Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          amWF1fdkMiy692PJSqgKUWPfeohDq056BpqhNfsh4j4=
Subject key identifier:   3E:5B:08:B0:6E:B7:E8:DB:B3:C0:21:BC:AF:73:50:22:DB:23:08:CA
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       019D265EEE8A9F015B4DD93FA2024602A0FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          06BB
Signing time:             Wed 25 Mar 2026 19:00:48 +0000
Manifest this update:     Wed 25 Mar 2026 19:00:48 +0000
Manifest next update:     Thu 26 Mar 2026 19:00:48 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: s8SU+gGM8CDr2bXSH7Yf17R2wS6VCXcK6CXfYdW7SgU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5e:ee:8a:9f:01:5b:4d:d9:3f:a2:02:46:02:a0:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Mar 25 19:00:48 2026 GMT
            Not After : Mar 26 19:00:48 2026 GMT
        Subject: CN=3e5b08b06eb7e8dbb3c021bcaf735022db2308ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:1f:86:e9:ea:4c:c3:91:d7:53:b5:58:57:cd:
                    86:ca:8a:77:2a:b7:37:76:b6:f4:db:b0:82:42:84:
                    ef:95:43:12:55:8b:c6:8a:15:30:f8:fb:15:25:13:
                    c2:ef:4d:ee:5e:9c:42:b4:b0:d0:9b:0a:f0:4b:e2:
                    c6:d6:8e:96:af:0b:1d:b5:f2:74:81:6c:b1:d9:63:
                    18:b2:f4:11:a7:56:5c:e0:4c:97:50:b4:97:7f:f5:
                    e4:73:68:45:77:c6:b8:4d:3f:81:1a:d6:a3:38:38:
                    54:b1:fa:1a:d9:34:b2:39:f7:6c:3c:67:74:81:99:
                    d7:b3:88:94:c3:3d:1c:0e:73:99:d3:08:21:6c:dc:
                    aa:eb:b0:4b:dd:a3:e3:be:42:e9:d5:d1:6a:7d:af:
                    05:63:a8:b1:16:e4:85:c6:d6:0c:48:53:4a:d2:42:
                    c2:58:6a:3b:df:b5:7a:df:69:14:67:34:c2:12:30:
                    00:f8:82:a8:39:7b:f6:c9:b4:bf:7c:06:75:ed:6b:
                    92:ab:1f:f4:72:3d:6a:5e:20:49:52:db:1f:f6:e6:
                    12:57:09:1f:6f:46:bd:65:76:47:69:ac:00:ac:12:
                    fd:9c:29:af:fa:98:55:31:e7:64:52:a2:e6:c0:d4:
                    a8:6f:d8:df:e6:01:66:2e:fe:63:76:a4:c0:7a:78:
                    6b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:5B:08:B0:6E:B7:E8:DB:B3:C0:21:BC:AF:73:50:22:DB:23:08:CA
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:14:a3:c1:68:dd:4b:ed:87:16:2d:cf:d1:54:10:6b:1c:0f:
         c8:db:44:1f:4a:a7:a7:8d:e8:5d:b4:d1:6d:e6:29:11:8a:da:
         be:24:2f:1e:f9:e6:e2:9a:99:3f:16:66:e7:90:6a:76:f5:2d:
         48:19:85:c2:2c:9c:b1:ff:2c:64:cc:4c:5b:56:cb:59:7a:62:
         1e:64:6f:02:eb:72:70:97:f1:5f:d1:ac:75:4b:6c:e9:13:9b:
         3d:f6:87:1a:0a:97:77:f4:57:0c:24:23:b9:33:7e:a3:33:75:
         c9:8a:75:19:e0:40:59:2f:fa:95:dc:98:eb:10:c1:f8:63:eb:
         cf:6d:ba:26:47:6b:b9:6a:dc:86:36:c4:5d:a6:7a:7e:88:9d:
         2a:29:0d:7a:83:0e:1b:df:df:1f:97:92:dd:3a:3a:36:8f:b9:
         cf:37:51:c4:26:f4:4a:c6:82:58:af:5e:78:f3:67:42:90:ce:
         e5:cb:89:02:5c:f3:05:09:14:58:3b:70:fa:a4:ed:ff:e7:f9:
         a3:0a:d3:30:59:21:0e:f9:d6:59:eb:a8:6d:cf:e6:ce:d8:a1:
         5d:d7:94:a9:91:00:69:09:c1:09:ee:1e:33:50:8a:e7:7c:a5:
         53:7b:b0:fc:83:73:df:9a:46:24:30:85:ea:fe:75:b1:a5:12:
         3d:53:82:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXu6KnwFbTdk/ogJGAqD8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjYwMzI1MTkwMDQ4WhcNMjYwMzI2MTkwMDQ4WjAzMTEwLwYDVQQD
EygzZTViMDhiMDZlYjdlOGRiYjNjMDIxYmNhZjczNTAyMmRiMjMwOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8x+G6epMw5HXU7VYV82Gyop3Krc3
drb027CCQoTvlUMSVYvGihUw+PsVJRPC703uXpxCtLDQmwrwS+LG1o6WrwsdtfJ0
gWyx2WMYsvQRp1Zc4EyXULSXf/Xkc2hFd8a4TT+BGtajODhUsfoa2TSyOfdsPGd0
gZnXs4iUwz0cDnOZ0wghbNyq67BL3aPjvkLp1dFqfa8FY6ixFuSFxtYMSFNK0kLC
WGo737V632kUZzTCEjAA+IKoOXv2ybS/fAZ17WuSqx/0cj1qXiBJUtsf9uYSVwkf
b0a9ZXZHaawArBL9nCmv+phVMedkUqLmwNSob9jf5gFmLv5jdqTAenhrKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5bCLBut+jbs8AhvK9zUCLbIwjKMB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARBSjwWjd
S+2HFi3P0VQQaxwPyNtEH0qnp43oXbTRbeYpEYraviQvHvnm4pqZPxZm55BqdvUt
SBmFwiycsf8sZMxMW1bLWXpiHmRvAutycJfxX9GsdUts6RObPfaHGgqXd/RXDCQj
uTN+ozN1yYp1GeBAWS/6ldyY6xDB+GPrz226JkdruWrchjbEXaZ6foidKikNeoMO
G9/fH5eS3To6No+5zzdRxCb0SsaCWK9eePNnQpDO5cuJAlzzBQkUWDtw+qTt/+f5
owrTMFkhDvnWWeuobc/mztihXdeUqZEAaQnBCe4eM1CK53ylU3uw/INz35pGJDCF
6v51saUSPVOCHA==
-----END CERTIFICATE-----