Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          PjuY0bLyHbSkcEYoJAbqHF2h7NE79ITBPPBotrkKoLE=
Subject key identifier:   89:EF:6E:54:29:5F:CE:4A:D6:B4:63:6E:2F:46:32:E3:0D:DB:BA:80
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019D265F6A18F8480A31A4BC708E3EC5BAB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 19:01:20 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:20 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:20 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: bz4vCGNGOxutSvvswnB26KhNcs0DZBE+Wxir02ALocQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:6a:18:f8:48:0a:31:a4:bc:70:8e:3e:c5:ba:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Mar 25 19:01:20 2026 GMT
            Not After : Mar 26 19:01:20 2026 GMT
        Subject: CN=89ef6e54295fce4ad6b4636e2f4632e30ddbba80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:9a:dd:ae:9a:11:18:02:8f:28:e3:c5:37:ac:
                    83:9f:8b:38:ed:86:22:68:2b:3a:de:91:08:9e:16:
                    77:20:eb:2c:3d:a3:07:08:64:bb:7b:08:a2:d0:0d:
                    5f:e5:05:94:d5:09:a0:3e:4a:82:91:98:76:6b:c5:
                    ce:96:20:8c:c7:63:85:94:75:cf:1e:55:97:74:ec:
                    b0:2d:d1:fc:b8:56:ab:7d:7b:11:ae:be:5a:be:c2:
                    20:22:e7:f8:76:5a:0c:45:48:af:46:ed:29:77:84:
                    20:d9:fa:71:ec:97:3f:e2:19:65:ea:bc:ee:8f:dd:
                    47:56:2f:5d:b9:0f:de:97:2c:2f:a3:0a:2b:0c:18:
                    b1:49:4d:d9:b7:47:0e:e4:af:a0:c7:8e:d6:f0:3c:
                    0f:34:2e:36:08:06:92:fc:4a:ff:2d:d1:c5:41:9d:
                    30:c8:72:03:92:79:3d:39:ec:27:d1:cd:8a:0c:c5:
                    f2:1c:39:6a:73:0a:e4:85:37:37:fd:77:b9:56:0d:
                    6b:42:63:fe:03:b4:7a:9f:ad:68:96:f4:e8:15:b0:
                    40:6b:88:23:4f:0c:aa:4d:2d:00:8a:4f:07:75:92:
                    55:8a:86:8c:08:a7:31:f7:95:5e:fe:72:e7:76:62:
                    55:34:d5:ec:47:46:33:84:ee:b3:9b:7f:e4:0a:a7:
                    ac:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:EF:6E:54:29:5F:CE:4A:D6:B4:63:6E:2F:46:32:E3:0D:DB:BA:80
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:cd:7c:1a:66:31:32:87:35:45:98:eb:f6:73:5e:dc:4b:13:
         a9:50:4e:c2:ea:21:0e:c2:43:b2:8c:1b:14:9a:60:35:29:df:
         1d:fd:41:4d:3d:d6:9f:64:06:81:86:ae:eb:b7:b9:f9:5b:37:
         21:cb:39:3d:d7:5d:47:20:6c:6b:05:dd:b3:71:7a:05:79:56:
         85:cd:6c:44:a9:7c:02:f2:63:5e:c3:1e:8c:f4:04:79:94:d4:
         bf:50:4a:7b:70:ca:87:39:a8:25:09:1d:86:42:52:fb:b6:eb:
         cf:0f:f8:9c:8d:83:0e:f6:b3:a2:6c:fa:b1:5f:0c:2f:de:95:
         80:9d:a3:26:09:f4:1b:e1:36:ce:35:03:dd:d1:91:39:fc:ee:
         c4:02:dc:86:c3:74:38:27:c6:ad:eb:93:78:6c:24:ab:71:b9:
         51:65:76:df:06:be:3f:40:f5:d5:40:5a:d4:2d:9d:04:40:56:
         7b:35:26:32:32:06:cf:53:b5:ef:85:12:8e:7d:04:6c:ad:ca:
         5b:86:12:1b:49:05:e4:11:81:7f:9b:c4:ca:ae:56:66:e9:ea:
         8e:5f:3c:c6:bc:24:88:bb:2c:39:5b:11:78:87:d0:3b:65:f9:
         b6:28:51:78:fc:ac:b1:42:3d:3d:7a:9a:8b:96:db:15:f8:9a:
         b8:18:7e:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX2oY+EgKMaS8cI4+xbq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjYwMzI1MTkwMTIwWhcNMjYwMzI2MTkwMTIwWjAzMTEwLwYDVQQD
Eyg4OWVmNmU1NDI5NWZjZTRhZDZiNDYzNmUyZjQ2MzJlMzBkZGJiYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5rdrpoRGAKPKOPFN6yDn4s47YYi
aCs63pEInhZ3IOssPaMHCGS7ewii0A1f5QWU1QmgPkqCkZh2a8XOliCMx2OFlHXP
HlWXdOywLdH8uFarfXsRrr5avsIgIuf4dloMRUivRu0pd4Qg2fpx7Jc/4hll6rzu
j91HVi9duQ/elywvoworDBixSU3Zt0cO5K+gx47W8DwPNC42CAaS/Er/LdHFQZ0w
yHIDknk9Oewn0c2KDMXyHDlqcwrkhTc3/Xe5Vg1rQmP+A7R6n61olvToFbBAa4gj
TwyqTS0Aik8HdZJVioaMCKcx95Ve/nLndmJVNNXsR0YzhO6zm3/kCqesowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFInvblQpX85K1rRjbi9GMuMN27qAMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuM18GmYx
Moc1RZjr9nNe3EsTqVBOwuohDsJDsowbFJpgNSnfHf1BTT3Wn2QGgYau67e5+Vs3
Ics5PdddRyBsawXds3F6BXlWhc1sRKl8AvJjXsMejPQEeZTUv1BKe3DKhzmoJQkd
hkJS+7brzw/4nI2DDvazomz6sV8ML96VgJ2jJgn0G+E2zjUD3dGROfzuxALchsN0
OCfGreuTeGwkq3G5UWV23wa+P0D11UBa1C2dBEBWezUmMjIGz1O174USjn0EbK3K
W4YSG0kF5BGBf5vEyq5WZunqjl88xrwkiLssOVsReIfQO2X5tihRePyssUI9PXqa
i5bbFfiauBh+CQ==
-----END CERTIFICATE-----