Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          vy9Y4wATY3zkrCellntWhsflYD8trOBih/wAJNpc3kw=
Subject key identifier:   F9:FD:9F:8B:F9:0F:CD:34:84:85:6A:AA:07:ED:CE:7F:9A:2C:89:AB
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       019D27DF4DC00750FEF62B9FE732E9E8A3B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          08C6
Signing time:             Thu 26 Mar 2026 02:00:38 +0000
Manifest this update:     Thu 26 Mar 2026 02:00:38 +0000
Manifest next update:     Fri 27 Mar 2026 02:00:38 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: zzIItx8uoJwOcQt7ju/f2m4z1Vw1lxS/xdCKVbwfv+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 02:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:4d:c0:07:50:fe:f6:2b:9f:e7:32:e9:e8:a3:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: Mar 26 02:00:38 2026 GMT
            Not After : Mar 27 02:00:38 2026 GMT
        Subject: CN=f9fd9f8bf90fcd3484856aaa07edce7f9a2c89ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:31:8d:4c:ae:f3:fc:71:c4:d7:c5:4a:e7:64:
                    06:76:fa:3c:98:48:b5:ea:c6:88:4e:45:ff:72:de:
                    a1:1e:ee:fb:08:e1:45:06:ab:32:74:18:d1:a0:d1:
                    d7:9f:5a:33:19:18:4b:0f:6c:84:e1:d2:22:4a:a0:
                    6a:e8:3e:2f:d2:d1:72:c3:d3:02:68:8e:60:90:a5:
                    74:53:01:b3:74:13:25:73:00:1c:9b:6c:8a:60:6a:
                    e8:4b:ab:ae:dd:b5:3c:63:3c:ac:54:4b:1b:27:8b:
                    c8:74:f6:82:34:1a:7f:47:4d:37:6e:b1:5d:74:9b:
                    a4:88:3a:5c:74:ae:7e:2a:1f:75:18:b9:79:3a:a5:
                    8f:b5:50:16:57:2f:97:29:25:c7:a5:ac:18:bc:f7:
                    8b:0e:80:1c:f5:c6:0d:fd:b6:a5:d2:60:5f:c8:c1:
                    0d:4e:e3:84:67:a2:c8:09:54:9d:49:26:63:70:68:
                    b4:b2:c9:4d:84:30:44:16:87:fe:c2:2a:df:f4:ee:
                    ef:ec:cf:fc:5a:24:bb:b6:db:17:60:b5:9c:ee:e7:
                    c1:4e:fd:50:44:97:aa:3f:34:be:be:fa:92:2c:a1:
                    1d:e2:76:52:e1:ba:f0:c8:fe:22:24:0a:9f:2e:fc:
                    03:fb:93:da:ec:bb:e1:91:c9:59:24:44:02:6d:d7:
                    86:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:FD:9F:8B:F9:0F:CD:34:84:85:6A:AA:07:ED:CE:7F:9A:2C:89:AB
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:ab:84:a8:f6:dd:85:69:99:bb:7d:16:e6:63:e5:c5:26:61:
         e5:a6:49:1f:ac:a3:36:d1:9c:84:6c:43:36:b3:d0:33:ab:87:
         a2:46:85:ca:21:0b:4b:e1:2f:89:83:cd:b6:dd:cb:56:a3:66:
         52:56:68:2a:cf:de:0d:01:5a:d0:9e:f4:25:ee:26:07:70:b7:
         a3:26:ac:49:08:42:90:56:1e:5c:90:fe:1e:2c:9c:0e:af:61:
         89:6a:4e:14:53:f2:b9:90:5d:3a:ee:05:4e:99:b4:f9:d0:00:
         b0:3a:5b:f6:4d:b7:66:9a:fe:43:bc:53:e3:62:36:94:1e:49:
         b8:ad:1d:88:72:15:ce:6d:88:9d:0e:55:46:17:6e:c0:84:76:
         e9:46:aa:e5:c9:ff:35:11:d5:84:34:f6:3f:7c:ff:c1:e5:77:
         3b:8c:39:d3:97:b7:91:86:6a:d8:16:2f:eb:25:2d:9a:18:16:
         0e:12:4a:3c:61:62:6f:8a:81:8b:c6:e8:fe:e9:3c:23:82:f1:
         0f:aa:24:a6:23:95:09:c9:e4:b2:0d:76:e7:bf:da:1c:31:5c:
         ce:29:e6:c7:88:4e:11:e1:ce:b9:0b:d6:24:58:bd:b6:78:b4:
         4c:ba:1e:6b:d2:1a:9d:35:c2:75:20:f2:4b:72:0b:73:72:f5:
         dc:d5:ce:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n303AB1D+9iuf5zLp6KOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjYwMzI2MDIwMDM4WhcNMjYwMzI3MDIwMDM4WjAzMTEwLwYDVQQD
EyhmOWZkOWY4YmY5MGZjZDM0ODQ4NTZhYWEwN2VkY2U3ZjlhMmM4OWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojGNTK7z/HHE18VK52QGdvo8mEi1
6saITkX/ct6hHu77COFFBqsydBjRoNHXn1ozGRhLD2yE4dIiSqBq6D4v0tFyw9MC
aI5gkKV0UwGzdBMlcwAcm2yKYGroS6uu3bU8YzysVEsbJ4vIdPaCNBp/R003brFd
dJukiDpcdK5+Kh91GLl5OqWPtVAWVy+XKSXHpawYvPeLDoAc9cYN/bal0mBfyMEN
TuOEZ6LICVSdSSZjcGi0sslNhDBEFof+wirf9O7v7M/8WiS7ttsXYLWc7ufBTv1Q
RJeqPzS+vvqSLKEd4nZS4brwyP4iJAqfLvwD+5Pa7LvhkclZJEQCbdeGAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPn9n4v5D800hIVqqgftzn+aLImrMB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP6uEqPbd
hWmZu30W5mPlxSZh5aZJH6yjNtGchGxDNrPQM6uHokaFyiELS+EviYPNtt3LVqNm
UlZoKs/eDQFa0J70Je4mB3C3oyasSQhCkFYeXJD+HiycDq9hiWpOFFPyuZBdOu4F
Tpm0+dAAsDpb9k23Zpr+Q7xT42I2lB5JuK0diHIVzm2InQ5VRhduwIR26Uaq5cn/
NRHVhDT2P3z/weV3O4w505e3kYZq2BYv6yUtmhgWDhJKPGFib4qBi8bo/uk8I4Lx
D6okpiOVCcnksg1257/aHDFczinmx4hOEeHOuQvWJFi9tni0TLoea9IanTXCdSDy
S3ILc3L13NXOaA==
-----END CERTIFICATE-----