Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
File:                     hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft (raw, json)
Hash identifier:          dzp01b7zWIiek9+2Wt0ABTXoWr/Dvxex6re6lSntl+c=
Subject key identifier:   1A:98:FA:D6:40:71:C1:24:A5:77:DF:84:93:CB:CA:6E:7A:57:60:D9
Authority key identifier: 86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE
Certificate issuer:       /CN=8649aa4b328735536d27c168cdbf4ea177701dce
Certificate serial:       019D265F393489CDDF12F6325EC7155EA2D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 19:01:07 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:07 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:07 +0000
Files and hashes:         1: hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl (hash: DZ3ADeURsxC59uTKaXRhh8zBsuojp0rrB+n57/YUHHk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:39:34:89:cd:df:12:f6:32:5e:c7:15:5e:a2:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8649aa4b328735536d27c168cdbf4ea177701dce
        Validity
            Not Before: Mar 25 19:01:07 2026 GMT
            Not After : Mar 26 19:01:07 2026 GMT
        Subject: CN=1a98fad64071c124a577df8493cbca6e7a5760d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:21:e0:42:cf:d3:ba:d6:c6:7d:bc:e3:b6:3c:
                    de:72:a8:a4:24:42:ae:9b:20:14:31:25:fa:af:83:
                    f9:65:4b:77:f0:e6:f6:89:b5:e6:0b:83:f9:c2:3b:
                    98:f7:03:6f:80:15:ea:4c:a7:38:1d:58:7f:5c:03:
                    ca:c9:a4:fb:e3:ee:24:c9:68:da:b9:f7:b5:9b:44:
                    de:5d:be:35:b9:90:c4:e2:dc:7f:88:54:fd:13:3a:
                    b5:99:fa:d9:c7:5b:4c:3d:2b:88:ac:e8:86:f5:2f:
                    de:df:7e:4b:72:19:61:17:26:f3:35:84:a2:11:14:
                    fd:12:4b:5a:dc:42:f6:f0:5c:d6:b3:0a:9e:22:ca:
                    0e:6a:8e:09:18:01:b9:6c:f9:dc:19:7e:2f:28:a6:
                    0a:65:57:ef:12:b7:71:90:4e:01:2c:eb:0f:bd:29:
                    f3:56:a5:77:e1:d9:23:37:ed:96:ae:16:bd:35:17:
                    03:b0:fd:35:71:23:4a:1f:73:70:63:86:dd:80:41:
                    c0:f8:f5:2a:11:d9:da:b9:f9:48:ca:2c:65:5c:19:
                    99:5e:e3:c3:06:6c:81:00:26:19:c4:20:f2:f6:be:
                    2d:85:1f:f0:81:83:60:51:11:06:f8:d8:b4:68:bf:
                    7d:57:df:b6:37:4e:17:b9:1a:f6:b9:0b:3a:25:ea:
                    69:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:98:FA:D6:40:71:C1:24:A5:77:DF:84:93:CB:CA:6E:7A:57:60:D9
            X509v3 Authority Key Identifier:
                keyid:86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:09:51:83:9b:6f:2d:47:1a:59:f6:ba:3c:12:06:af:2a:81:
         fc:ca:32:19:84:f3:69:b4:b5:55:0b:72:86:50:5f:92:c8:e7:
         59:8e:00:cf:e7:b7:ab:8b:e2:c9:c7:3d:6c:cd:a2:dd:75:67:
         25:e5:e4:98:76:51:06:0d:6e:cc:fd:08:51:8c:11:0c:d3:21:
         f5:4f:0d:3d:84:08:8a:53:83:90:8d:9e:66:88:23:4e:f4:18:
         dd:1e:f9:50:71:8a:45:48:31:b6:0b:31:ee:50:d3:a7:55:c6:
         35:83:1f:3a:1b:37:25:a7:7e:49:9f:42:95:5a:26:5c:40:a0:
         67:22:64:e6:b6:e1:69:7f:a8:c3:54:92:f1:a1:dd:31:3e:69:
         df:8b:dd:2d:f1:e2:40:d9:00:ac:ff:0f:82:f4:0d:ad:5c:80:
         08:cf:64:cf:e0:37:2e:66:6d:7d:a6:0b:87:be:68:5d:b2:78:
         b7:09:1e:4f:47:0a:bf:62:c6:7c:53:3e:aa:3e:5f:cf:75:ee:
         98:76:cb:d4:b5:d5:42:07:d0:28:7e:e6:5b:eb:24:61:0c:c0:
         e6:2a:89:38:73:38:c1:98:32:f0:ec:01:14:fc:d7:bc:35:4b:
         90:02:a0:dd:e0:f3:45:d3:ce:2c:9d:60:95:ed:fa:2d:86:eb:
         3f:d7:db:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXzk0ic3fEvYyXscVXqLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDlhYTRiMzI4NzM1NTM2ZDI3YzE2OGNkYmY0ZWExNzc3
MDFkY2UwHhcNMjYwMzI1MTkwMTA3WhcNMjYwMzI2MTkwMTA3WjAzMTEwLwYDVQQD
EygxYTk4ZmFkNjQwNzFjMTI0YTU3N2RmODQ5M2NiY2E2ZTdhNTc2MGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCHgQs/TutbGfbzjtjzecqikJEKu
myAUMSX6r4P5ZUt38Ob2ibXmC4P5wjuY9wNvgBXqTKc4HVh/XAPKyaT74+4kyWja
ufe1m0TeXb41uZDE4tx/iFT9Ezq1mfrZx1tMPSuIrOiG9S/e335LchlhFybzNYSi
ERT9Ekta3EL28FzWswqeIsoOao4JGAG5bPncGX4vKKYKZVfvErdxkE4BLOsPvSnz
VqV34dkjN+2Wrha9NRcDsP01cSNKH3NwY4bdgEHA+PUqEdnauflIyixlXBmZXuPD
BmyBACYZxCDy9r4thR/wgYNgUREG+Ni0aL99V9+2N04XuRr2uQs6JeppBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqY+tZAccEkpXffhJPLym56V2DZMB8GA1UdIwQY
MBaAFIZJqksyhzVTbSfBaM2/TqF3cB3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMt
MTlmMWRhYjJkMWI0LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMtMTlmMWRhYjJkMWI0
LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkglRg5tv
LUcaWfa6PBIGryqB/MoyGYTzabS1VQtyhlBfksjnWY4Az+e3q4viycc9bM2i3XVn
JeXkmHZRBg1uzP0IUYwRDNMh9U8NPYQIilODkI2eZogjTvQY3R75UHGKRUgxtgsx
7lDTp1XGNYMfOhs3Jad+SZ9ClVomXECgZyJk5rbhaX+ow1SS8aHdMT5p34vdLfHi
QNkArP8PgvQNrVyACM9kz+A3LmZtfaYLh75oXbJ4twkeT0cKv2LGfFM+qj5fz3Xu
mHbL1LXVQgfQKH7mW+skYQzA5iqJOHM4wZgy8OwBFPzXvDVLkAKg3eDzRdPOLJ1g
le36LYbrP9fbmA==
-----END CERTIFICATE-----