Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
File:                     HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft (raw, json)
Hash identifier:          vTf1XiVCjx3touqL/7sZNitteHUYru3mxc2dZ4ZPHC8=
Subject key identifier:   25:BE:AD:EC:95:AE:48:C5:E0:41:E2:F6:AD:E8:05:DE:BB:50:D6:3B
Authority key identifier: 1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50
Certificate issuer:       /CN=1c5353a86abd33b1a236e407ce469261d0636150
Certificate serial:       019D337565D1A5D7DCA0FD796A6FEF687766
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
Manifest number:          0B11
Signing time:             Sat 28 Mar 2026 08:00:24 +0000
Manifest this update:     Sat 28 Mar 2026 08:00:24 +0000
Manifest next update:     Sun 29 Mar 2026 08:00:24 +0000
Files and hashes:         1: HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl (hash: AiX8Ieb8J22NM2DPg+VlKSHlYND22p/hQN1jx7vsoSU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:75:65:d1:a5:d7:dc:a0:fd:79:6a:6f:ef:68:77:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5353a86abd33b1a236e407ce469261d0636150
        Validity
            Not Before: Mar 28 08:00:24 2026 GMT
            Not After : Mar 29 08:00:24 2026 GMT
        Subject: CN=25beadec95ae48c5e041e2f6ade805debb50d63b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:80:93:59:79:1d:f1:fc:3d:d1:57:71:0a:83:
                    19:e0:96:7d:cd:ab:0a:64:6e:26:00:1a:75:e9:b2:
                    39:2a:1f:d6:16:cd:d8:41:8b:f4:08:f4:1f:1d:fb:
                    59:af:be:c7:15:dc:46:12:1e:5d:71:be:ee:0d:0d:
                    23:d7:e0:51:cd:bd:8f:59:89:1c:5e:91:fb:b3:4a:
                    6c:3d:17:88:e9:01:7d:b8:4c:1a:7d:4e:c7:92:3a:
                    c0:e6:c2:db:c2:c2:36:97:8a:92:0c:09:72:17:65:
                    70:75:a2:50:77:64:79:71:1f:0a:4e:c1:e8:6a:b6:
                    20:20:13:9f:20:d5:24:a0:81:9f:80:2e:a9:d4:ac:
                    26:ab:c5:97:41:b0:e5:f4:d6:33:89:6d:70:59:6f:
                    19:cc:b1:a7:cd:67:01:22:2b:cf:c2:c2:42:a4:c4:
                    54:a4:1c:5d:12:56:b2:cd:0a:3c:67:12:a9:4c:8a:
                    b9:81:6e:f9:1b:e9:e0:05:80:a8:73:b7:07:3c:8e:
                    3c:1d:d7:c1:1c:8d:3d:a3:32:bb:e6:08:69:58:5f:
                    f4:94:c0:cf:5c:a4:97:51:a5:64:36:b2:63:d4:b2:
                    ca:52:dd:be:27:83:99:56:b2:be:a1:90:11:b4:a7:
                    fe:fa:8e:c5:68:bc:80:2f:e9:50:9b:d6:f5:00:fb:
                    87:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:BE:AD:EC:95:AE:48:C5:E0:41:E2:F6:AD:E8:05:DE:BB:50:D6:3B
            X509v3 Authority Key Identifier:
                keyid:1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:98:d6:27:53:bb:40:ec:b1:a9:5a:53:70:58:da:38:26:db:
         08:77:cd:9b:4a:7d:b7:45:f5:7e:0c:d2:c2:77:01:3a:72:45:
         e4:78:7a:75:89:20:e8:31:0f:13:0d:87:98:f5:1d:44:35:1b:
         e8:83:f8:d1:dc:73:12:34:30:18:8d:bf:8f:ab:59:e1:7d:bf:
         cd:7f:64:fa:80:32:9d:e9:4a:9b:99:cc:99:5d:e3:f4:b6:2f:
         82:97:34:d5:29:bd:43:ce:09:4d:27:e1:e3:c7:65:4d:ae:f5:
         03:83:f0:49:90:5b:a3:e4:f9:d1:38:53:b9:9d:31:e3:32:07:
         ab:f4:77:53:39:cc:78:8e:6a:a6:ee:a4:95:57:53:85:19:0c:
         8e:18:63:19:7e:c6:b4:27:42:85:d0:d3:d9:ab:51:25:f1:1e:
         a5:59:ce:98:6e:c3:b8:c7:8f:46:0f:6c:16:27:b8:1b:25:59:
         c8:24:6f:0c:0f:88:77:15:9c:05:98:02:6a:1d:75:57:4e:6d:
         1c:23:13:73:3a:bc:4d:1e:81:d9:39:90:3b:99:bb:b2:0d:d9:
         cc:e8:93:69:7f:70:9a:25:b3:1a:38:a5:2d:1c:68:2f:be:d7:
         41:c3:c4:3b:19:63:5d:69:8d:23:7e:20:19:66:01:be:55:12:
         ad:72:b2:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zdWXRpdfcoP15am/vaHdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTM1M2E4NmFiZDMzYjFhMjM2ZTQwN2NlNDY5MjYxZDA2
MzYxNTAwHhcNMjYwMzI4MDgwMDI0WhcNMjYwMzI5MDgwMDI0WjAzMTEwLwYDVQQD
EygyNWJlYWRlYzk1YWU0OGM1ZTA0MWUyZjZhZGU4MDVkZWJiNTBkNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4CTWXkd8fw90VdxCoMZ4JZ9zasK
ZG4mABp16bI5Kh/WFs3YQYv0CPQfHftZr77HFdxGEh5dcb7uDQ0j1+BRzb2PWYkc
XpH7s0psPReI6QF9uEwafU7HkjrA5sLbwsI2l4qSDAlyF2VwdaJQd2R5cR8KTsHo
arYgIBOfINUkoIGfgC6p1Kwmq8WXQbDl9NYziW1wWW8ZzLGnzWcBIivPwsJCpMRU
pBxdElayzQo8ZxKpTIq5gW75G+ngBYCoc7cHPI48HdfBHI09ozK75ghpWF/0lMDP
XKSXUaVkNrJj1LLKUt2+J4OZVrK+oZARtKf++o7FaLyAL+lQm9b1APuH9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCW+reyVrkjF4EHi9q3oBd67UNY7MB8GA1UdIwQY
MBaAFBxTU6hqvTOxojbkB85GkmHQY2FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMt
YzRlMThiOGJiMWNmLzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMtYzRlMThiOGJiMWNm
LzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn5jWJ1O7
QOyxqVpTcFjaOCbbCHfNm0p9t0X1fgzSwncBOnJF5Hh6dYkg6DEPEw2HmPUdRDUb
6IP40dxzEjQwGI2/j6tZ4X2/zX9k+oAynelKm5nMmV3j9LYvgpc01Sm9Q84JTSfh
48dlTa71A4PwSZBbo+T50ThTuZ0x4zIHq/R3UznMeI5qpu6klVdThRkMjhhjGX7G
tCdChdDT2atRJfEepVnOmG7DuMePRg9sFie4GyVZyCRvDA+IdxWcBZgCah11V05t
HCMTczq8TR6B2TmQO5m7sg3ZzOiTaX9wmiWzGjilLRxoL77XQcPEOxljXWmNI34g
GWYBvlUSrXKyDg==
-----END CERTIFICATE-----