Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          qAczKJSqym1EcfJ3/pkVUvOA7i9Soaicl70fiYoMmg4=
Subject key identifier:   C4:C1:B4:6D:1F:8E:19:7D:4D:26:8E:B6:27:87:15:BB:FF:94:A7:40
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       019D25F17A36C70BF1B63856737FD8E23CD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          055C
Signing time:             Wed 25 Mar 2026 17:01:15 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:15 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:15 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: XNhikSlfeVb6Hmv/Cy9kae9WEIp++9M4DIKoEXMsGrM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:7a:36:c7:0b:f1:b6:38:56:73:7f:d8:e2:3c:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Mar 25 17:01:15 2026 GMT
            Not After : Mar 26 17:01:15 2026 GMT
        Subject: CN=c4c1b46d1f8e197d4d268eb6278715bbff94a740
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ac:d0:dc:a5:15:60:9f:05:16:f1:4c:c9:63:
                    55:d6:3d:50:fe:56:e6:9d:12:a1:ec:a8:01:87:14:
                    cd:27:e3:41:37:cd:2d:64:8e:fd:2d:1f:fa:b9:cf:
                    84:3b:af:6b:3c:80:bf:9c:36:c0:72:67:23:76:6d:
                    6b:36:dc:37:fc:d1:94:0b:56:13:fe:c9:e8:c9:46:
                    19:65:97:13:ba:f5:6e:85:a5:3f:02:c4:93:ff:50:
                    21:99:9a:42:a0:a0:d4:b7:6d:89:ee:12:24:53:38:
                    eb:c4:38:3f:be:5f:9c:1b:1b:91:90:eb:f3:96:70:
                    1c:43:6a:f1:0b:c2:d1:75:72:40:2c:3f:c7:8f:cc:
                    65:72:96:3f:b8:e6:7c:53:8a:9f:ff:f7:4e:87:1c:
                    63:24:c8:52:15:31:06:e3:d9:c0:5e:e2:6e:73:eb:
                    fd:ed:83:ef:72:89:80:62:95:f0:60:91:6f:48:8b:
                    e0:a6:c4:49:3a:ee:0b:2c:98:57:c4:7e:2c:2b:ed:
                    04:6f:0b:3c:04:02:85:bd:9f:6e:71:43:66:d8:75:
                    d9:b1:61:af:13:74:0b:75:2a:f6:be:78:27:82:0e:
                    9c:6b:51:e8:15:c0:02:a5:ef:d0:4d:f1:fe:36:3d:
                    73:3e:6f:fe:6b:d1:b3:ec:c3:a3:e2:8a:50:5d:69:
                    5e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:C1:B4:6D:1F:8E:19:7D:4D:26:8E:B6:27:87:15:BB:FF:94:A7:40
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:ad:4d:96:6e:c3:3e:30:91:50:9a:e6:20:c1:89:28:63:1d:
         b7:59:77:d8:73:a3:9e:b9:cc:48:99:4f:00:b0:22:3f:f0:b3:
         8b:6e:bc:43:89:ec:7c:8b:46:24:6a:ab:d1:6c:d6:27:f9:03:
         f1:af:37:50:e9:85:e8:54:3c:4d:69:1c:85:07:14:14:52:95:
         79:3b:e9:10:3b:a3:94:6d:8d:d9:6b:eb:df:6a:75:a4:07:4a:
         40:98:08:ce:da:7d:4c:38:65:1e:6e:56:6d:4a:0d:1b:f5:4c:
         1e:13:0f:80:43:9e:55:5c:5b:45:53:69:0f:80:1f:e0:36:0f:
         b7:20:d7:4f:4d:64:9b:f1:ef:bf:b6:0d:88:2f:d9:c8:ad:7e:
         f4:da:e3:f4:24:a4:2d:38:f9:cd:f4:55:b5:a0:6f:a0:42:99:
         80:6c:65:95:ab:e8:1b:c8:9b:7a:cc:af:d5:86:48:48:b9:e4:
         36:e2:1f:c5:8a:49:bc:ef:e3:36:7b:6b:ba:ba:25:14:8a:8c:
         c9:9d:e8:08:fb:91:71:01:7a:33:06:c9:fb:e1:40:0e:df:a0:
         83:c2:f2:25:8c:9b:4f:58:cb:ff:8a:4b:6b:90:d1:2d:d2:3d:
         01:c6:bd:41:41:de:e0:3c:3a:38:34:01:73:45:47:05:27:b7:
         d8:4a:7b:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8Xo2xwvxtjhWc3/Y4jzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjYwMzI1MTcwMTE1WhcNMjYwMzI2MTcwMTE1WjAzMTEwLwYDVQQD
EyhjNGMxYjQ2ZDFmOGUxOTdkNGQyNjhlYjYyNzg3MTViYmZmOTRhNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6zQ3KUVYJ8FFvFMyWNV1j1Q/lbm
nRKh7KgBhxTNJ+NBN80tZI79LR/6uc+EO69rPIC/nDbAcmcjdm1rNtw3/NGUC1YT
/snoyUYZZZcTuvVuhaU/AsST/1AhmZpCoKDUt22J7hIkUzjrxDg/vl+cGxuRkOvz
lnAcQ2rxC8LRdXJALD/Hj8xlcpY/uOZ8U4qf//dOhxxjJMhSFTEG49nAXuJuc+v9
7YPvcomAYpXwYJFvSIvgpsRJOu4LLJhXxH4sK+0Ebws8BAKFvZ9ucUNm2HXZsWGv
E3QLdSr2vngngg6ca1HoFcACpe/QTfH+Nj1zPm/+a9Gz7MOj4opQXWleowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTBtG0fjhl9TSaOtieHFbv/lKdAMB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAa1Nlm7D
PjCRUJrmIMGJKGMdt1l32HOjnrnMSJlPALAiP/Czi268Q4nsfItGJGqr0WzWJ/kD
8a83UOmF6FQ8TWkchQcUFFKVeTvpEDujlG2N2Wvr32p1pAdKQJgIztp9TDhlHm5W
bUoNG/VMHhMPgEOeVVxbRVNpD4Af4DYPtyDXT01km/Hvv7YNiC/ZyK1+9Nrj9CSk
LTj5zfRVtaBvoEKZgGxllavoG8ibesyv1YZISLnkNuIfxYpJvO/jNntrurolFIqM
yZ3oCPuRcQF6MwbJ++FADt+gg8LyJYybT1jL/4pLa5DRLdI9Aca9QUHe4Dw6ODQB
c0VHBSe32Ep7gA==
-----END CERTIFICATE-----