Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          yssbUDxSBmTbaeS0VNt+fwdW/QN6Uie+0fp2kZSI1Zs=
Subject key identifier:   C5:08:40:85:61:C1:D5:26:56:97:11:25:8E:9A:EC:D8:E5:2F:C9:A6
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       019D375283E859DBAE6156E80C3B84FA0267
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          08CE
Signing time:             Sun 29 Mar 2026 02:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:47 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: nWL5s8Hz9lF3zIW7+JPICGdo1aF3u+w/h7njK8zkc7M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:83:e8:59:db:ae:61:56:e8:0c:3b:84:fa:02:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: Mar 29 02:00:47 2026 GMT
            Not After : Mar 30 02:00:47 2026 GMT
        Subject: CN=c508408561c1d526569711258e9aecd8e52fc9a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:54:3d:9d:77:6e:c7:0e:ae:ba:84:bc:2a:bd:
                    49:4a:c3:2a:37:b5:2c:d8:68:68:3d:e6:39:e0:a9:
                    72:bf:13:2f:82:f0:09:bd:04:fb:25:e3:0d:0d:24:
                    31:0b:71:01:8e:0d:4f:24:47:9d:8d:f1:cf:2a:23:
                    22:09:70:b2:d8:53:98:f9:4f:e8:1f:ac:7e:01:71:
                    dd:3f:1c:f8:be:18:ee:0d:36:d0:16:c4:eb:9d:76:
                    54:aa:0b:6d:09:c9:ec:85:5b:0e:28:8d:a9:5e:53:
                    c8:e5:62:3e:d0:d8:da:b3:96:2e:28:2c:e1:4c:3c:
                    6c:18:98:0c:4e:78:a8:18:f3:d4:80:82:10:a6:fd:
                    71:5d:8b:58:cf:40:22:07:53:97:81:60:93:3e:a5:
                    99:ed:83:ae:39:43:3b:26:ec:28:4a:a7:b3:ef:4f:
                    77:d6:81:a2:bc:35:4e:22:bf:90:d9:65:71:b9:fe:
                    38:de:a9:e7:4f:06:5d:d8:98:80:0c:ac:7a:20:3b:
                    98:9c:8f:5f:72:e4:c3:a4:18:d3:43:1e:f8:ae:7f:
                    b5:49:85:3f:5c:65:7c:a4:fa:c1:c6:e7:90:91:2d:
                    04:5e:e8:c4:d7:ed:e1:da:36:65:bc:98:55:df:fb:
                    9c:39:0e:42:86:3d:c7:87:02:d9:14:ad:03:49:38:
                    04:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:08:40:85:61:C1:D5:26:56:97:11:25:8E:9A:EC:D8:E5:2F:C9:A6
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:10:72:9d:ee:59:ec:47:82:11:76:f2:72:d9:bc:c4:e5:eb:
         5d:99:d1:90:79:c8:2c:71:e2:a9:0a:16:d4:96:16:ec:cf:f4:
         d3:da:c5:b9:10:b2:27:bd:d1:65:14:9c:53:f4:8f:0c:bf:93:
         5b:d5:fd:36:f9:cf:cc:2f:07:42:ff:95:c9:05:ea:3b:ba:a0:
         63:88:a7:0f:f8:a6:fc:90:c8:bb:c8:d5:34:0d:98:4a:05:7c:
         77:b8:09:6b:ba:47:c9:91:0a:45:83:80:bb:ac:bf:a3:fa:2a:
         e6:bf:35:32:6c:01:57:6e:20:53:f2:35:cd:d4:e3:1a:88:71:
         4f:f3:6f:ad:4e:f5:d8:b8:77:5a:d9:c3:50:50:20:ce:de:1b:
         d0:59:1d:ee:e7:59:89:95:d0:55:11:f9:b8:62:79:4b:fd:df:
         16:ce:88:61:0c:3c:32:e0:3e:b4:97:f6:a9:6d:d1:25:51:6b:
         ca:19:cc:9f:d2:43:d4:2d:fa:2c:15:4e:63:5f:c9:10:b7:03:
         e2:cd:3a:b3:b7:53:f5:82:09:f1:64:9c:64:05:7a:69:d9:4c:
         f8:3d:a1:78:e3:0c:13:66:34:cc:9d:c4:1d:6e:0d:14:c2:f1:
         fb:b0:70:6d:ac:f4:dd:bc:c6:56:85:50:c1:e1:23:ee:1e:29:
         68:54:ed:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UoPoWduuYVboDDuE+gJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjYwMzI5MDIwMDQ3WhcNMjYwMzMwMDIwMDQ3WjAzMTEwLwYDVQQD
EyhjNTA4NDA4NTYxYzFkNTI2NTY5NzExMjU4ZTlhZWNkOGU1MmZjOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFQ9nXduxw6uuoS8Kr1JSsMqN7Us
2GhoPeY54KlyvxMvgvAJvQT7JeMNDSQxC3EBjg1PJEedjfHPKiMiCXCy2FOY+U/o
H6x+AXHdPxz4vhjuDTbQFsTrnXZUqgttCcnshVsOKI2pXlPI5WI+0Njas5YuKCzh
TDxsGJgMTnioGPPUgIIQpv1xXYtYz0AiB1OXgWCTPqWZ7YOuOUM7JuwoSqez7093
1oGivDVOIr+Q2WVxuf443qnnTwZd2JiADKx6IDuYnI9fcuTDpBjTQx74rn+1SYU/
XGV8pPrBxueQkS0EXujE1+3h2jZlvJhV3/ucOQ5Chj3HhwLZFK0DSTgEfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMUIQIVhwdUmVpcRJY6a7NjlL8mmMB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWRByne5Z
7EeCEXbyctm8xOXrXZnRkHnILHHiqQoW1JYW7M/009rFuRCyJ73RZRScU/SPDL+T
W9X9NvnPzC8HQv+VyQXqO7qgY4inD/im/JDIu8jVNA2YSgV8d7gJa7pHyZEKRYOA
u6y/o/oq5r81MmwBV24gU/I1zdTjGohxT/NvrU712Lh3WtnDUFAgzt4b0Fkd7udZ
iZXQVRH5uGJ5S/3fFs6IYQw8MuA+tJf2qW3RJVFryhnMn9JD1C36LBVOY1/JELcD
4s06s7dT9YIJ8WScZAV6adlM+D2heOMME2Y0zJ3EHW4NFMLx+7Bwbaz03bzGVoVQ
weEj7h4paFTtpQ==
-----END CERTIFICATE-----