Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          FMfFRTBan8co7nIEiyf65Mei8CV3aA6twiHVzAkZzVI=
Subject key identifier:   19:82:46:36:1F:0D:EE:23:82:46:8E:1E:50:CA:B5:2D:3B:0B:57:34
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       019D38D2D2BC251CD49317F0B37BEB92CE7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          1889
Signing time:             Sun 29 Mar 2026 09:00:33 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:33 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:33 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: 7lIRjhggEX82qZ18RpbL54sRGgOgn7HJKHHjUvpamEw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:d2:bc:25:1c:d4:93:17:f0:b3:7b:eb:92:ce:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: Mar 29 09:00:33 2026 GMT
            Not After : Mar 30 09:00:33 2026 GMT
        Subject: CN=198246361f0dee2382468e1e50cab52d3b0b5734
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:2b:ee:f3:16:7a:6b:3c:a3:54:0f:02:44:ee:
                    03:44:26:16:4c:0e:f3:5a:b0:5d:85:db:52:5e:c9:
                    5c:8d:d2:91:a3:e6:f9:4a:ca:54:8b:78:fd:89:cc:
                    c7:26:9f:3c:29:0b:17:8e:36:4a:00:16:24:17:20:
                    a5:e8:5b:85:fa:09:61:d5:f1:62:19:e0:d9:7f:b1:
                    50:83:65:b8:9b:36:61:df:f5:45:10:55:d7:f2:b7:
                    b6:9b:c6:87:23:00:4d:9b:28:51:2d:2d:e9:e4:34:
                    a0:d1:a1:84:51:4c:0e:99:d9:6b:31:0f:2a:cc:ac:
                    88:18:0a:b5:31:9d:6e:e3:3d:84:7a:a2:ce:dc:e8:
                    65:41:57:58:01:c8:c7:2b:b0:3b:6a:0d:62:09:09:
                    9e:32:f5:4a:16:57:15:19:26:03:bc:7e:15:1c:d6:
                    65:48:17:f6:0e:29:d6:44:3e:0d:a1:f7:4c:31:ce:
                    5c:e5:9a:07:09:a8:4c:c9:1c:2c:04:db:f1:3f:af:
                    68:1e:c4:cb:f9:93:56:bd:ea:34:0c:cf:67:4c:5e:
                    f2:2b:23:04:ac:b5:e1:6f:11:bd:d5:f1:03:ee:dc:
                    75:9d:e3:ef:77:a1:0b:32:f0:f0:9d:33:c1:fd:07:
                    70:88:e6:49:5d:b0:88:2a:f0:44:29:20:76:b6:b9:
                    55:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:82:46:36:1F:0D:EE:23:82:46:8E:1E:50:CA:B5:2D:3B:0B:57:34
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:24:36:90:3e:05:14:ed:f6:8b:46:cc:53:12:bf:be:25:53:
         06:bd:50:c1:f7:79:31:76:bc:2f:73:da:64:e3:c7:23:b3:b3:
         39:00:2a:af:49:fb:7b:80:ee:16:8a:e7:ce:8b:f4:8f:95:7f:
         ac:b0:7e:19:35:fb:91:20:54:a4:cf:7d:9c:e9:ab:9b:6d:c9:
         b9:fa:8e:a6:1c:e3:55:62:f4:87:2c:8c:d2:8a:7e:16:d8:9e:
         6d:9e:83:4e:12:57:e7:f8:19:11:0d:29:4b:59:16:67:f1:1b:
         55:40:86:1b:59:9c:89:59:40:dc:d4:b6:60:03:22:cf:79:09:
         6e:ab:97:90:a4:cd:df:69:e9:75:41:a6:62:fd:e0:e5:a8:d7:
         59:66:c2:4f:07:ac:6f:d9:2c:ff:1f:03:93:69:13:7e:06:ac:
         a6:ed:b3:d0:9e:02:33:f2:60:2d:68:49:16:95:55:a4:6c:b3:
         a5:34:a0:19:84:e9:5e:fb:30:77:5e:72:8a:52:fc:63:e5:cd:
         d4:8d:f0:d4:6b:b3:cd:7d:03:14:7d:f5:77:9e:ca:ec:94:76:
         e6:6f:e1:da:82:69:6b:01:47:cc:07:63:94:bc:38:2e:b4:4c:
         85:8c:d6:4b:35:49:a9:52:60:46:c0:d5:00:16:44:e0:e3:d9:
         2a:4a:05:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tK8JRzUkxfws3vrks5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjYwMzI5MDkwMDMzWhcNMjYwMzMwMDkwMDMzWjAzMTEwLwYDVQQD
EygxOTgyNDYzNjFmMGRlZTIzODI0NjhlMWU1MGNhYjUyZDNiMGI1NzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArivu8xZ6azyjVA8CRO4DRCYWTA7z
WrBdhdtSXslcjdKRo+b5SspUi3j9iczHJp88KQsXjjZKABYkFyCl6FuF+glh1fFi
GeDZf7FQg2W4mzZh3/VFEFXX8re2m8aHIwBNmyhRLS3p5DSg0aGEUUwOmdlrMQ8q
zKyIGAq1MZ1u4z2EeqLO3OhlQVdYAcjHK7A7ag1iCQmeMvVKFlcVGSYDvH4VHNZl
SBf2DinWRD4NofdMMc5c5ZoHCahMyRwsBNvxP69oHsTL+ZNWveo0DM9nTF7yKyME
rLXhbxG91fED7tx1nePvd6ELMvDwnTPB/QdwiOZJXbCIKvBEKSB2trlVyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmCRjYfDe4jgkaOHlDKtS07C1c0MB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfSQ2kD4F
FO32i0bMUxK/viVTBr1Qwfd5MXa8L3PaZOPHI7OzOQAqr0n7e4DuFornzov0j5V/
rLB+GTX7kSBUpM99nOmrm23JufqOphzjVWL0hyyM0op+FtiebZ6DThJX5/gZEQ0p
S1kWZ/EbVUCGG1mciVlA3NS2YAMiz3kJbquXkKTN32npdUGmYv3g5ajXWWbCTwes
b9ks/x8Dk2kTfgaspu2z0J4CM/JgLWhJFpVVpGyzpTSgGYTpXvswd15yilL8Y+XN
1I3w1GuzzX0DFH31d57K7JR25m/h2oJpawFHzAdjlLw4LrRMhYzWSzVJqVJgRsDV
ABZE4OPZKkoF8w==
-----END CERTIFICATE-----