Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/5f73b3-e695-4bbf-82a3-82a30fdc24f9/1/HBvoBtpEgce6pWenHeTuJE2Yzgk.mft
File:                     HBvoBtpEgce6pWenHeTuJE2Yzgk.mft (raw, json)
Hash identifier:          Cr98TqRFHgBnMdAH3iQB7aZjM+rYot6/uvOUTCH0BqU=
Subject key identifier:   CF:0B:72:D9:84:4D:B1:35:3D:02:D1:24:78:FF:91:06:6D:AC:2B:A5
Authority key identifier: 1C:1B:E8:06:DA:44:81:C7:BA:A5:67:A7:1D:E4:EE:24:4D:98:CE:09
Certificate issuer:       /CN=1c1be806da4481c7baa567a71de4ee244d98ce09
Certificate serial:       019D33E3EF6135F0C37C881124EC84C16CB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBvoBtpEgce6pWenHeTuJE2Yzgk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/5f73b3-e695-4bbf-82a3-82a30fdc24f9/1/HBvoBtpEgce6pWenHeTuJE2Yzgk.mft
Manifest number:          DB
Signing time:             Sat 28 Mar 2026 10:01:09 +0000
Manifest this update:     Sat 28 Mar 2026 10:01:09 +0000
Manifest next update:     Sun 29 Mar 2026 10:01:09 +0000
Files and hashes:         1: HBvoBtpEgce6pWenHeTuJE2Yzgk.crl (hash: E8bXfP5V43iQZ8TLG0hs5npChOGud+8etSx5RuIDBJs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/5f73b3-e695-4bbf-82a3-82a30fdc24f9/1/HBvoBtpEgce6pWenHeTuJE2Yzgk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/5f73b3-e695-4bbf-82a3-82a30fdc24f9/1/HBvoBtpEgce6pWenHeTuJE2Yzgk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBvoBtpEgce6pWenHeTuJE2Yzgk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:e3:ef:61:35:f0:c3:7c:88:11:24:ec:84:c1:6c:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1be806da4481c7baa567a71de4ee244d98ce09
        Validity
            Not Before: Mar 28 10:01:09 2026 GMT
            Not After : Mar 29 10:01:09 2026 GMT
        Subject: CN=cf0b72d9844db1353d02d12478ff91066dac2ba5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:b4:1e:35:8a:9f:36:52:7c:eb:d3:d5:ca:ac:
                    7f:6f:1b:0c:8d:f8:12:b9:d5:6e:67:60:32:dd:4d:
                    09:5a:e2:85:c0:84:2e:a6:cf:80:e9:08:c7:4e:7c:
                    dd:d8:d1:aa:92:63:2b:d6:e9:55:2a:7b:29:c8:11:
                    be:f8:74:1a:20:fc:e6:44:96:e7:e3:85:da:b4:96:
                    11:02:6e:d6:a2:12:ef:3d:40:5f:cb:b9:67:1c:09:
                    ae:89:83:27:3f:a8:bd:db:16:6f:19:d4:12:77:ae:
                    9a:90:98:12:f8:d7:f5:9b:59:63:e1:e0:b1:6d:d1:
                    c1:90:41:2e:8f:8a:1a:c6:68:b8:2e:3e:b1:18:c3:
                    35:3a:c1:ff:cc:7d:98:90:3c:2b:a2:a7:9d:10:e0:
                    c6:c1:94:4c:ea:72:5c:cd:22:f7:4d:92:8a:ef:7d:
                    96:31:89:12:b7:be:4f:f4:dc:50:44:8f:56:5c:00:
                    e5:85:9b:1d:82:27:69:1a:47:4a:7f:d0:75:ac:de:
                    82:34:fe:f4:db:47:a3:b9:66:8e:ff:75:04:7e:68:
                    85:09:fa:f1:93:0c:50:f9:9d:3b:56:2e:0d:70:00:
                    c2:4b:f9:a0:d9:cc:97:fe:93:db:cc:ea:70:e6:1f:
                    ea:14:e1:98:f7:60:e3:f2:30:ec:c2:43:7a:11:d4:
                    54:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:0B:72:D9:84:4D:B1:35:3D:02:D1:24:78:FF:91:06:6D:AC:2B:A5
            X509v3 Authority Key Identifier:
                keyid:1C:1B:E8:06:DA:44:81:C7:BA:A5:67:A7:1D:E4:EE:24:4D:98:CE:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBvoBtpEgce6pWenHeTuJE2Yzgk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/5f73b3-e695-4bbf-82a3-82a30fdc24f9/1/HBvoBtpEgce6pWenHeTuJE2Yzgk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/5f73b3-e695-4bbf-82a3-82a30fdc24f9/1/HBvoBtpEgce6pWenHeTuJE2Yzgk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:57:1a:3b:c4:65:4f:ef:c5:9e:56:e8:ab:20:5a:d8:99:af:
         33:fe:85:fb:2c:b4:48:49:01:d4:27:c8:a3:d8:09:f7:1d:71:
         15:25:93:c7:61:46:17:b4:e0:45:60:00:32:1d:68:38:19:33:
         65:5b:6a:9b:c1:16:b1:ce:58:3e:69:b3:72:9e:a5:0c:b2:e8:
         94:e2:7c:a6:ae:26:fa:bb:30:27:47:51:57:6c:4d:6d:ce:df:
         c4:85:c1:f5:d4:4f:6e:0f:20:8c:f5:c0:51:62:90:91:2b:ef:
         28:4e:dd:bd:bd:fc:cd:fb:71:2d:4c:3b:99:e2:43:f0:e0:78:
         5a:3d:20:36:ff:01:64:c8:ab:43:69:45:64:3f:98:f1:7f:63:
         3d:09:c6:fc:b7:25:73:cb:f3:db:34:06:43:56:f3:17:ba:a2:
         70:da:d3:0e:fc:1a:5c:b8:8c:27:26:68:cc:c9:78:f0:b0:36:
         85:2b:04:b7:60:2a:17:71:f1:dd:9f:6d:78:63:c8:ab:df:3b:
         66:3b:e3:18:29:59:1c:1c:e0:42:b3:d3:43:b6:6e:6d:bd:43:
         6b:16:7d:3c:22:c3:58:e4:d5:5d:95:2f:91:23:9e:3b:57:77:
         33:f9:c2:a6:5a:f3:d6:38:1e:47:db:4f:ba:9d:19:84:c1:f9:
         07:26:be:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z4+9hNfDDfIgRJOyEwWy3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWJlODA2ZGE0NDgxYzdiYWE1NjdhNzFkZTRlZTI0NGQ5
OGNlMDkwHhcNMjYwMzI4MTAwMTA5WhcNMjYwMzI5MTAwMTA5WjAzMTEwLwYDVQQD
EyhjZjBiNzJkOTg0NGRiMTM1M2QwMmQxMjQ3OGZmOTEwNjZkYWMyYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7QeNYqfNlJ869PVyqx/bxsMjfgS
udVuZ2Ay3U0JWuKFwIQups+A6QjHTnzd2NGqkmMr1ulVKnspyBG++HQaIPzmRJbn
44XatJYRAm7WohLvPUBfy7lnHAmuiYMnP6i92xZvGdQSd66akJgS+Nf1m1lj4eCx
bdHBkEEuj4oaxmi4Lj6xGMM1OsH/zH2YkDwroqedEODGwZRM6nJczSL3TZKK732W
MYkSt75P9NxQRI9WXADlhZsdgidpGkdKf9B1rN6CNP7020ejuWaO/3UEfmiFCfrx
kwxQ+Z07Vi4NcADCS/mg2cyX/pPbzOpw5h/qFOGY92Dj8jDswkN6EdRUPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8LctmETbE1PQLRJHj/kQZtrCulMB8GA1UdIwQY
MBaAFBwb6AbaRIHHuqVnpx3k7iRNmM4JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ2b0J0cEVnY2U2cFdlbkhlVHVKRTJZemdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81ZjczYjMtZTY5NS00YmJmLTgyYTMt
ODJhMzBmZGMyNGY5LzEvSEJ2b0J0cEVnY2U2cFdlbkhlVHVKRTJZemdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81ZjczYjMtZTY5NS00YmJmLTgyYTMtODJhMzBmZGMyNGY5
LzEvSEJ2b0J0cEVnY2U2cFdlbkhlVHVKRTJZemdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFcaO8Rl
T+/FnlboqyBa2JmvM/6F+yy0SEkB1CfIo9gJ9x1xFSWTx2FGF7TgRWAAMh1oOBkz
ZVtqm8EWsc5YPmmzcp6lDLLolOJ8pq4m+rswJ0dRV2xNbc7fxIXB9dRPbg8gjPXA
UWKQkSvvKE7dvb38zftxLUw7meJD8OB4Wj0gNv8BZMirQ2lFZD+Y8X9jPQnG/Lcl
c8vz2zQGQ1bzF7qicNrTDvwaXLiMJyZozMl48LA2hSsEt2AqF3Hx3Z9teGPIq987
ZjvjGClZHBzgQrPTQ7Zubb1DaxZ9PCLDWOTVXZUvkSOeO1d3M/nCplrz1jgeR9tP
up0ZhMH5Bya+6w==
-----END CERTIFICATE-----