Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft
File:                     HyAOBxBBRee6mHap0-55Kgc2TTY.mft (raw, json)
Hash identifier:          kHFb4fmVP6g/zJ/SMDHz6f1u6iY/GYYWDwTJS74WaCs=
Subject key identifier:   72:EC:D4:71:29:D6:67:45:68:F9:98:8B:29:ED:83:7E:EB:01:D8:48
Authority key identifier: 1F:20:0E:07:10:41:45:E7:BA:98:76:A9:D3:EE:79:2A:07:36:4D:36
Certificate issuer:       /CN=1f200e07104145e7ba9876a9d3ee792a07364d36
Certificate serial:       019D270416DA9282320B2974471E0B9AAD60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HyAOBxBBRee6mHap0-55Kgc2TTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft
Manifest number:          05AC
Signing time:             Wed 25 Mar 2026 22:01:12 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:12 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:12 +0000
Files and hashes:         1: HyAOBxBBRee6mHap0-55Kgc2TTY.crl (hash: 5vXpeq25vrjglXd8PpkhuPrsT7xi0uwc17mIfYcuQXQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HyAOBxBBRee6mHap0-55Kgc2TTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:16:da:92:82:32:0b:29:74:47:1e:0b:9a:ad:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f200e07104145e7ba9876a9d3ee792a07364d36
        Validity
            Not Before: Mar 25 22:01:12 2026 GMT
            Not After : Mar 26 22:01:12 2026 GMT
        Subject: CN=72ecd47129d6674568f9988b29ed837eeb01d848
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:f7:e1:b5:ec:7b:b1:e6:42:d7:ee:1c:99:ab:
                    2b:3e:3d:3c:4b:ec:83:80:3c:9c:a4:25:26:f0:9a:
                    31:b1:01:b5:98:e1:3b:e3:92:c0:91:72:45:9b:ba:
                    7e:d5:e6:96:eb:25:45:88:45:1c:da:41:ec:d7:88:
                    4b:7a:13:7c:7a:0e:da:cf:58:5a:17:db:64:37:36:
                    33:6f:95:0f:f3:ad:b3:8d:15:5e:ed:57:a6:cc:78:
                    1d:d7:de:80:48:e6:06:1b:00:88:4f:00:45:95:76:
                    c8:fc:ad:2f:9c:e1:b9:b7:d5:e3:c1:7d:96:7d:7b:
                    68:af:35:2d:d9:73:5c:21:d6:8d:04:5d:b7:49:b3:
                    d9:93:27:e9:33:dd:21:1d:99:82:4a:5c:ec:92:62:
                    16:72:aa:ff:44:13:e3:50:26:9f:ee:42:c6:b0:ac:
                    05:ee:2c:4d:7f:3e:79:e6:72:4d:54:2a:89:c3:f8:
                    4c:77:e6:12:c5:38:5d:79:c9:c8:42:1d:e4:92:cf:
                    de:d2:72:ac:ac:40:e6:d2:60:fd:c8:3f:89:f9:54:
                    d8:fd:ef:06:6c:e9:64:22:95:45:82:43:fc:2b:b3:
                    83:8d:88:15:f1:96:9c:ce:8c:ad:bd:56:d1:89:11:
                    64:c6:5f:83:4f:41:d5:34:7d:9b:aa:0e:f6:6c:0a:
                    36:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:EC:D4:71:29:D6:67:45:68:F9:98:8B:29:ED:83:7E:EB:01:D8:48
            X509v3 Authority Key Identifier:
                keyid:1F:20:0E:07:10:41:45:E7:BA:98:76:A9:D3:EE:79:2A:07:36:4D:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyAOBxBBRee6mHap0-55Kgc2TTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:ba:f1:f5:dc:38:a2:7d:66:5b:86:4b:bf:93:15:4a:0a:ba:
         31:4f:cd:0b:b3:17:b0:26:66:ca:10:51:ed:7c:7a:06:e4:c1:
         e4:ff:5f:89:ed:61:1d:b8:f0:5e:6c:9c:6d:34:a8:8a:ed:fd:
         81:31:d4:85:f3:1e:ff:4d:ad:47:83:29:ba:fc:04:63:2d:0e:
         db:0e:86:e4:44:26:99:5f:c5:2b:9f:92:a5:72:f7:ed:29:3b:
         97:90:f2:8c:ec:d5:93:b0:41:7d:55:4a:4b:1e:45:e2:41:f4:
         d3:dc:9c:0f:21:05:38:94:42:7e:5f:68:a0:1a:45:c1:1a:e1:
         32:40:ee:34:0a:cf:f0:3d:72:28:f4:1c:cf:90:e6:05:6b:62:
         eb:f1:2d:34:e3:80:c4:5b:44:fb:b0:94:2e:af:7c:b2:72:67:
         cf:76:22:b7:b2:1a:a9:89:2a:3c:2e:9f:97:ed:71:62:ff:ee:
         4a:82:3d:97:51:ea:fb:26:50:f4:d2:24:4c:99:d2:61:56:75:
         e4:11:e7:4f:fb:a4:3f:2b:8b:6d:2c:a2:4f:c4:4c:2d:bb:43:
         97:03:87:a8:9b:c9:49:c3:c2:33:c9:3a:30:03:30:68:16:8b:
         3a:97:f4:10:4e:f7:06:b4:f7:31:ac:fc:25:8d:91:3f:10:e3:
         98:bc:5f:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBbakoIyCyl0Rx4Lmq1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMjAwZTA3MTA0MTQ1ZTdiYTk4NzZhOWQzZWU3OTJhMDcz
NjRkMzYwHhcNMjYwMzI1MjIwMTEyWhcNMjYwMzI2MjIwMTEyWjAzMTEwLwYDVQQD
Eyg3MmVjZDQ3MTI5ZDY2NzQ1NjhmOTk4OGIyOWVkODM3ZWViMDFkODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvfhtex7seZC1+4cmasrPj08S+yD
gDycpCUm8JoxsQG1mOE745LAkXJFm7p+1eaW6yVFiEUc2kHs14hLehN8eg7az1ha
F9tkNzYzb5UP862zjRVe7VemzHgd196ASOYGGwCITwBFlXbI/K0vnOG5t9XjwX2W
fXtorzUt2XNcIdaNBF23SbPZkyfpM90hHZmCSlzskmIWcqr/RBPjUCaf7kLGsKwF
7ixNfz555nJNVCqJw/hMd+YSxThdecnIQh3kks/e0nKsrEDm0mD9yD+J+VTY/e8G
bOlkIpVFgkP8K7ODjYgV8ZaczoytvVbRiRFkxl+DT0HVNH2bqg72bAo2zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLs1HEp1mdFaPmYiyntg37rAdhIMB8GA1UdIwQY
MBaAFB8gDgcQQUXnuph2qdPueSoHNk02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHlBT0J4QkJSZWU2bUhhcDAtNTVLZ2MyVFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80NmRhYmYtOTYyNi00ZDFmLWE4OWUt
Nzc1YTdlYzFjYTMzLzEvSHlBT0J4QkJSZWU2bUhhcDAtNTVLZ2MyVFRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80NmRhYmYtOTYyNi00ZDFmLWE4OWUtNzc1YTdlYzFjYTMz
LzEvSHlBT0J4QkJSZWU2bUhhcDAtNTVLZ2MyVFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQLrx9dw4
on1mW4ZLv5MVSgq6MU/NC7MXsCZmyhBR7Xx6BuTB5P9fie1hHbjwXmycbTSoiu39
gTHUhfMe/02tR4MpuvwEYy0O2w6G5EQmmV/FK5+SpXL37Sk7l5DyjOzVk7BBfVVK
Sx5F4kH009ycDyEFOJRCfl9ooBpFwRrhMkDuNArP8D1yKPQcz5DmBWti6/EtNOOA
xFtE+7CULq98snJnz3Yit7IaqYkqPC6fl+1xYv/uSoI9l1Hq+yZQ9NIkTJnSYVZ1
5BHnT/ukPyuLbSyiT8RMLbtDlwOHqJvJScPCM8k6MAMwaBaLOpf0EE73BrT3Maz8
JY2RPxDjmLxfGQ==
-----END CERTIFICATE-----