdVSrHbqKMB8GA1UdIwQY
MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt
NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl
LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJox0RQjr
fKr4X1XeNJzjoo7cxXHArnmg+HKD0Bbzda+X9q1TuiAJdmBcy9F+xurZ0mZTV8/L
n4eb49t7lw1ghZpb8+nuCyMSOuJzqIU4lc2Pggv7qgN9v94SW/yYp4R4Q6VFmif4
Bg0PIVfcnwh+dUWynNalafVi8DX/qDbKy3vniBoKwrI46IPwD1SoJt3c+DEukxMb
ywdeqktY2qOWtfygVd79kvKwW/KUoKNgFH3C7/E8eM4TUR9Qb2Jwq6tKsMB8b1vg
t+9GX1tYlYdOxxhX7Uf5aV2nlkYNzg/xuFf8lMlCY7+2VK+GUiUcK6ETS1Nsl9qc
Lj0ZsXEJHtOukw==
-----END CERTIFICATE-----