Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
File:                     HNuFgmJdF7G8uuE_xt20OruV0v4.mft (raw, json)
Hash identifier:          Y3o1VNt6sd+JoCPswfBavtdH59xXnjTywewvx6fZ9Hk=
Subject key identifier:   72:40:7D:8D:A9:97:3A:07:0A:EB:50:A7:48:34:04:EC:F7:09:36:B4
Authority key identifier: 1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE
Certificate issuer:       /CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
Certificate serial:       019D29CDC280513D7564C98FA89BAD8C3140
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
Manifest number:          0444
Signing time:             Thu 26 Mar 2026 11:00:43 +0000
Manifest this update:     Thu 26 Mar 2026 11:00:43 +0000
Manifest next update:     Fri 27 Mar 2026 11:00:43 +0000
Files and hashes:         1: HNuFgmJdF7G8uuE_xt20OruV0v4.crl (hash: H0hnMu7bi0J+g9c6vdcbOdUCHBSmKfe0jgbmuq2bZcc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:cd:c2:80:51:3d:75:64:c9:8f:a8:9b:ad:8c:31:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
        Validity
            Not Before: Mar 26 11:00:43 2026 GMT
            Not After : Mar 27 11:00:43 2026 GMT
        Subject: CN=72407d8da9973a070aeb50a7483404ecf70936b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:eb:95:4e:7a:53:fe:c8:3f:71:fc:d8:b5:1d:
                    5f:d5:e2:4a:b9:88:d7:ce:63:0d:10:65:46:38:56:
                    ea:a7:a8:6c:95:90:eb:13:7d:98:5b:0d:f3:2c:c7:
                    62:1d:dd:d1:b0:00:10:63:02:65:73:ba:4e:f2:0d:
                    52:93:a3:24:63:ad:87:ec:69:e9:3a:b8:0a:fa:bf:
                    d8:c4:0b:a1:b3:4b:d7:a9:be:79:8a:4d:49:fd:15:
                    f9:3b:6a:40:df:51:33:88:c7:ff:80:19:76:8d:6f:
                    54:89:80:17:d1:f1:7b:2c:76:45:d9:82:51:13:d4:
                    97:7e:e6:13:8b:0e:81:e7:bf:ba:6c:5c:0f:1e:d5:
                    2a:82:b3:ee:63:16:c5:f5:ce:7d:7a:01:5c:d5:1e:
                    76:0e:b0:df:ac:ad:23:76:b1:3d:91:4a:7f:c4:3b:
                    58:90:56:52:04:45:79:7b:a0:f4:83:21:7a:e8:46:
                    c7:ee:79:55:5a:d9:ee:35:4e:78:d6:84:a9:91:7e:
                    42:68:64:18:ce:3c:a1:a3:7b:00:13:0e:fa:c2:c0:
                    ce:31:71:a6:99:3b:74:15:bc:bc:b5:1b:f8:10:9a:
                    84:5a:52:26:b8:70:15:8c:c3:ed:2c:09:96:71:c0:
                    e8:36:bc:31:d4:e8:7f:f0:ef:3b:54:80:db:51:ab:
                    d1:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:40:7D:8D:A9:97:3A:07:0A:EB:50:A7:48:34:04:EC:F7:09:36:B4
            X509v3 Authority Key Identifier:
                keyid:1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:28:00:4b:31:be:9a:37:89:2c:f1:c0:b7:42:5f:18:72:f9:
         55:86:84:e1:bd:77:40:a0:01:69:bf:15:08:06:87:2f:33:60:
         b8:95:c7:e2:4e:54:bc:25:51:c3:98:9e:6c:11:b4:7a:f2:a5:
         23:fb:82:e4:2c:b8:d8:78:b9:1f:58:de:2a:f5:28:7f:ef:f1:
         e5:67:28:60:52:9a:42:86:fa:b2:64:32:0b:f9:24:6e:bf:bf:
         c8:6c:85:89:31:c6:34:ce:8a:29:c3:af:88:65:c5:a4:e3:64:
         c1:7d:21:5d:db:2b:28:b8:4c:e7:33:80:72:70:4a:ef:c4:e2:
         ed:9c:d2:f5:bc:31:2f:e3:4e:7f:aa:1d:ff:51:0c:6c:5b:9b:
         3a:e9:ba:2a:08:bc:dc:9d:97:d8:ce:2c:24:82:ea:04:77:5b:
         96:26:e9:6e:f4:be:0a:1b:3b:fe:cb:06:2a:2d:4d:61:8e:2b:
         7b:a7:05:62:03:18:7f:80:ba:17:67:11:d0:4e:c8:55:d2:1f:
         63:15:eb:fe:9e:f4:66:07:1b:94:c5:e7:b9:a8:5c:07:2f:8f:
         ed:39:49:40:06:22:aa:f4:a8:09:bc:bb:53:6d:42:f8:b4:47:
         ea:cd:63:46:58:00:57:16:01:d5:57:d3:fd:d0:ed:17:98:ac:
         b5:c0:af:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzcKAUT11ZMmPqJutjDFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGI4NTgyNjI1ZDE3YjFiY2JhZTEzZmM2ZGRiNDNhYmI5
NWQyZmUwHhcNMjYwMzI2MTEwMDQzWhcNMjYwMzI3MTEwMDQzWjAzMTEwLwYDVQQD
Eyg3MjQwN2Q4ZGE5OTczYTA3MGFlYjUwYTc0ODM0MDRlY2Y3MDkzNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+uVTnpT/sg/cfzYtR1f1eJKuYjX
zmMNEGVGOFbqp6hslZDrE32YWw3zLMdiHd3RsAAQYwJlc7pO8g1Sk6MkY62H7Gnp
OrgK+r/YxAuhs0vXqb55ik1J/RX5O2pA31EziMf/gBl2jW9UiYAX0fF7LHZF2YJR
E9SXfuYTiw6B57+6bFwPHtUqgrPuYxbF9c59egFc1R52DrDfrK0jdrE9kUp/xDtY
kFZSBEV5e6D0gyF66EbH7nlVWtnuNU541oSpkX5CaGQYzjyho3sAEw76wsDOMXGm
mTt0Fby8tRv4EJqEWlImuHAVjMPtLAmWccDoNrwx1Oh/8O87VIDbUavRBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJAfY2plzoHCutQp0g0BOz3CTa0MB8GA1UdIwQY
MBaAFBzbhYJiXRexvLrhP8bdtDq7ldL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDct
NDVmYmE1Yzk3NTkzLzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDctNDVmYmE1Yzk3NTkz
LzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHSgASzG+
mjeJLPHAt0JfGHL5VYaE4b13QKABab8VCAaHLzNguJXH4k5UvCVRw5iebBG0evKl
I/uC5Cy42Hi5H1jeKvUof+/x5WcoYFKaQob6smQyC/kkbr+/yGyFiTHGNM6KKcOv
iGXFpONkwX0hXdsrKLhM5zOAcnBK78Ti7ZzS9bwxL+NOf6od/1EMbFubOum6Kgi8
3J2X2M4sJILqBHdblibpbvS+Chs7/ssGKi1NYY4re6cFYgMYf4C6F2cR0E7IVdIf
YxXr/p70ZgcblMXnuahcBy+P7TlJQAYiqvSoCby7U21C+LRH6s1jRlgAVxYB1VfT
/dDtF5istcCvSQ==
-----END CERTIFICATE-----