Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
File:                     hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft (raw, json)
Hash identifier:          TyG6Q1teLrgHw/sUg/4Uh2D8CHicgo4kILZFubOvRtY=
Subject key identifier:   AD:24:F6:3A:A4:E6:B5:AB:25:0E:6D:7E:9D:81:D4:DE:2F:71:47:DE
Authority key identifier: 85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C
Certificate issuer:       /CN=856350305f11387500f03c5a06ff73aa13592f1c
Certificate serial:       019D330867FC93F289765BFACC6EFEC973A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
Manifest number:          1888
Signing time:             Sat 28 Mar 2026 06:01:22 +0000
Manifest this update:     Sat 28 Mar 2026 06:01:22 +0000
Manifest next update:     Sun 29 Mar 2026 06:01:22 +0000
Files and hashes:         1: hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl (hash: wV0ORy7bYlCjQeygywj8A0Xi2Snpp9+zSSGgV879RAM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:08:67:fc:93:f2:89:76:5b:fa:cc:6e:fe:c9:73:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=856350305f11387500f03c5a06ff73aa13592f1c
        Validity
            Not Before: Mar 28 06:01:22 2026 GMT
            Not After : Mar 29 06:01:22 2026 GMT
        Subject: CN=ad24f63aa4e6b5ab250e6d7e9d81d4de2f7147de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:fb:df:e5:f4:14:0a:dd:36:c1:60:01:17:80:
                    da:a6:f2:b4:fe:8a:6c:90:dc:c1:75:fa:c3:3f:82:
                    1a:4e:12:2b:5e:23:f3:4d:7d:82:f1:25:16:b9:34:
                    b5:03:94:c4:fa:bd:72:69:fc:af:2f:20:f9:70:60:
                    3d:29:67:c4:6c:3c:55:1d:cd:26:3a:6b:37:21:5a:
                    66:19:c9:c9:f9:c4:92:06:18:05:ef:bf:84:8e:55:
                    7b:74:da:6b:bd:ce:0e:10:e1:e6:fa:7d:f7:1a:83:
                    b7:6b:f4:81:e5:a0:47:fd:96:d4:7a:ae:25:53:ca:
                    df:24:a9:73:a1:62:dc:57:58:92:6e:0d:82:95:ae:
                    ab:0c:4b:b4:98:8a:8c:7d:14:5e:33:a3:51:df:73:
                    ef:29:61:75:a2:73:08:9f:5b:2b:46:c1:7e:a5:5f:
                    26:e8:17:94:54:e5:81:15:c4:ba:c2:73:61:a5:b7:
                    b4:02:44:0e:7e:c2:78:86:69:c7:3d:36:56:01:2b:
                    ec:f0:40:69:68:b6:c9:bd:ed:8c:55:36:f6:47:f1:
                    31:72:c3:21:6f:95:8f:0e:93:e2:33:25:d2:d1:90:
                    f6:1e:f9:f6:8d:25:58:d3:18:70:fd:3d:50:ca:24:
                    5b:d9:72:f0:9f:a5:c1:21:3f:2f:aa:e7:ee:bf:e6:
                    fb:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:24:F6:3A:A4:E6:B5:AB:25:0E:6D:7E:9D:81:D4:DE:2F:71:47:DE
            X509v3 Authority Key Identifier:
                keyid:85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:14:e7:19:21:db:6c:de:cc:1a:2d:30:d0:5f:5e:3d:f1:11:
         f3:12:95:fa:bd:c6:44:50:70:1f:44:6d:54:5c:c0:f7:e3:34:
         57:72:e3:47:95:53:65:e6:ae:b5:68:b2:d5:f9:9c:c4:b5:d9:
         c8:19:f3:75:b6:06:d6:0f:b0:83:22:76:c7:d5:c3:90:09:77:
         98:bd:29:b6:c2:a4:20:00:62:a1:9a:0c:c5:a9:90:73:6c:6c:
         8f:07:ac:b3:f0:ac:0d:a1:0c:bc:98:b8:a2:e4:36:c5:f9:e5:
         5d:4d:56:80:21:80:57:5a:71:e7:b6:ef:18:09:90:0f:0d:4d:
         92:30:b3:98:44:9f:50:95:df:dd:46:c0:f3:98:41:0c:e1:df:
         c4:c1:0d:82:9a:7c:80:34:66:d3:e6:32:cf:1a:6e:0b:6f:8e:
         3e:0a:2f:5a:42:c7:1a:b5:72:21:8a:4d:26:f8:25:99:9f:b0:
         10:b7:a4:70:d0:3e:e9:e7:03:fa:cb:bd:39:61:6b:b2:60:b3:
         80:9d:a8:bb:51:82:a6:ae:eb:73:53:bf:c5:38:09:fa:c7:8b:
         02:2a:3f:43:98:5d:c4:f0:dc:76:fb:fb:44:4b:b5:f6:62:ad:
         f2:77:0e:c0:01:ca:f0:8a:b2:6e:b0:b3:99:21:2d:2d:d5:ac:
         7a:3b:22:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zCGf8k/KJdlv6zG7+yXOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjM1MDMwNWYxMTM4NzUwMGYwM2M1YTA2ZmY3M2FhMTM1
OTJmMWMwHhcNMjYwMzI4MDYwMTIyWhcNMjYwMzI5MDYwMTIyWjAzMTEwLwYDVQQD
EyhhZDI0ZjYzYWE0ZTZiNWFiMjUwZTZkN2U5ZDgxZDRkZTJmNzE0N2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfvf5fQUCt02wWABF4DapvK0/ops
kNzBdfrDP4IaThIrXiPzTX2C8SUWuTS1A5TE+r1yafyvLyD5cGA9KWfEbDxVHc0m
Oms3IVpmGcnJ+cSSBhgF77+EjlV7dNprvc4OEOHm+n33GoO3a/SB5aBH/ZbUeq4l
U8rfJKlzoWLcV1iSbg2Cla6rDEu0mIqMfRReM6NR33PvKWF1onMIn1srRsF+pV8m
6BeUVOWBFcS6wnNhpbe0AkQOfsJ4hmnHPTZWASvs8EBpaLbJve2MVTb2R/ExcsMh
b5WPDpPiMyXS0ZD2Hvn2jSVY0xhw/T1QyiRb2XLwn6XBIT8vqufuv+b7ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0k9jqk5rWrJQ5tfp2B1N4vcUfeMB8GA1UdIwQY
MBaAFIVjUDBfETh1APA8Wgb/c6oTWS8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTct
ZWNlYzFiMmVkYjU5LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTctZWNlYzFiMmVkYjU5
LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbhTnGSHb
bN7MGi0w0F9ePfER8xKV+r3GRFBwH0RtVFzA9+M0V3LjR5VTZeautWiy1fmcxLXZ
yBnzdbYG1g+wgyJ2x9XDkAl3mL0ptsKkIABioZoMxamQc2xsjwess/CsDaEMvJi4
ouQ2xfnlXU1WgCGAV1px57bvGAmQDw1NkjCzmESfUJXf3UbA85hBDOHfxMENgpp8
gDRm0+YyzxpuC2+OPgovWkLHGrVyIYpNJvglmZ+wELekcNA+6ecD+su9OWFrsmCz
gJ2ou1GCpq7rc1O/xTgJ+seLAio/Q5hdxPDcdvv7REu19mKt8ncOwAHK8IqybrCz
mSEtLdWsejsiRQ==
-----END CERTIFICATE-----