Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
File:                     hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft (raw, json)
Hash identifier:          PBX3C6a+lRIRQweBgoVlBxm2g07OS7zAyRL1xuE2HN0=
Subject key identifier:   8D:9D:CD:14:01:25:00:C2:D4:B0:B9:B2:35:DD:D2:D7:60:0D:09:C3
Authority key identifier: 87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F
Certificate issuer:       /CN=8738bf1cc1381678038ef5da67642398e3d9819f
Certificate serial:       019D27A939C38F1E89EBBF8F26ABF1778120
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
Manifest number:          03D2
Signing time:             Thu 26 Mar 2026 01:01:34 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:34 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:34 +0000
Files and hashes:         1: hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl (hash: iO4pzO6qi5/ukCfriij83fBYebaVuOKNKuWETA8RoTk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a9:39:c3:8f:1e:89:eb:bf:8f:26:ab:f1:77:81:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8738bf1cc1381678038ef5da67642398e3d9819f
        Validity
            Not Before: Mar 26 01:01:34 2026 GMT
            Not After : Mar 27 01:01:34 2026 GMT
        Subject: CN=8d9dcd14012500c2d4b0b9b235ddd2d7600d09c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:4f:be:b1:26:2d:c4:4b:f8:1a:e7:05:07:67:
                    82:cb:39:fe:25:a8:f5:d2:44:43:02:78:be:ea:5b:
                    10:b4:9d:62:a9:ef:1f:e7:52:4c:dd:74:5b:bd:b2:
                    92:5e:da:a9:5b:ea:d3:a3:94:6a:48:4d:33:3b:c9:
                    3b:87:d2:cd:a8:56:88:e4:e1:7e:d4:28:f5:bb:fd:
                    79:8f:51:49:bb:0d:71:6c:d1:29:c9:12:d3:01:7f:
                    4e:df:f8:39:c3:34:cc:bf:f5:79:bb:db:84:4c:c0:
                    de:b9:40:ae:2a:0e:16:9a:bb:c0:a7:5f:a1:1d:39:
                    0b:a4:dc:fe:c6:ca:6a:ee:53:8e:a2:c1:7e:1b:62:
                    3a:f0:f3:39:01:42:6b:d5:58:a3:4b:4e:b9:c8:ff:
                    5f:c4:8f:3f:e2:72:40:6f:b1:50:1d:59:65:5a:d5:
                    32:bf:86:c9:6b:aa:99:67:26:59:27:4a:92:a6:a7:
                    94:6e:87:4e:f9:2c:61:12:e0:ab:5b:43:55:58:15:
                    ca:12:e1:56:f0:cd:87:8c:45:ff:af:aa:29:ae:90:
                    1c:df:83:f5:4a:e5:be:06:43:91:db:b8:7e:ce:f2:
                    df:88:01:6b:56:70:ae:0f:2a:13:2f:1f:fd:da:cc:
                    6c:c7:ef:87:ba:a8:2c:28:50:37:ad:6c:0a:75:50:
                    2b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:9D:CD:14:01:25:00:C2:D4:B0:B9:B2:35:DD:D2:D7:60:0D:09:C3
            X509v3 Authority Key Identifier:
                keyid:87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:9b:52:a0:d5:31:47:64:cf:c3:bd:69:74:55:7a:38:da:89:
         52:29:aa:10:b8:55:22:3c:7c:0d:ab:ed:e6:16:f0:85:57:aa:
         5f:f4:04:c3:58:77:39:e4:a4:30:2f:10:07:02:5f:ae:e2:c5:
         ff:d5:d3:ac:a7:d5:64:a3:c8:b9:1e:cb:77:2b:09:a1:8a:ed:
         58:c2:cf:28:23:54:7a:d4:f4:41:b2:85:26:25:97:92:6f:a6:
         31:1b:7b:e9:0f:98:93:06:ef:75:09:3b:5e:19:6e:ac:7e:9d:
         28:cb:13:5c:31:fd:89:93:82:ec:9f:b8:40:c9:29:52:e3:97:
         d3:a1:5f:34:b8:08:9c:a8:64:e9:0b:ce:8b:24:fd:c1:31:1a:
         8d:02:28:33:31:a5:39:53:4d:da:4e:f6:33:ff:44:c8:1a:bd:
         53:c3:7c:d8:f8:c6:ea:c7:65:12:09:ff:ae:a2:d3:79:6a:b0:
         bf:a1:60:41:42:bd:5a:b0:8c:f8:d2:13:e7:11:43:74:e6:e1:
         bc:e6:72:38:dd:4d:e7:ab:19:17:a2:85:2a:6f:39:f5:5c:4c:
         87:41:02:49:07:c6:9b:f8:19:46:14:de:72:0f:4b:4a:92:98:
         10:94:14:c7:8c:f4:7a:f9:16:0f:a6:34:82:7a:22:02:67:d4:
         0f:72:bf:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqTnDjx6J67+PJqvxd4EgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MzhiZjFjYzEzODE2NzgwMzhlZjVkYTY3NjQyMzk4ZTNk
OTgxOWYwHhcNMjYwMzI2MDEwMTM0WhcNMjYwMzI3MDEwMTM0WjAzMTEwLwYDVQQD
Eyg4ZDlkY2QxNDAxMjUwMGMyZDRiMGI5YjIzNWRkZDJkNzYwMGQwOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjE++sSYtxEv4GucFB2eCyzn+Jaj1
0kRDAni+6lsQtJ1iqe8f51JM3XRbvbKSXtqpW+rTo5RqSE0zO8k7h9LNqFaI5OF+
1Cj1u/15j1FJuw1xbNEpyRLTAX9O3/g5wzTMv/V5u9uETMDeuUCuKg4WmrvAp1+h
HTkLpNz+xspq7lOOosF+G2I68PM5AUJr1VijS065yP9fxI8/4nJAb7FQHVllWtUy
v4bJa6qZZyZZJ0qSpqeUbodO+SxhEuCrW0NVWBXKEuFW8M2HjEX/r6oprpAc34P1
SuW+BkOR27h+zvLfiAFrVnCuDyoTLx/92sxsx++HuqgsKFA3rWwKdVArWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2dzRQBJQDC1LC5sjXd0tdgDQnDMB8GA1UdIwQY
MBaAFIc4vxzBOBZ4A4712mdkI5jj2YGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmIt
NTFmNzNjZDEyNWJmLzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmItNTFmNzNjZDEyNWJm
LzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY5tSoNUx
R2TPw71pdFV6ONqJUimqELhVIjx8Davt5hbwhVeqX/QEw1h3OeSkMC8QBwJfruLF
/9XTrKfVZKPIuR7LdysJoYrtWMLPKCNUetT0QbKFJiWXkm+mMRt76Q+YkwbvdQk7
XhlurH6dKMsTXDH9iZOC7J+4QMkpUuOX06FfNLgInKhk6QvOiyT9wTEajQIoMzGl
OVNN2k72M/9EyBq9U8N82PjG6sdlEgn/rqLTeWqwv6FgQUK9WrCM+NIT5xFDdObh
vOZyON1N56sZF6KFKm859VxMh0ECSQfGm/gZRhTecg9LSpKYEJQUx4z0evkWD6Y0
gnoiAmfUD3K/wg==
-----END CERTIFICATE-----