Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          nJEH1UGhC8Dh3Pu2DlCGF25lGMVkTKQiOH9PfHBmx6M=
Subject key identifier:   FD:51:FF:C6:91:16:42:EB:96:13:4A:E1:85:7E:3F:3B:06:97:1E:61
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       019D25835BAB38494112CAB46E46E576FE14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          187F
Signing time:             Wed 25 Mar 2026 15:00:58 +0000
Manifest this update:     Wed 25 Mar 2026 15:00:58 +0000
Manifest next update:     Thu 26 Mar 2026 15:00:58 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: 35nd2pHerVzOzJyRWrEbbYwTn0LnrV7VUsFZWfD9/o0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:83:5b:ab:38:49:41:12:ca:b4:6e:46:e5:76:fe:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: Mar 25 15:00:58 2026 GMT
            Not After : Mar 26 15:00:58 2026 GMT
        Subject: CN=fd51ffc6911642eb96134ae1857e3f3b06971e61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:8c:21:22:74:35:df:32:b1:3a:5e:9b:aa:b2:
                    84:06:79:4b:aa:60:32:aa:df:46:7c:0c:0f:da:77:
                    86:04:27:f9:03:1b:5b:1e:3f:c5:f3:f8:f2:a3:bf:
                    93:f2:3f:83:80:4f:43:13:c8:b5:92:96:9a:00:e9:
                    8b:f4:80:ea:44:e5:47:7e:20:91:0a:d4:58:25:fe:
                    4c:6d:0f:43:5d:6f:c4:45:65:f1:a9:ca:2a:6d:dd:
                    de:8d:f0:36:b6:81:48:fe:16:30:cd:b5:6b:bc:c6:
                    00:7d:e3:05:48:97:d9:87:7e:19:42:6a:fe:ac:37:
                    aa:20:d1:77:ca:78:e7:f9:6a:a6:0e:a0:8a:5c:be:
                    20:30:16:27:c5:6f:1e:25:30:bc:17:b9:36:a8:b1:
                    82:a0:84:7c:a5:9e:ca:35:02:57:4e:98:27:96:df:
                    28:dc:3a:78:c0:8c:54:52:4c:96:66:51:37:5b:99:
                    49:f1:06:59:95:49:f5:b1:6d:46:d5:6e:57:a5:b6:
                    70:63:51:7e:03:2a:38:56:37:de:33:56:10:bf:66:
                    9e:09:6f:26:08:ca:3f:d3:94:ea:46:e9:25:7e:30:
                    5b:23:06:8b:a7:e4:4d:f1:5f:01:c9:7c:e2:72:46:
                    e1:37:64:fd:56:1d:cb:1c:b1:6a:bb:e6:68:b7:0e:
                    b3:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:51:FF:C6:91:16:42:EB:96:13:4A:E1:85:7E:3F:3B:06:97:1E:61
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:7b:07:25:35:e3:56:2e:28:a9:29:b3:af:e8:e4:43:4e:b7:
         59:28:af:2e:01:79:8f:47:25:84:f7:dd:08:f3:68:ec:4b:96:
         48:15:dd:b0:cb:91:e3:cd:13:fa:f7:78:ee:62:5b:64:ef:49:
         64:0c:55:2c:2f:3f:49:cd:d4:84:b7:2c:1b:94:7a:e4:6d:c4:
         1d:ff:58:21:37:69:b2:ea:7c:5e:6c:15:87:b0:ae:2a:88:f8:
         cb:a7:6e:f5:27:3c:28:60:8d:0d:28:ae:aa:dd:db:66:c9:69:
         61:d7:22:1b:5f:59:20:25:b2:10:ec:a0:fe:6f:0f:7e:ee:a8:
         b7:a3:6a:f7:4f:42:d0:2a:6e:a3:2f:db:83:0e:c1:c9:74:00:
         51:66:58:27:f1:e6:96:ef:94:59:e8:73:c6:a2:98:51:75:2a:
         9d:35:f6:dd:4a:86:59:99:63:49:a8:6f:f2:79:44:16:7e:c8:
         ba:cc:4b:85:f2:ec:29:eb:2b:cd:4e:2f:0a:9c:24:3f:3a:f6:
         73:67:da:80:2a:78:e4:c4:00:97:53:0c:68:b3:48:aa:1f:06:
         a2:e1:4d:9e:41:01:44:d1:58:3e:74:65:99:0b:2e:f2:e1:4a:
         6b:68:9a:f4:35:23:d2:1d:14:70:62:5b:4f:f5:f3:03:5c:31:
         ed:da:e5:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lg1urOElBEsq0bkbldv4UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjYwMzI1MTUwMDU4WhcNMjYwMzI2MTUwMDU4WjAzMTEwLwYDVQQD
EyhmZDUxZmZjNjkxMTY0MmViOTYxMzRhZTE4NTdlM2YzYjA2OTcxZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4whInQ13zKxOl6bqrKEBnlLqmAy
qt9GfAwP2neGBCf5AxtbHj/F8/jyo7+T8j+DgE9DE8i1kpaaAOmL9IDqROVHfiCR
CtRYJf5MbQ9DXW/ERWXxqcoqbd3ejfA2toFI/hYwzbVrvMYAfeMFSJfZh34ZQmr+
rDeqINF3ynjn+WqmDqCKXL4gMBYnxW8eJTC8F7k2qLGCoIR8pZ7KNQJXTpgnlt8o
3Dp4wIxUUkyWZlE3W5lJ8QZZlUn1sW1G1W5XpbZwY1F+Ayo4VjfeM1YQv2aeCW8m
CMo/05TqRuklfjBbIwaLp+RN8V8ByXzickbhN2T9Vh3LHLFqu+Zotw6zIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1R/8aRFkLrlhNK4YV+PzsGlx5hMB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnsHJTXj
Vi4oqSmzr+jkQ063WSivLgF5j0clhPfdCPNo7EuWSBXdsMuR480T+vd47mJbZO9J
ZAxVLC8/Sc3UhLcsG5R65G3EHf9YITdpsup8XmwVh7CuKoj4y6du9Sc8KGCNDSiu
qt3bZslpYdciG19ZICWyEOyg/m8Pfu6ot6Nq909C0Cpuoy/bgw7ByXQAUWZYJ/Hm
lu+UWehzxqKYUXUqnTX23UqGWZljSahv8nlEFn7IusxLhfLsKesrzU4vCpwkPzr2
c2fagCp45MQAl1MMaLNIqh8GouFNnkEBRNFYPnRlmQsu8uFKa2ia9DUj0h0UcGJb
T/XzA1wx7drl5A==
-----END CERTIFICATE-----