Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          whc2wnqo2tRldPixDbwptN7bbldlZkm4drHKXdoa7Sw=
Subject key identifier:   B6:8D:33:CE:F6:7C:7E:2E:80:32:40:7F:44:6B:24:33:FD:64:31:D6
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       019D29611B0B8B1CD00EA92FCFDC19DFBFE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          0858
Signing time:             Thu 26 Mar 2026 09:02:02 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:02 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:02 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: XtNe20Y3WmeC4ScuuJW+L82ojcgMViSBmpEA0lk2u+s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:1b:0b:8b:1c:d0:0e:a9:2f:cf:dc:19:df:bf:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Mar 26 09:02:02 2026 GMT
            Not After : Mar 27 09:02:02 2026 GMT
        Subject: CN=b68d33cef67c7e2e8032407f446b2433fd6431d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a1:95:80:05:45:2d:ec:7b:ff:bc:3d:c5:95:
                    7c:c5:3d:78:56:1b:42:47:ed:bc:c5:5a:a5:62:a9:
                    c0:b5:44:cf:ba:4b:b7:17:16:73:b3:4b:fb:48:05:
                    c6:c5:50:23:49:4b:ea:d1:7b:b7:ae:db:5c:8c:85:
                    4d:35:15:a0:1f:e5:12:da:56:96:8e:54:55:f3:bb:
                    78:cc:d2:61:a2:c5:cc:8b:ec:04:73:09:31:c1:69:
                    e3:dd:b3:c3:40:2b:1a:81:e5:9c:a4:67:ca:4e:a0:
                    35:94:d0:28:48:d5:69:6a:82:18:93:26:e4:1c:b0:
                    be:66:a3:14:f1:a7:87:64:5e:c8:7d:8f:c6:c9:12:
                    14:c3:02:6e:36:fb:2c:59:de:cc:7d:93:f5:54:51:
                    81:0c:bb:fb:c3:ed:21:87:00:f5:26:da:67:2e:b4:
                    64:81:c9:bd:af:5f:d7:11:23:f2:d0:03:ac:49:98:
                    74:5f:c0:47:dd:57:4a:80:fe:73:35:8a:4c:e0:ce:
                    65:30:9f:24:59:43:73:fc:ab:0c:8e:62:a0:d2:18:
                    f3:12:dc:98:39:d1:da:97:b5:82:d0:0e:83:45:9c:
                    42:cc:1f:0a:bc:99:a1:6b:60:40:2c:6a:2f:90:d9:
                    7b:95:92:69:d2:de:dc:d6:a9:55:9e:e6:8e:f0:eb:
                    45:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:8D:33:CE:F6:7C:7E:2E:80:32:40:7F:44:6B:24:33:FD:64:31:D6
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:2c:28:20:95:1c:04:52:e9:e6:c8:42:a1:b8:d3:80:f9:a0:
         e1:46:c7:9c:a3:f9:f5:5a:eb:f9:4b:7a:01:fa:d9:b1:06:b0:
         49:3b:c5:bb:e9:0b:5a:dd:a2:5e:00:27:97:c0:0c:8b:07:17:
         17:fe:8f:99:d1:18:22:2e:fb:f3:f6:c0:75:a1:a3:68:1b:e5:
         fc:0a:57:4c:db:19:96:13:5f:62:8b:1d:1f:09:f6:57:e8:af:
         26:ef:40:d3:cd:dc:d6:72:33:95:85:54:4f:8c:3e:2d:12:b5:
         91:0b:39:d7:94:6f:4d:44:1a:12:e0:7f:3b:ec:7a:81:c0:3a:
         93:8f:a6:ed:3a:f5:c5:c2:15:d3:7c:2e:62:db:8f:39:ef:d3:
         69:22:37:54:f2:2f:7d:1e:b2:f5:52:ee:3a:cb:50:3b:dc:94:
         95:e6:9e:21:f6:66:7e:cf:88:7f:a7:5c:a8:e6:b1:33:c2:9c:
         24:f9:48:3a:73:92:46:9f:70:84:a5:d8:6a:42:50:d3:df:24:
         a6:18:fa:f6:9e:73:4a:86:e6:e3:03:ec:37:8b:4b:ba:e4:45:
         6b:29:ae:3f:2a:74:e8:30:7d:cb:e8:54:44:41:7c:31:72:f6:
         dc:ba:91:f1:29:df:c4:b5:72:6e:87:ea:34:ae:5a:81:cb:d4:
         dd:b2:95:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYRsLixzQDqkvz9wZ37/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjYwMzI2MDkwMjAyWhcNMjYwMzI3MDkwMjAyWjAzMTEwLwYDVQQD
EyhiNjhkMzNjZWY2N2M3ZTJlODAzMjQwN2Y0NDZiMjQzM2ZkNjQzMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaGVgAVFLex7/7w9xZV8xT14VhtC
R+28xVqlYqnAtUTPuku3FxZzs0v7SAXGxVAjSUvq0Xu3rttcjIVNNRWgH+US2laW
jlRV87t4zNJhosXMi+wEcwkxwWnj3bPDQCsageWcpGfKTqA1lNAoSNVpaoIYkybk
HLC+ZqMU8aeHZF7IfY/GyRIUwwJuNvssWd7MfZP1VFGBDLv7w+0hhwD1JtpnLrRk
gcm9r1/XESPy0AOsSZh0X8BH3VdKgP5zNYpM4M5lMJ8kWUNz/KsMjmKg0hjzEtyY
OdHal7WC0A6DRZxCzB8KvJmha2BALGovkNl7lZJp0t7c1qlVnuaO8OtFoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLaNM872fH4ugDJAf0RrJDP9ZDHWMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeywoIJUc
BFLp5shCobjTgPmg4UbHnKP59Vrr+Ut6AfrZsQawSTvFu+kLWt2iXgAnl8AMiwcX
F/6PmdEYIi778/bAdaGjaBvl/ApXTNsZlhNfYosdHwn2V+ivJu9A083c1nIzlYVU
T4w+LRK1kQs515RvTUQaEuB/O+x6gcA6k4+m7Tr1xcIV03wuYtuPOe/TaSI3VPIv
fR6y9VLuOstQO9yUleaeIfZmfs+If6dcqOaxM8KcJPlIOnOSRp9whKXYakJQ098k
phj69p5zSobm4wPsN4tLuuRFaymuPyp06DB9y+hUREF8MXL23LqR8SnfxLVybofq
NK5agcvU3bKVLg==
-----END CERTIFICATE-----