Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
File:                     hUYNJS18tlxJNM6stG-pbctrVws.mft (raw, json)
Hash identifier:          P+0RbHlz4CcdMIEvLO47KMvB5qxDYUfYXrTRss6UhYE=
Subject key identifier:   93:00:93:56:4A:2C:B5:D5:3B:95:E9:CE:44:0B:0A:AA:CB:89:FA:6B
Authority key identifier: 85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B
Certificate issuer:       /CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
Certificate serial:       019D2A04CF7C578E006C281E5C511872B142
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
Manifest number:          09B6
Signing time:             Thu 26 Mar 2026 12:00:51 +0000
Manifest this update:     Thu 26 Mar 2026 12:00:51 +0000
Manifest next update:     Fri 27 Mar 2026 12:00:51 +0000
Files and hashes:         1: hUYNJS18tlxJNM6stG-pbctrVws.crl (hash: ngzC1ugN8hYUurX6iMN642fwgfnB/FtUnsbeDqBv6r0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:04:cf:7c:57:8e:00:6c:28:1e:5c:51:18:72:b1:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
        Validity
            Not Before: Mar 26 12:00:51 2026 GMT
            Not After : Mar 27 12:00:51 2026 GMT
        Subject: CN=930093564a2cb5d53b95e9ce440b0aaacb89fa6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:26:cc:96:80:80:9f:6a:62:8e:90:eb:5f:8a:
                    32:e4:af:b5:90:54:c6:5b:f8:51:ec:bc:16:d8:a3:
                    49:61:ac:80:24:63:bf:b3:24:e7:3b:32:10:b7:2a:
                    4d:7d:ef:35:7a:00:9f:f8:90:d7:fb:7f:8a:4c:be:
                    7c:a5:29:d1:9c:66:25:c9:84:36:4e:9e:21:b8:d2:
                    af:be:ae:d4:e1:29:ef:f8:a2:d1:37:61:1f:99:70:
                    8b:82:9f:1d:b6:a4:d4:ef:d9:e8:ae:32:67:a4:5a:
                    be:f7:34:8b:64:e5:35:ca:b4:81:d8:7e:00:f5:eb:
                    d0:1b:b4:58:36:62:f1:03:53:27:05:4e:2e:f2:60:
                    46:fe:ef:b4:b1:0c:64:8a:30:d9:8a:51:92:f8:a9:
                    7a:76:ad:e1:9f:46:9a:57:49:1d:93:b0:41:94:9a:
                    82:e0:1c:bd:b6:d5:08:5f:4c:0f:9a:d5:a5:f1:2a:
                    44:cf:30:54:cf:21:93:e6:d0:c7:c8:53:c0:1c:1a:
                    94:be:08:83:a8:e4:56:73:14:70:72:49:3f:b5:ce:
                    99:fe:42:bc:08:06:09:e9:1c:b9:fa:ff:1a:8c:51:
                    2a:08:d3:e3:40:19:91:3e:bd:23:e7:95:2b:9c:9c:
                    ac:d8:b8:d9:83:07:d8:69:02:30:cf:d1:20:0c:ad:
                    5c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:00:93:56:4A:2C:B5:D5:3B:95:E9:CE:44:0B:0A:AA:CB:89:FA:6B
            X509v3 Authority Key Identifier:
                keyid:85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:be:fb:8e:fd:18:ac:e3:cc:d7:85:4f:e8:69:77:34:b4:3f:
         c2:08:57:61:33:c4:68:a7:76:33:48:40:95:a4:d5:7e:f2:53:
         83:6d:eb:7b:c1:b5:76:0e:83:43:7a:ac:08:6c:75:7a:49:12:
         48:fd:3b:18:1e:6c:70:10:17:a7:74:78:02:60:11:15:8b:3e:
         36:cc:72:50:74:78:b7:e5:ae:63:cd:45:a3:86:51:33:64:51:
         1f:b5:a7:fa:6e:99:ec:90:93:25:f7:05:f2:c1:5c:3a:48:3d:
         21:2e:7c:b2:3d:28:cd:73:a1:65:b0:26:a6:3c:29:ec:78:7a:
         5e:30:9a:0c:ad:88:b4:8f:6c:2d:ee:cb:47:e6:f5:a4:7a:d3:
         a8:6b:0f:a3:ba:54:f6:d0:de:ee:59:18:79:8e:c9:ce:5a:4b:
         31:07:20:f8:04:a9:73:87:9b:56:14:11:0c:8c:2f:ae:fb:99:
         47:9a:d6:1d:a5:d1:54:6b:c8:3c:c0:c3:0f:da:36:a9:da:2d:
         34:d8:e8:52:28:c0:45:6f:2e:7d:24:5b:74:af:45:3b:40:a4:
         f4:04:9d:79:f3:44:09:1f:0f:76:bc:db:05:2f:0b:83:4b:c2:
         5c:c9:5f:fb:ad:8f:30:21:e3:c2:0d:00:8c:2a:c1:9f:5b:a1:
         30:df:34:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBM98V44AbCgeXFEYcrFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYwZDI1MmQ3Y2I2NWM0OTM0Y2VhY2I0NmZhOTZkY2I2
YjU3MGIwHhcNMjYwMzI2MTIwMDUxWhcNMjYwMzI3MTIwMDUxWjAzMTEwLwYDVQQD
Eyg5MzAwOTM1NjRhMmNiNWQ1M2I5NWU5Y2U0NDBiMGFhYWNiODlmYTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnibMloCAn2pijpDrX4oy5K+1kFTG
W/hR7LwW2KNJYayAJGO/syTnOzIQtypNfe81egCf+JDX+3+KTL58pSnRnGYlyYQ2
Tp4huNKvvq7U4Snv+KLRN2EfmXCLgp8dtqTU79norjJnpFq+9zSLZOU1yrSB2H4A
9evQG7RYNmLxA1MnBU4u8mBG/u+0sQxkijDZilGS+Kl6dq3hn0aaV0kdk7BBlJqC
4By9ttUIX0wPmtWl8SpEzzBUzyGT5tDHyFPAHBqUvgiDqORWcxRwckk/tc6Z/kK8
CAYJ6Ry5+v8ajFEqCNPjQBmRPr0j55UrnJys2LjZgwfYaQIwz9EgDK1cYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJMAk1ZKLLXVO5XpzkQLCqrLifprMB8GA1UdIwQY
MBaAFIVGDSUtfLZcSTTOrLRvqW3La1cLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2Qt
OTI2YTBiMmQ1N2FkLzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2QtOTI2YTBiMmQ1N2Fk
LzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATr77jv0Y
rOPM14VP6Gl3NLQ/wghXYTPEaKd2M0hAlaTVfvJTg23re8G1dg6DQ3qsCGx1ekkS
SP07GB5scBAXp3R4AmARFYs+NsxyUHR4t+WuY81Fo4ZRM2RRH7Wn+m6Z7JCTJfcF
8sFcOkg9IS58sj0ozXOhZbAmpjwp7Hh6XjCaDK2ItI9sLe7LR+b1pHrTqGsPo7pU
9tDe7lkYeY7JzlpLMQcg+ASpc4ebVhQRDIwvrvuZR5rWHaXRVGvIPMDDD9o2qdot
NNjoUijARW8ufSRbdK9FO0Ck9ASdefNECR8PdrzbBS8Lg0vCXMlf+62PMCHjwg0A
jCrBn1uhMN80SA==
-----END CERTIFICATE-----