Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft
File:                     hWlFRtV2UOyEZtOS0X-jQylgFUA.mft (raw, json)
Hash identifier:          6pfaHuXUaQeebNDZOax0N2uyuEFOCpUUNlVUskxAjwI=
Subject key identifier:   D0:C3:AE:A2:FE:22:1A:30:92:B1:D3:C0:5E:43:92:A4:06:23:63:22
Authority key identifier: 85:69:45:46:D5:76:50:EC:84:66:D3:92:D1:7F:A3:43:29:60:15:40
Certificate issuer:       /CN=85694546d57650ec8466d392d17fa34329601540
Certificate serial:       019D3A1C2C4295F27ED5529902D1DCC7898F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWlFRtV2UOyEZtOS0X-jQylgFUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft
Manifest number:          0271
Signing time:             Sun 29 Mar 2026 15:00:18 +0000
Manifest this update:     Sun 29 Mar 2026 15:00:18 +0000
Manifest next update:     Mon 30 Mar 2026 15:00:18 +0000
Files and hashes:         1: hWlFRtV2UOyEZtOS0X-jQylgFUA.crl (hash: xNSWHKjvWwMoQDoByHLdhBZA0Z7AyxrBzzZ/9H0x4mg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWlFRtV2UOyEZtOS0X-jQylgFUA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:1c:2c:42:95:f2:7e:d5:52:99:02:d1:dc:c7:89:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85694546d57650ec8466d392d17fa34329601540
        Validity
            Not Before: Mar 29 15:00:18 2026 GMT
            Not After : Mar 30 15:00:18 2026 GMT
        Subject: CN=d0c3aea2fe221a3092b1d3c05e4392a406236322
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f1:eb:16:e9:f8:72:6e:6c:36:eb:de:1b:59:
                    a5:0c:f4:54:cf:03:c1:b8:b9:bf:9d:f9:f9:45:83:
                    4a:da:fc:79:cb:ca:0c:1c:83:a7:50:1d:85:19:98:
                    b0:c9:98:28:40:e8:e2:0b:5a:07:14:40:ce:6c:8c:
                    d3:c9:31:69:a3:19:5c:76:88:4a:7d:e3:83:0e:0f:
                    d8:9d:f1:f2:c3:15:80:f9:b2:98:33:b6:b0:51:1e:
                    76:ef:a3:98:f8:84:eb:93:7f:89:65:d6:e2:19:f0:
                    f8:7b:e1:3b:15:a4:88:4c:22:bc:34:63:07:97:ff:
                    1e:0f:b0:98:58:b1:9a:4b:d4:af:51:d1:03:66:92:
                    45:fb:60:d1:a8:d6:ed:eb:79:86:ee:23:3d:72:b1:
                    6d:b6:b7:2b:33:c0:63:85:48:a6:ff:a4:3b:39:c2:
                    fb:90:d9:32:13:e4:07:f2:ee:f9:1d:24:4f:eb:1f:
                    05:cf:9c:85:cb:45:20:1b:9c:b6:8c:fc:3e:e1:0a:
                    81:43:d7:75:d7:6f:79:74:b1:99:e5:5e:0c:b6:0b:
                    b9:bc:6d:c6:30:b3:fb:b5:97:9c:fd:f5:f1:37:fd:
                    f2:aa:f1:22:44:72:ec:05:cf:0b:19:30:b3:0d:61:
                    aa:0d:44:1e:cb:c7:53:2d:ec:20:6d:cc:d7:e9:01:
                    c7:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:C3:AE:A2:FE:22:1A:30:92:B1:D3:C0:5E:43:92:A4:06:23:63:22
            X509v3 Authority Key Identifier:
                keyid:85:69:45:46:D5:76:50:EC:84:66:D3:92:D1:7F:A3:43:29:60:15:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWlFRtV2UOyEZtOS0X-jQylgFUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:f1:83:c2:bb:31:18:1c:ce:05:08:da:5d:07:66:30:b1:d8:
         9c:31:ea:0c:59:e8:2b:73:71:0a:b6:f0:35:97:6a:14:52:9d:
         2f:d5:96:e0:72:44:6c:a6:90:6d:be:c5:3f:30:19:7b:51:5d:
         2b:04:05:d9:8a:28:6b:b8:66:d2:e6:3c:f5:2e:ab:40:bd:29:
         aa:42:70:ae:05:3c:c4:a4:c1:e0:20:31:31:2e:44:ac:38:c0:
         22:07:d7:17:5f:38:67:97:38:ee:be:65:3f:a1:93:db:a6:e3:
         cf:5f:a9:ed:26:9e:82:1a:7c:cb:b3:85:5f:f8:ec:af:21:7c:
         41:27:7d:e7:9c:0a:98:17:e1:16:29:9b:1a:e1:0a:15:69:49:
         8a:b0:cd:a3:8a:2b:27:42:26:eb:23:a2:ca:48:63:4b:f3:0c:
         39:96:45:26:18:09:d2:0e:c9:88:6f:f9:51:c8:c1:3c:81:48:
         d1:b4:9a:d5:dd:58:aa:59:72:c6:03:5a:1e:d2:33:69:0e:31:
         dd:40:43:ae:e9:72:05:76:2a:c3:7e:fd:31:6a:ed:c6:4e:02:
         1f:c7:3a:79:fa:76:7c:a8:a2:df:58:5a:a4:1a:2b:89:a1:2d:
         33:0b:56:c0:4f:6d:ed:70:66:2e:ca:ec:32:f8:42:bf:4e:15:
         4e:11:45:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HCxClfJ+1VKZAtHcx4mPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Njk0NTQ2ZDU3NjUwZWM4NDY2ZDM5MmQxN2ZhMzQzMjk2
MDE1NDAwHhcNMjYwMzI5MTUwMDE4WhcNMjYwMzMwMTUwMDE4WjAzMTEwLwYDVQQD
EyhkMGMzYWVhMmZlMjIxYTMwOTJiMWQzYzA1ZTQzOTJhNDA2MjM2MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/HrFun4cm5sNuveG1mlDPRUzwPB
uLm/nfn5RYNK2vx5y8oMHIOnUB2FGZiwyZgoQOjiC1oHFEDObIzTyTFpoxlcdohK
feODDg/YnfHywxWA+bKYM7awUR5276OY+ITrk3+JZdbiGfD4e+E7FaSITCK8NGMH
l/8eD7CYWLGaS9SvUdEDZpJF+2DRqNbt63mG7iM9crFttrcrM8BjhUim/6Q7OcL7
kNkyE+QH8u75HSRP6x8Fz5yFy0UgG5y2jPw+4QqBQ9d11295dLGZ5V4Mtgu5vG3G
MLP7tZec/fXxN/3yqvEiRHLsBc8LGTCzDWGqDUQey8dTLewgbczX6QHHCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDDrqL+IhowkrHTwF5DkqQGI2MiMB8GA1UdIwQY
MBaAFIVpRUbVdlDshGbTktF/o0MpYBVAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdsRlJ0VjJVT3lFWnRPUzBYLWpReWxnRlVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zNTRhNTUtZTZhOS00ZDE3LWIzMTMt
M2YwODQxYWU2YmMxLzEvaFdsRlJ0VjJVT3lFWnRPUzBYLWpReWxnRlVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zNTRhNTUtZTZhOS00ZDE3LWIzMTMtM2YwODQxYWU2YmMx
LzEvaFdsRlJ0VjJVT3lFWnRPUzBYLWpReWxnRlVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIvGDwrsx
GBzOBQjaXQdmMLHYnDHqDFnoK3NxCrbwNZdqFFKdL9WW4HJEbKaQbb7FPzAZe1Fd
KwQF2Yooa7hm0uY89S6rQL0pqkJwrgU8xKTB4CAxMS5ErDjAIgfXF184Z5c47r5l
P6GT26bjz1+p7Saeghp8y7OFX/jsryF8QSd955wKmBfhFimbGuEKFWlJirDNo4or
J0Im6yOiykhjS/MMOZZFJhgJ0g7JiG/5UcjBPIFI0bSa1d1YqllyxgNaHtIzaQ4x
3UBDrulyBXYqw379MWrtxk4CH8c6efp2fKii31hapBoriaEtMwtWwE9t7XBmLsrs
MvhCv04VThFFzw==
-----END CERTIFICATE-----