Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
File:                     HAaGYxPWaK_oeYb65f95QfkoBps.mft (raw, json)
Hash identifier:          HXxBp8Y4/ujGnGnVRUv8CD9DwWkzhcL5QuEFsiT8Ut4=
Subject key identifier:   9A:CD:41:45:1A:89:7E:A6:0E:66:A3:F9:6D:FE:7A:22:C0:71:1B:3D
Authority key identifier: 1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B
Certificate issuer:       /CN=1c06866313d668afe87986fae5ff7941f928069b
Certificate serial:       019D2960C2DFDBDF90E49678175B5A218116
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
Manifest number:          127F
Signing time:             Thu 26 Mar 2026 09:01:40 +0000
Manifest this update:     Thu 26 Mar 2026 09:01:40 +0000
Manifest next update:     Fri 27 Mar 2026 09:01:40 +0000
Files and hashes:         1: HAaGYxPWaK_oeYb65f95QfkoBps.crl (hash: iPxxSrx/u31m6W0reUoVZxMn8oqInOWAkObmTDqcTQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:60:c2:df:db:df:90:e4:96:78:17:5b:5a:21:81:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06866313d668afe87986fae5ff7941f928069b
        Validity
            Not Before: Mar 26 09:01:40 2026 GMT
            Not After : Mar 27 09:01:40 2026 GMT
        Subject: CN=9acd41451a897ea60e66a3f96dfe7a22c0711b3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d0:16:3b:b1:3c:f9:bf:ff:51:02:97:55:1d:
                    de:21:62:90:6b:f6:6d:d3:a4:32:5c:78:e4:f3:56:
                    c2:72:03:5e:d3:ca:8e:1c:07:6f:09:61:f3:d2:56:
                    14:a6:ca:10:e6:96:59:20:fd:8a:22:ac:d3:65:9d:
                    29:6a:ab:69:ea:13:f7:cd:3a:87:17:b4:6b:49:1c:
                    9d:b3:84:cc:07:7e:e7:44:0d:e7:3e:5d:c0:34:29:
                    0f:0f:74:ef:e7:38:ee:ff:87:79:7e:fb:c9:4e:6e:
                    15:1e:48:4d:05:52:9b:c3:70:73:db:2d:32:53:74:
                    ae:3a:bc:b0:cf:e9:a0:05:93:da:de:4e:c0:1e:03:
                    1f:28:53:c7:9b:2a:60:db:76:a0:88:5f:72:07:04:
                    b9:88:7b:e6:b8:28:84:df:60:2a:37:14:c3:bf:67:
                    d0:e0:78:d4:73:27:38:0d:cf:13:94:4b:4b:0d:93:
                    77:ad:0a:58:42:d9:bb:2d:67:2f:55:64:b1:76:e6:
                    6b:3d:79:3f:a9:68:c5:c3:0f:42:65:16:5d:11:c5:
                    78:c9:0d:93:cc:e8:23:8a:a3:e8:54:0e:0d:db:90:
                    23:94:00:89:5a:89:5f:c3:48:3a:b9:57:a4:c9:f6:
                    28:0b:12:78:fe:c0:91:b9:55:00:71:ea:a5:1a:d8:
                    8c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:CD:41:45:1A:89:7E:A6:0E:66:A3:F9:6D:FE:7A:22:C0:71:1B:3D
            X509v3 Authority Key Identifier:
                keyid:1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:51:1e:2e:a0:39:08:71:aa:aa:72:13:83:7d:ce:57:61:7d:
         e3:70:b0:7f:97:fa:96:0c:1e:7a:75:75:7d:39:54:b5:03:26:
         15:ce:91:ee:4e:b8:80:c0:3e:e7:70:9f:73:61:e0:03:19:76:
         16:9c:5d:e9:55:32:03:9c:88:11:06:b3:d5:70:64:4f:26:1e:
         e6:88:87:3f:2d:2d:b0:8d:7b:41:97:4a:e2:76:c4:09:a8:52:
         e6:a1:39:2c:de:95:7b:b8:62:ac:ea:b1:3f:24:9e:4a:fd:52:
         98:1a:89:5f:54:a3:8e:5e:6f:84:93:a8:6c:b2:de:a4:08:67:
         5e:53:0e:62:e9:be:65:12:c6:21:ea:be:35:dd:92:6a:20:72:
         f5:fa:6a:ab:a3:9c:b9:f2:63:e6:09:14:81:8f:33:49:b9:57:
         ca:c4:01:90:4b:2d:57:3e:ce:a4:52:4a:c1:6b:7c:03:17:c8:
         9e:8f:92:9e:f4:ed:c3:d4:94:43:0a:16:6a:dd:59:37:24:4a:
         a5:f9:40:bb:ff:37:7a:63:9a:ec:00:8a:0e:93:82:d7:24:e9:
         e4:80:fb:b3:a1:28:ab:55:7a:a5:4f:6f:c2:66:3f:45:7a:b2:
         a5:00:96:4a:f5:a6:08:c7:38:2c:0b:e8:63:4e:70:9e:40:11:
         54:38:6b:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYMLf29+Q5JZ4F1taIYEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDY4NjYzMTNkNjY4YWZlODc5ODZmYWU1ZmY3OTQxZjky
ODA2OWIwHhcNMjYwMzI2MDkwMTQwWhcNMjYwMzI3MDkwMTQwWjAzMTEwLwYDVQQD
Eyg5YWNkNDE0NTFhODk3ZWE2MGU2NmEzZjk2ZGZlN2EyMmMwNzExYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNAWO7E8+b//UQKXVR3eIWKQa/Zt
06QyXHjk81bCcgNe08qOHAdvCWHz0lYUpsoQ5pZZIP2KIqzTZZ0paqtp6hP3zTqH
F7RrSRyds4TMB37nRA3nPl3ANCkPD3Tv5zju/4d5fvvJTm4VHkhNBVKbw3Bz2y0y
U3SuOrywz+mgBZPa3k7AHgMfKFPHmypg23agiF9yBwS5iHvmuCiE32AqNxTDv2fQ
4HjUcyc4Dc8TlEtLDZN3rQpYQtm7LWcvVWSxduZrPXk/qWjFww9CZRZdEcV4yQ2T
zOgjiqPoVA4N25AjlACJWolfw0g6uVekyfYoCxJ4/sCRuVUAceqlGtiM6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrNQUUaiX6mDmaj+W3+eiLAcRs9MB8GA1UdIwQY
MBaAFBwGhmMT1miv6HmG+uX/eUH5KAabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMt
NmFiOThkMzZkYWM2LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMtNmFiOThkMzZkYWM2
LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq1EeLqA5
CHGqqnITg33OV2F943Cwf5f6lgweenV1fTlUtQMmFc6R7k64gMA+53Cfc2HgAxl2
Fpxd6VUyA5yIEQaz1XBkTyYe5oiHPy0tsI17QZdK4nbECahS5qE5LN6Ve7hirOqx
PySeSv1SmBqJX1Sjjl5vhJOobLLepAhnXlMOYum+ZRLGIeq+Nd2SaiBy9fpqq6Oc
ufJj5gkUgY8zSblXysQBkEstVz7OpFJKwWt8AxfIno+SnvTtw9SUQwoWat1ZNyRK
pflAu/83emOa7ACKDpOC1yTp5ID7s6Eoq1V6pU9vwmY/RXqypQCWSvWmCMc4LAvo
Y05wnkARVDhrDQ==
-----END CERTIFICATE-----