Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          Me7u81J5sQVTbSshaE1Tb99Pmv8aozijsw57UKeqzMQ=
Subject key identifier:   38:0C:D2:8E:F3:C6:D8:96:A0:3B:C0:BD:48:4A:B1:80:47:29:09:FF
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       019D28F2FB572523246B9234021B92770C31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0A81
Signing time:             Thu 26 Mar 2026 07:01:45 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:45 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:45 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: eNluUolW42Ca+VII/OB+V2dbJzu15GcRYQKht3gyVwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:fb:57:25:23:24:6b:92:34:02:1b:92:77:0c:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Mar 26 07:01:45 2026 GMT
            Not After : Mar 27 07:01:45 2026 GMT
        Subject: CN=380cd28ef3c6d896a03bc0bd484ab180472909ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c0:7f:45:d9:08:dc:98:9b:f4:30:a3:7c:8a:
                    da:0a:86:92:84:7a:c9:58:aa:b5:4b:64:8b:45:6a:
                    51:ed:25:c0:22:99:ec:ba:3a:1f:84:42:c8:bb:dd:
                    e2:39:f1:ef:43:bd:7e:a1:27:db:cf:fa:ec:6e:bb:
                    c0:1d:98:bd:20:04:74:85:06:f9:fc:b4:2d:ab:90:
                    49:b7:bb:b0:56:2b:70:80:34:d4:e2:e2:58:27:c8:
                    dc:51:37:eb:39:cd:c7:82:ab:d1:94:77:bd:57:4c:
                    36:6a:d9:1f:fc:d8:93:9d:68:c3:ce:dc:8e:d3:0f:
                    6d:b2:5c:aa:ce:3d:47:cc:f2:db:79:fb:91:0d:9f:
                    07:31:dc:ec:c5:9f:83:05:e3:d1:fe:84:46:0c:b8:
                    0b:18:21:22:a8:c7:16:4d:1f:3d:9c:eb:10:25:52:
                    d8:68:02:c1:02:1d:97:0d:27:05:d7:83:7f:fb:e3:
                    30:7b:53:72:e9:f1:41:96:24:11:ed:5f:92:ad:1c:
                    50:b9:06:04:a6:34:27:a5:aa:55:f7:d4:b5:31:c7:
                    3f:f6:e7:f0:a8:b0:55:d0:40:c1:d4:84:4f:a9:bf:
                    8c:7a:50:d2:b5:82:7c:cf:c7:e1:94:a6:e5:56:ec:
                    8a:29:50:e5:04:69:f8:04:c4:a2:0a:64:10:0f:2d:
                    11:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:0C:D2:8E:F3:C6:D8:96:A0:3B:C0:BD:48:4A:B1:80:47:29:09:FF
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:83:ea:9a:7a:ab:5a:50:dc:02:f3:00:1d:7d:d5:ee:b1:ad:
         4b:dd:69:2d:35:83:b7:1c:2a:46:fe:ea:b7:c6:7e:76:82:25:
         d0:87:d0:71:77:a4:d8:af:0a:aa:7d:68:b9:4c:ab:a8:f8:10:
         0e:0c:d5:dd:c9:e5:a2:15:a2:df:e0:37:2f:8e:d9:89:34:bf:
         a7:91:8c:a5:a7:04:af:5e:ad:9e:32:c9:1f:fd:f0:2e:dd:6e:
         70:5f:d1:4a:85:d8:12:fc:f5:ea:60:83:b1:bd:da:b5:67:15:
         d9:44:67:6b:0c:a2:27:0b:56:ab:76:f9:92:dd:26:5f:50:2e:
         76:66:aa:cc:a9:4f:75:ef:31:19:ac:e9:ff:b0:b3:a8:43:a2:
         8e:f7:0e:de:39:6b:68:21:39:19:2e:62:b1:21:09:30:c8:cc:
         b9:2a:e1:54:65:ad:ca:41:fa:00:c1:39:af:ab:e4:f9:bd:87:
         d0:95:62:39:3c:80:09:ed:92:e1:2f:08:6e:4e:ec:7e:13:ec:
         b9:b8:68:74:69:11:93:2e:79:cd:ee:d1:0c:41:26:8d:5d:48:
         c5:5c:b6:ce:e3:32:b4:7e:bf:e6:b4:93:76:ee:be:46:bd:6f:
         00:ae:01:80:c7:69:32:cc:2b:49:d3:71:61:20:a8:fe:a6:8b:
         85:b3:ad:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8vtXJSMka5I0AhuSdwwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjYwMzI2MDcwMTQ1WhcNMjYwMzI3MDcwMTQ1WjAzMTEwLwYDVQQD
EygzODBjZDI4ZWYzYzZkODk2YTAzYmMwYmQ0ODRhYjE4MDQ3MjkwOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscB/RdkI3Jib9DCjfIraCoaShHrJ
WKq1S2SLRWpR7SXAIpnsujofhELIu93iOfHvQ71+oSfbz/rsbrvAHZi9IAR0hQb5
/LQtq5BJt7uwVitwgDTU4uJYJ8jcUTfrOc3HgqvRlHe9V0w2atkf/NiTnWjDztyO
0w9tslyqzj1HzPLbefuRDZ8HMdzsxZ+DBePR/oRGDLgLGCEiqMcWTR89nOsQJVLY
aALBAh2XDScF14N/++Mwe1Ny6fFBliQR7V+SrRxQuQYEpjQnpapV99S1Mcc/9ufw
qLBV0EDB1IRPqb+MelDStYJ8z8fhlKblVuyKKVDlBGn4BMSiCmQQDy0RMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgM0o7zxtiWoDvAvUhKsYBHKQn/MB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZYPqmnqr
WlDcAvMAHX3V7rGtS91pLTWDtxwqRv7qt8Z+doIl0IfQcXek2K8Kqn1ouUyrqPgQ
DgzV3cnlohWi3+A3L47ZiTS/p5GMpacEr16tnjLJH/3wLt1ucF/RSoXYEvz16mCD
sb3atWcV2URnawyiJwtWq3b5kt0mX1AudmaqzKlPde8xGazp/7CzqEOijvcO3jlr
aCE5GS5isSEJMMjMuSrhVGWtykH6AME5r6vk+b2H0JViOTyACe2S4S8Ibk7sfhPs
ubhodGkRky55ze7RDEEmjV1IxVy2zuMytH6/5rSTdu6+Rr1vAK4BgMdpMswrSdNx
YSCo/qaLhbOtIg==
-----END CERTIFICATE-----