Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.mft
File:                     HbLi5zWagBYypm0QuWHk8uxt_E8.mft (raw, json)
Hash identifier:          zSk/NV4NYqb/6tSBj95BgFlxpR7K69rgi88ex9HPtio=
Subject key identifier:   DD:C3:DC:0C:FC:6E:43:0F:AC:4F:F9:62:E7:DE:D8:1C:C0:6E:D1:4A
Authority key identifier: 1D:B2:E2:E7:35:9A:80:16:32:A6:6D:10:B9:61:E4:F2:EC:6D:FC:4F
Certificate issuer:       /CN=1db2e2e7359a801632a66d10b961e4f2ec6dfc4f
Certificate serial:       019D2772405902D2FA265FB9F45BA4F555EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbLi5zWagBYypm0QuWHk8uxt_E8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 00:01:32 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:32 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:32 +0000
Files and hashes:         1: HbLi5zWagBYypm0QuWHk8uxt_E8.crl (hash: tDvnxo+SpApPU1rs+aY489sXnokIXf1VkjWyv2hbs6M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbLi5zWagBYypm0QuWHk8uxt_E8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:40:59:02:d2:fa:26:5f:b9:f4:5b:a4:f5:55:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db2e2e7359a801632a66d10b961e4f2ec6dfc4f
        Validity
            Not Before: Mar 26 00:01:32 2026 GMT
            Not After : Mar 27 00:01:32 2026 GMT
        Subject: CN=ddc3dc0cfc6e430fac4ff962e7ded81cc06ed14a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:85:d3:c2:30:db:52:5f:51:87:9c:f3:dd:6e:
                    cd:9e:73:a7:b6:2e:92:c4:05:82:67:7e:91:1b:d6:
                    fe:77:37:35:6e:62:68:6d:78:be:b0:d5:88:40:ae:
                    6f:13:9b:ed:ff:06:c9:29:10:9e:46:eb:66:2e:82:
                    91:83:ca:d6:8b:d5:6e:80:88:c6:c6:4b:c5:04:56:
                    d5:49:cc:99:67:50:c7:43:9b:0f:23:c8:f9:88:5d:
                    22:d8:30:8e:17:6b:3a:ff:82:82:c5:0c:82:e1:72:
                    38:4e:78:93:d0:8a:09:6e:62:19:cd:6a:d0:90:2c:
                    2a:df:dc:6a:c0:3f:f7:3b:a8:43:07:fb:b8:e9:a4:
                    ea:97:00:be:1b:e4:7b:41:03:cb:8d:3a:16:28:2e:
                    82:57:29:c0:b2:15:40:f4:4d:db:09:40:e8:c5:5e:
                    be:33:95:79:2f:8c:82:0f:18:ae:ce:af:68:ba:d3:
                    1b:79:1b:ff:35:db:cc:d2:1d:e5:e8:75:db:3b:97:
                    d6:37:00:53:10:58:24:c4:85:ef:ef:34:56:0a:6c:
                    97:56:d4:ef:34:9f:36:4f:06:69:3a:d5:62:7b:43:
                    b1:fe:f9:72:00:e3:a7:27:b2:84:b4:b2:88:b8:a4:
                    f6:be:ff:4b:4b:6e:0b:4a:d1:8d:f3:c2:de:90:8c:
                    7a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:C3:DC:0C:FC:6E:43:0F:AC:4F:F9:62:E7:DE:D8:1C:C0:6E:D1:4A
            X509v3 Authority Key Identifier:
                keyid:1D:B2:E2:E7:35:9A:80:16:32:A6:6D:10:B9:61:E4:F2:EC:6D:FC:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbLi5zWagBYypm0QuWHk8uxt_E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:5c:4e:66:01:6e:0e:3b:f7:c7:c8:da:d5:ca:c2:e2:6a:7a:
         c8:d3:eb:c1:aa:e6:76:91:06:77:eb:60:db:a4:00:d6:d0:fb:
         da:0c:ef:67:fa:37:51:b1:11:78:94:59:83:d5:46:d1:99:d1:
         7b:bc:97:34:14:1e:b4:85:88:d7:fe:26:c0:48:65:ba:ce:fa:
         c1:17:8d:40:33:92:d9:f6:ae:4e:00:59:ab:07:7e:23:de:83:
         2a:9f:77:20:d4:a5:6b:ad:8b:c3:a6:3c:1a:64:9a:95:3d:37:
         8c:0e:8f:ee:33:9b:c6:53:9b:b5:5e:d9:2b:85:4a:a1:93:e3:
         3f:cd:aa:92:a2:5f:17:63:96:fb:f3:d9:ac:0b:47:53:22:4a:
         a7:95:9b:0c:fd:55:14:5a:3f:2f:94:8d:ad:48:e2:ba:2c:20:
         88:b1:4d:f1:41:1f:45:19:7d:62:8d:97:d5:a3:04:d7:25:57:
         61:81:72:5e:a9:be:9e:c8:23:2d:8b:e5:b8:7c:f4:8b:64:be:
         ae:17:df:de:5d:fc:2c:16:8e:ec:bb:56:ac:a5:c9:63:f7:6b:
         5c:45:44:c1:18:92:8d:1c:a8:8e:6b:cf:b8:ac:5f:59:fe:ee:
         20:33:3f:c0:be:bf:aa:d9:3e:43:21:5a:eb:0a:30:45:3c:82:
         04:ea:17:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nckBZAtL6Jl+59Fuk9VXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjJlMmU3MzU5YTgwMTYzMmE2NmQxMGI5NjFlNGYyZWM2
ZGZjNGYwHhcNMjYwMzI2MDAwMTMyWhcNMjYwMzI3MDAwMTMyWjAzMTEwLwYDVQQD
EyhkZGMzZGMwY2ZjNmU0MzBmYWM0ZmY5NjJlN2RlZDgxY2MwNmVkMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoXTwjDbUl9Rh5zz3W7NnnOnti6S
xAWCZ36RG9b+dzc1bmJobXi+sNWIQK5vE5vt/wbJKRCeRutmLoKRg8rWi9VugIjG
xkvFBFbVScyZZ1DHQ5sPI8j5iF0i2DCOF2s6/4KCxQyC4XI4TniT0IoJbmIZzWrQ
kCwq39xqwD/3O6hDB/u46aTqlwC+G+R7QQPLjToWKC6CVynAshVA9E3bCUDoxV6+
M5V5L4yCDxiuzq9outMbeRv/NdvM0h3l6HXbO5fWNwBTEFgkxIXv7zRWCmyXVtTv
NJ82TwZpOtVie0Ox/vlyAOOnJ7KEtLKIuKT2vv9LS24LStGN88LekIx6kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3D3Az8bkMPrE/5Yufe2BzAbtFKMB8GA1UdIwQY
MBaAFB2y4uc1moAWMqZtELlh5PLsbfxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJMaTV6V2FnQll5cG0wUXVXSGs4dXh0X0U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82ZmQ5YmUtOTY5NC00NjM5LTkwYzUt
OTBlYmQ3NmU5MWY5LzEvSGJMaTV6V2FnQll5cG0wUXVXSGs4dXh0X0U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82ZmQ5YmUtOTY5NC00NjM5LTkwYzUtOTBlYmQ3NmU5MWY5
LzEvSGJMaTV6V2FnQll5cG0wUXVXSGs4dXh0X0U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHFxOZgFu
Djv3x8ja1crC4mp6yNPrwarmdpEGd+tg26QA1tD72gzvZ/o3UbEReJRZg9VG0ZnR
e7yXNBQetIWI1/4mwEhlus76wReNQDOS2fauTgBZqwd+I96DKp93INSla62Lw6Y8
GmSalT03jA6P7jObxlObtV7ZK4VKoZPjP82qkqJfF2OW+/PZrAtHUyJKp5WbDP1V
FFo/L5SNrUjiuiwgiLFN8UEfRRl9Yo2X1aME1yVXYYFyXqm+nsgjLYvluHz0i2S+
rhff3l38LBaO7LtWrKXJY/drXEVEwRiSjRyojmvPuKxfWf7uIDM/wL6/qtk+QyFa
6wowRTyCBOoX+Q==
-----END CERTIFICATE-----