Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
File:                     hyDPLDSRRvabop66wMiCKIEcovE.mft (raw, json)
Hash identifier:          sDpIagnlM7JXXJtwEkLEScasFNMrnqIRAqNbOE9uwMM=
Subject key identifier:   38:D0:63:3A:39:B3:59:22:2A:16:DB:77:A4:A3:7B:15:04:31:5D:63
Authority key identifier: 87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1
Certificate issuer:       /CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
Certificate serial:       019D27043FA00A83E3490BCA099A1B39B020
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
Manifest number:          0C52
Signing time:             Wed 25 Mar 2026 22:01:22 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:22 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:22 +0000
Files and hashes:         1: hyDPLDSRRvabop66wMiCKIEcovE.crl (hash: WvQscRrNlVlcnJK9FftV8iQ7eJuBaQPnkD/RDPCvGoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:3f:a0:0a:83:e3:49:0b:ca:09:9a:1b:39:b0:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
        Validity
            Not Before: Mar 25 22:01:22 2026 GMT
            Not After : Mar 26 22:01:22 2026 GMT
        Subject: CN=38d0633a39b359222a16db77a4a37b1504315d63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:0e:5a:40:9c:63:6d:8d:71:05:33:92:8c:09:
                    66:31:12:e4:13:8a:c0:d4:4b:76:79:2f:a3:e5:55:
                    b3:d5:31:96:42:51:eb:7b:b5:94:6b:e4:30:a0:83:
                    70:fa:02:3c:b5:13:a0:d3:f7:cf:20:60:2f:0f:6f:
                    30:28:bc:1a:f1:4e:b3:80:29:12:0b:e9:05:32:34:
                    6f:b2:90:98:64:ac:5f:cf:ed:f2:eb:06:a6:22:df:
                    12:63:9c:2a:c8:31:fa:65:8e:65:d0:86:38:46:4e:
                    8e:45:0b:49:3e:be:8d:44:a1:16:eb:12:e8:32:b6:
                    b2:12:68:dc:af:b3:06:da:ec:59:1f:5a:49:6e:11:
                    28:1d:35:65:7e:51:a8:55:42:78:e9:1b:95:59:fb:
                    22:11:3e:3d:38:c8:9d:d1:ab:55:6c:2b:33:c9:f1:
                    96:a6:df:c4:11:a8:37:b5:c4:c1:bd:30:28:d6:04:
                    90:f5:00:43:0b:c3:27:f1:78:5a:1e:b5:bf:99:bb:
                    04:57:39:a7:ba:5c:0a:6a:5f:c1:e2:aa:d9:43:da:
                    da:53:54:1e:df:1c:14:ab:65:4c:72:be:95:c0:9a:
                    e6:62:71:d4:a0:e3:22:65:9d:b8:34:48:69:1f:d4:
                    74:e7:ff:7c:5d:04:88:15:08:64:48:94:07:c4:12:
                    f8:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:D0:63:3A:39:B3:59:22:2A:16:DB:77:A4:A3:7B:15:04:31:5D:63
            X509v3 Authority Key Identifier:
                keyid:87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:0d:5d:68:1d:d2:4e:45:3f:13:44:49:17:58:9a:2e:58:f1:
         2f:ba:f1:e5:12:e1:73:69:8c:75:b1:8a:97:05:4c:79:86:d6:
         db:b8:5d:26:33:bc:d6:d4:9e:bc:28:ea:0b:78:e5:b8:f6:57:
         93:b5:2e:60:09:b9:fe:e7:39:d6:a2:a6:03:64:47:c0:c1:ed:
         47:9d:01:46:18:0c:0c:65:90:4e:a6:d1:20:85:46:f1:3a:a9:
         3b:0e:d4:45:e9:ca:b4:52:ea:0c:d0:5c:3b:16:cb:f3:5c:36:
         b3:01:31:4b:a6:68:0f:60:4e:79:d4:ed:aa:26:09:84:90:f0:
         89:b9:97:da:79:72:2c:a6:fb:22:d5:d5:22:c9:12:ed:a0:d7:
         95:71:5d:6d:81:a1:5c:e2:6c:e1:10:24:51:ed:22:c5:61:d9:
         67:52:48:0a:3e:f9:78:10:16:88:08:f7:df:2f:88:22:2a:e0:
         b1:63:5c:e3:77:bb:5e:62:68:5f:98:85:0f:7f:5c:d9:f5:cd:
         3c:92:2c:35:f2:de:59:35:cc:99:cf:64:53:39:fb:ad:2a:c2:
         3a:fe:66:dc:20:ba:b5:4e:d3:1b:77:c1:15:f7:ab:7d:73:c8:
         0c:c4:1e:14:e0:02:4a:ea:db:c6:03:40:6f:99:83:36:1f:c9:
         68:70:2a:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBD+gCoPjSQvKCZobObAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjBjZjJjMzQ5MTQ2ZjY5YmEyOWViYWMwYzg4MjI4ODEx
Y2EyZjEwHhcNMjYwMzI1MjIwMTIyWhcNMjYwMzI2MjIwMTIyWjAzMTEwLwYDVQQD
EygzOGQwNjMzYTM5YjM1OTIyMmExNmRiNzdhNGEzN2IxNTA0MzE1ZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5A5aQJxjbY1xBTOSjAlmMRLkE4rA
1Et2eS+j5VWz1TGWQlHre7WUa+QwoINw+gI8tROg0/fPIGAvD28wKLwa8U6zgCkS
C+kFMjRvspCYZKxfz+3y6wamIt8SY5wqyDH6ZY5l0IY4Rk6ORQtJPr6NRKEW6xLo
MrayEmjcr7MG2uxZH1pJbhEoHTVlflGoVUJ46RuVWfsiET49OMid0atVbCszyfGW
pt/EEag3tcTBvTAo1gSQ9QBDC8Mn8XhaHrW/mbsEVzmnulwKal/B4qrZQ9raU1Qe
3xwUq2VMcr6VwJrmYnHUoOMiZZ24NEhpH9R05/98XQSIFQhkSJQHxBL47wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjQYzo5s1kiKhbbd6SjexUEMV1jMB8GA1UdIwQY
MBaAFIcgzyw0kUb2m6KeusDIgiiBHKLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEt
ZDQxNTA2N2E4Zjc2LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEtZDQxNTA2N2E4Zjc2
LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAag1daB3S
TkU/E0RJF1iaLljxL7rx5RLhc2mMdbGKlwVMeYbW27hdJjO81tSevCjqC3jluPZX
k7UuYAm5/uc51qKmA2RHwMHtR50BRhgMDGWQTqbRIIVG8TqpOw7URenKtFLqDNBc
OxbL81w2swExS6ZoD2BOedTtqiYJhJDwibmX2nlyLKb7ItXVIskS7aDXlXFdbYGh
XOJs4RAkUe0ixWHZZ1JICj75eBAWiAj33y+IIirgsWNc43e7XmJoX5iFD39c2fXN
PJIsNfLeWTXMmc9kUzn7rSrCOv5m3CC6tU7TG3fBFferfXPIDMQeFOACSurbxgNA
b5mDNh/JaHAq8Q==
-----END CERTIFICATE-----