Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
File:                     Hekyc87VkolMnTVRSLsfrMEPcqI.mft (raw, json)
Hash identifier:          4tLqsHbyRXX3IYggyVHl1pUv/d/NxG+HWzGEbo/Se6k=
Subject key identifier:   93:8B:0B:F1:3D:7B:75:52:0B:44:39:2D:99:AD:16:30:F0:CA:54:00
Authority key identifier: 1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2
Certificate issuer:       /CN=1de93273ced592894c9d355148bb1facc10f72a2
Certificate serial:       019D28F1FD6E92A2F8655AB5617D4994D8DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
Manifest number:          1469
Signing time:             Thu 26 Mar 2026 07:00:40 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:40 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:40 +0000
Files and hashes:         1: Hekyc87VkolMnTVRSLsfrMEPcqI.crl (hash: Y7eMuz8WQRIJ7GQ4UKbJUMZWX24+n9znItZywQGr1tE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f1:fd:6e:92:a2:f8:65:5a:b5:61:7d:49:94:d8:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1de93273ced592894c9d355148bb1facc10f72a2
        Validity
            Not Before: Mar 26 07:00:40 2026 GMT
            Not After : Mar 27 07:00:40 2026 GMT
        Subject: CN=938b0bf13d7b75520b44392d99ad1630f0ca5400
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5d:dc:03:11:ff:9a:ce:8a:ed:90:d8:7a:0f:
                    00:80:5a:ab:73:48:14:b0:cb:8d:e3:9d:e9:09:ab:
                    4e:78:3e:09:33:92:a1:cd:75:d6:2e:d3:5f:e8:a6:
                    f8:16:6b:fb:f9:d7:04:df:07:fd:4e:df:54:19:7d:
                    c8:1b:13:15:a7:aa:82:77:86:f6:b9:ce:b5:9f:30:
                    66:28:69:cb:ae:15:e0:05:17:7d:32:62:4f:d5:9e:
                    69:ae:8e:71:a5:a6:b8:37:e8:34:bc:db:e2:c9:df:
                    b0:2a:78:a6:e7:d2:f1:b0:9d:04:19:53:c3:95:32:
                    11:01:5c:63:1c:47:e7:15:eb:f2:73:5d:86:ab:d9:
                    19:c1:08:90:9b:d6:7f:e0:89:75:ad:d4:1c:93:b4:
                    6e:9f:ac:d8:66:0f:a8:be:87:45:3d:fd:00:27:f1:
                    e2:d5:32:5a:26:13:cd:69:de:c4:35:70:4a:c8:dc:
                    49:cf:7c:80:ab:4d:a9:09:45:d2:43:4e:37:82:96:
                    ad:6d:a7:7f:c3:83:ca:45:1a:be:6e:28:74:ee:c8:
                    f3:c1:00:86:92:22:40:b7:3f:85:c0:b0:3d:9c:7f:
                    25:26:3e:33:c8:a9:c9:93:3f:1b:52:5c:92:2f:2c:
                    ff:55:11:2c:c0:d1:77:cc:28:d0:f9:3f:e3:5f:60:
                    e2:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:8B:0B:F1:3D:7B:75:52:0B:44:39:2D:99:AD:16:30:F0:CA:54:00
            X509v3 Authority Key Identifier:
                keyid:1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:7e:c2:7b:4c:30:eb:63:ba:5b:6d:be:61:c3:80:86:4f:4c:
         c0:61:4d:da:35:6e:77:32:f4:65:e7:66:db:d0:af:32:32:f5:
         c0:c6:c6:1d:c0:bc:b1:0b:cf:14:7c:36:01:25:63:dd:88:9e:
         d8:56:83:8f:56:c9:d1:75:a5:13:a8:a5:b5:ee:32:28:bf:21:
         66:8e:5a:1f:db:bb:0c:52:53:c3:3e:6c:9a:ac:62:e5:64:c5:
         f2:23:39:12:ec:9f:01:59:c0:9d:7f:4c:e4:82:7a:73:ba:51:
         47:8d:a3:52:83:2a:8c:da:ff:7e:54:9b:a1:0f:dd:cc:27:fc:
         cd:ec:a9:d5:92:e8:68:40:d1:c1:06:1e:4f:29:9c:68:29:02:
         77:ac:87:9a:de:8b:89:21:39:c6:a7:e4:86:05:70:4d:5f:02:
         9a:2e:1f:02:db:42:f3:b8:1b:1b:31:0c:e8:ee:8e:94:8f:a6:
         d8:3e:ed:31:50:a5:96:24:8f:b7:48:91:a9:65:92:d6:33:08:
         18:75:98:a5:e5:f4:66:fe:13:ab:75:bc:b1:33:b7:a1:09:d9:
         d6:b8:bc:06:70:65:3d:3f:f1:91:df:1e:4d:f8:14:ba:0e:69:
         44:37:f7:5c:4b:ed:bf:4b:e6:41:ec:12:b0:47:5b:12:2f:55:
         34:76:5e:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8f1ukqL4ZVq1YX1JlNjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTkzMjczY2VkNTkyODk0YzlkMzU1MTQ4YmIxZmFjYzEw
ZjcyYTIwHhcNMjYwMzI2MDcwMDQwWhcNMjYwMzI3MDcwMDQwWjAzMTEwLwYDVQQD
Eyg5MzhiMGJmMTNkN2I3NTUyMGI0NDM5MmQ5OWFkMTYzMGYwY2E1NDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl3cAxH/ms6K7ZDYeg8AgFqrc0gU
sMuN453pCatOeD4JM5KhzXXWLtNf6Kb4Fmv7+dcE3wf9Tt9UGX3IGxMVp6qCd4b2
uc61nzBmKGnLrhXgBRd9MmJP1Z5pro5xpaa4N+g0vNviyd+wKnim59LxsJ0EGVPD
lTIRAVxjHEfnFevyc12Gq9kZwQiQm9Z/4Il1rdQck7Run6zYZg+ovodFPf0AJ/Hi
1TJaJhPNad7ENXBKyNxJz3yAq02pCUXSQ043gpatbad/w4PKRRq+bih07sjzwQCG
kiJAtz+FwLA9nH8lJj4zyKnJkz8bUlySLyz/VREswNF3zCjQ+T/jX2DiWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOLC/E9e3VSC0Q5LZmtFjDwylQAMB8GA1UdIwQY
MBaAFB3pMnPO1ZKJTJ01UUi7H6zBD3KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgt
MThhZDU4OWNlY2QwLzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgtMThhZDU4OWNlY2Qw
LzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwn7Ce0ww
62O6W22+YcOAhk9MwGFN2jVudzL0Zedm29CvMjL1wMbGHcC8sQvPFHw2ASVj3Yie
2FaDj1bJ0XWlE6ilte4yKL8hZo5aH9u7DFJTwz5smqxi5WTF8iM5EuyfAVnAnX9M
5IJ6c7pRR42jUoMqjNr/flSboQ/dzCf8zeyp1ZLoaEDRwQYeTymcaCkCd6yHmt6L
iSE5xqfkhgVwTV8Cmi4fAttC87gbGzEM6O6OlI+m2D7tMVClliSPt0iRqWWS1jMI
GHWYpeX0Zv4Tq3W8sTO3oQnZ1ri8BnBlPT/xkd8eTfgUug5pRDf3XEvtv0vmQewS
sEdbEi9VNHZe0Q==
-----END CERTIFICATE-----