Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
File:                     Hekyc87VkolMnTVRSLsfrMEPcqI.mft (raw, json)
Hash identifier:          jX5YMde/EMOi0RyIUdwrRElrW89RoYZXZafQq1y2iRg=
Subject key identifier:   E9:C7:AB:28:6B:BC:7C:7E:B5:70:81:0F:59:99:D6:48:CC:DE:27:9C
Authority key identifier: 1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2
Certificate issuer:       /CN=1de93273ced592894c9d355148bb1facc10f72a2
Certificate serial:       019EB8B460DA23DE5A903747C9D5CFB68850
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
Manifest number:          1538
Signing time:             Thu 11 Jun 2026 22:01:29 +0000
Manifest this update:     Thu 11 Jun 2026 22:01:29 +0000
Manifest next update:     Fri 12 Jun 2026 22:01:29 +0000
Files and hashes:         1: Hekyc87VkolMnTVRSLsfrMEPcqI.crl (hash: xHAL+8Nn+07Cx+RY+KM4hpkwVLBCrksJzsfCoXTIfg8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 20:26:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b8:b4:60:da:23:de:5a:90:37:47:c9:d5:cf:b6:88:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1de93273ced592894c9d355148bb1facc10f72a2
        Validity
            Not Before: Jun 11 22:01:29 2026 GMT
            Not After : Jun 12 22:01:29 2026 GMT
        Subject: CN=e9c7ab286bbc7c7eb570810f5999d648ccde279c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6d:c7:fa:5e:96:92:29:2e:1c:f8:ac:d8:34:
                    50:90:d0:d8:86:67:03:ab:43:65:c2:6e:e2:54:2f:
                    79:45:83:81:55:b5:76:ec:d2:1d:be:e5:52:03:3b:
                    3a:0e:1d:6f:01:f8:88:aa:23:44:d4:cc:97:6e:f6:
                    66:4b:31:e1:07:6e:6d:a9:fb:46:73:e6:aa:96:30:
                    a1:fc:e7:14:6c:96:b5:1b:50:cf:f5:30:66:d7:3d:
                    51:87:c5:50:53:ec:dd:b3:05:a7:ef:f5:5e:5b:ab:
                    e7:76:4b:c3:de:9c:bd:6c:87:8a:16:e1:31:af:be:
                    05:c8:74:9b:28:22:44:1f:0a:98:84:fa:2d:e5:0e:
                    0a:22:92:de:c5:a6:79:7b:f5:85:ea:5a:5d:f9:b2:
                    7a:03:49:ac:9d:fe:98:56:25:09:bf:81:1e:00:65:
                    87:23:0e:d1:3e:de:ba:17:36:36:f6:20:1f:a4:8c:
                    32:10:1e:98:87:d9:f8:1d:c7:c3:82:15:dd:62:b9:
                    3d:a6:7a:96:5f:fd:46:57:ec:51:69:fe:f7:21:19:
                    e1:3d:40:ed:38:4c:c5:f6:5c:94:95:be:e8:c1:44:
                    dc:2b:71:7e:10:39:e3:3a:ad:37:79:dc:f2:fb:63:
                    a8:ab:c8:7b:b3:2c:42:96:97:95:ae:cc:91:b3:3a:
                    34:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:C7:AB:28:6B:BC:7C:7E:B5:70:81:0F:59:99:D6:48:CC:DE:27:9C
            X509v3 Authority Key Identifier:
                keyid:1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:df:ec:c5:6c:8c:4a:66:4b:fe:09:c4:a3:f6:bb:7b:c2:45:
         08:1a:5f:2c:04:39:d5:32:33:0f:2c:34:57:38:34:b4:f7:aa:
         16:9f:d4:1e:a0:4f:25:c5:df:17:ec:a0:61:85:04:8b:8a:4a:
         6b:da:58:82:34:39:77:9f:5b:aa:c3:f1:85:92:76:dc:ed:2c:
         f3:56:16:39:c6:c8:fe:dd:54:a8:31:37:e0:59:a6:ae:82:aa:
         51:bb:ea:ed:22:b4:96:16:9d:7e:1b:ac:9c:d6:9a:11:25:40:
         20:e5:40:16:0f:62:ac:c9:8f:70:c4:42:a1:86:63:9d:f7:67:
         25:f8:b3:09:7f:fd:e6:a6:ce:1a:ca:76:95:3d:09:91:cd:e3:
         a5:73:ed:77:09:15:ee:c4:a3:f6:4c:9a:f7:66:0a:13:cb:f8:
         d5:32:d2:c0:a3:a5:a7:83:11:48:00:bf:4c:cc:ae:b6:a0:0c:
         1d:ef:f4:eb:3f:76:d6:d7:71:bf:d3:27:33:a4:91:4d:3d:ad:
         13:4a:99:6c:3c:18:21:5e:f4:6b:2e:e7:d4:ff:14:97:67:4d:
         3d:45:15:b1:b1:54:b9:6c:8a:f2:63:d5:87:ed:fa:78:d5:cf:
         79:7b:61:f2:05:ea:64:a8:dc:a7:d8:79:4e:08:10:6c:ae:8f:
         22:3b:3f:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ64tGDaI95akDdHydXPtohQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTkzMjczY2VkNTkyODk0YzlkMzU1MTQ4YmIxZmFjYzEw
ZjcyYTIwHhcNMjYwNjExMjIwMTI5WhcNMjYwNjEyMjIwMTI5WjAzMTEwLwYDVQQD
EyhlOWM3YWIyODZiYmM3YzdlYjU3MDgxMGY1OTk5ZDY0OGNjZGUyNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW3H+l6WkikuHPis2DRQkNDYhmcD
q0Nlwm7iVC95RYOBVbV27NIdvuVSAzs6Dh1vAfiIqiNE1MyXbvZmSzHhB25tqftG
c+aqljCh/OcUbJa1G1DP9TBm1z1Rh8VQU+zdswWn7/VeW6vndkvD3py9bIeKFuEx
r74FyHSbKCJEHwqYhPot5Q4KIpLexaZ5e/WF6lpd+bJ6A0msnf6YViUJv4EeAGWH
Iw7RPt66FzY29iAfpIwyEB6Yh9n4HcfDghXdYrk9pnqWX/1GV+xRaf73IRnhPUDt
OEzF9lyUlb7owUTcK3F+EDnjOq03edzy+2Ooq8h7syxClpeVrsyRszo03wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnHqyhrvHx+tXCBD1mZ1kjM3iecMB8GA1UdIwQY
MBaAFB3pMnPO1ZKJTJ01UUi7H6zBD3KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgt
MThhZDU4OWNlY2QwLzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgtMThhZDU4OWNlY2Qw
LzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUd/sxWyM
SmZL/gnEo/a7e8JFCBpfLAQ51TIzDyw0Vzg0tPeqFp/UHqBPJcXfF+ygYYUEi4pK
a9pYgjQ5d59bqsPxhZJ23O0s81YWOcbI/t1UqDE34FmmroKqUbvq7SK0lhadfhus
nNaaESVAIOVAFg9irMmPcMRCoYZjnfdnJfizCX/95qbOGsp2lT0Jkc3jpXPtdwkV
7sSj9kya92YKE8v41TLSwKOlp4MRSAC/TMyutqAMHe/06z921tdxv9MnM6SRTT2t
E0qZbDwYIV70ay7n1P8Ul2dNPUUVsbFUuWyK8mPVh+36eNXPeXth8gXqZKjcp9h5
TggQbK6PIjs/9Q==
-----END CERTIFICATE-----