Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
File:                     hTq7t9e8xKXFbpEu76wbC7BFUCE.mft (raw, json)
Hash identifier:          qx3H3Q4F7I3N4hpAR/SQUDg49xDS2h077w269HFtfuw=
Subject key identifier:   CF:C9:A1:99:4A:44:F4:E9:4E:22:DF:AA:51:93:BC:1D:59:6A:25:37
Authority key identifier: 85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21
Certificate issuer:       /CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
Certificate serial:       019D39782A6FA1D77E201CDF2F7CAB6192FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
Manifest number:          07DB
Signing time:             Sun 29 Mar 2026 12:01:09 +0000
Manifest this update:     Sun 29 Mar 2026 12:01:09 +0000
Manifest next update:     Mon 30 Mar 2026 12:01:09 +0000
Files and hashes:         1: hTq7t9e8xKXFbpEu76wbC7BFUCE.crl (hash: yotEW9uhhBa/aeKpBoh7nQbHqbvWbJb/JDj5mc1Nx3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:78:2a:6f:a1:d7:7e:20:1c:df:2f:7c:ab:61:92:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
        Validity
            Not Before: Mar 29 12:01:09 2026 GMT
            Not After : Mar 30 12:01:09 2026 GMT
        Subject: CN=cfc9a1994a44f4e94e22dfaa5193bc1d596a2537
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:09:13:78:18:e1:46:7d:67:2c:dd:46:89:c2:
                    7d:de:89:e5:36:28:36:c4:c4:65:04:d8:f1:51:6c:
                    a6:b9:84:8e:c9:4a:e2:91:4c:72:2f:ff:e7:39:9a:
                    7b:be:9c:22:a5:6a:21:e3:8c:5b:c8:61:26:d1:5b:
                    68:3f:dc:2b:25:8e:74:b9:7c:4f:a0:47:a8:74:7c:
                    4b:b1:30:c5:a9:4c:06:76:7d:03:f0:a1:fe:35:0b:
                    6a:7e:df:e0:37:9e:2d:cc:0a:46:4d:cd:4b:b4:d2:
                    f4:f3:0b:ee:31:0d:ad:17:70:48:00:07:57:a4:96:
                    09:85:54:f8:a7:d4:ba:a9:71:98:3b:fa:64:c7:c5:
                    01:97:f8:1c:c1:4c:e5:78:e3:3e:1c:d8:42:90:9b:
                    d1:c6:e5:1e:28:1e:a1:ab:85:01:20:b2:37:7c:f8:
                    c6:f8:3f:a2:72:11:32:79:c6:09:a9:d7:70:c8:a4:
                    33:56:bd:65:1b:7a:29:23:9b:f8:8d:17:74:df:56:
                    da:3b:81:af:8b:85:75:57:05:cb:93:3a:c2:59:fd:
                    6c:97:b4:a9:db:fb:4b:97:69:b0:34:76:b9:e6:1d:
                    f0:7c:df:4e:58:d2:09:14:35:28:bf:71:8d:49:f1:
                    5b:d1:dc:c3:54:e8:b5:79:63:d2:42:8d:66:96:1b:
                    b2:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:C9:A1:99:4A:44:F4:E9:4E:22:DF:AA:51:93:BC:1D:59:6A:25:37
            X509v3 Authority Key Identifier:
                keyid:85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:54:8e:ea:4a:fe:cd:41:8d:fc:5f:eb:d4:5a:f9:0e:19:db:
         78:6e:d5:8a:36:34:23:9b:a3:74:e5:d1:d8:62:21:15:6d:86:
         c4:d7:2b:cc:af:5e:25:6f:7f:d3:4c:0a:09:e2:bd:ab:3b:42:
         08:29:a4:6b:eb:cf:2a:87:43:f0:fe:67:e5:b3:ec:2d:06:7f:
         58:eb:96:1e:16:93:a3:a9:fa:ab:4e:46:07:ff:cd:b2:4a:d2:
         13:df:31:9d:fe:76:cf:9d:8b:17:1e:a3:16:71:e8:35:75:5a:
         ba:28:cc:fc:f1:f9:37:75:de:68:43:f1:d6:3b:92:14:d1:fb:
         8c:a3:e1:17:4b:ce:b6:bd:9f:a1:c6:dc:5c:1f:b5:96:e4:a5:
         42:c0:2b:f4:d2:94:37:61:76:b4:7c:65:1f:9a:86:53:d4:58:
         1c:2a:71:db:9a:a6:61:f7:d0:a2:f5:47:9e:5e:28:33:51:d7:
         39:9c:39:34:d3:2a:13:2a:af:0e:cc:bb:f3:67:5c:34:ab:4f:
         57:22:4b:e0:27:ed:8f:83:17:b7:ee:05:fb:b3:71:2e:2f:9f:
         52:3b:c3:c0:b8:10:c8:ae:68:0e:26:5a:d5:d2:51:8f:15:b1:
         ea:61:ad:4c:a4:39:75:9f:7c:ac:e3:f7:e8:3c:1f:f8:e3:41:
         63:97:66:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05eCpvodd+IBzfL3yrYZL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2FiYmI3ZDdiY2M0YTVjNTZlOTEyZWVmYWMxYjBiYjA0
NTUwMjEwHhcNMjYwMzI5MTIwMTA5WhcNMjYwMzMwMTIwMTA5WjAzMTEwLwYDVQQD
EyhjZmM5YTE5OTRhNDRmNGU5NGUyMmRmYWE1MTkzYmMxZDU5NmEyNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQkTeBjhRn1nLN1GicJ93onlNig2
xMRlBNjxUWymuYSOyUrikUxyL//nOZp7vpwipWoh44xbyGEm0VtoP9wrJY50uXxP
oEeodHxLsTDFqUwGdn0D8KH+NQtqft/gN54tzApGTc1LtNL08wvuMQ2tF3BIAAdX
pJYJhVT4p9S6qXGYO/pkx8UBl/gcwUzleOM+HNhCkJvRxuUeKB6hq4UBILI3fPjG
+D+ichEyecYJqddwyKQzVr1lG3opI5v4jRd031baO4Gvi4V1VwXLkzrCWf1sl7Sp
2/tLl2mwNHa55h3wfN9OWNIJFDUov3GNSfFb0dzDVOi1eWPSQo1mlhuy8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/JoZlKRPTpTiLfqlGTvB1ZaiU3MB8GA1UdIwQY
MBaAFIU6u7fXvMSlxW6RLu+sGwuwRVAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTkt
NTgyM2Y4NzAxNDFiLzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTktNTgyM2Y4NzAxNDFi
LzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh1SO6kr+
zUGN/F/r1Fr5DhnbeG7VijY0I5ujdOXR2GIhFW2GxNcrzK9eJW9/00wKCeK9qztC
CCmka+vPKodD8P5n5bPsLQZ/WOuWHhaTo6n6q05GB//NskrSE98xnf52z52LFx6j
FnHoNXVauijM/PH5N3XeaEPx1juSFNH7jKPhF0vOtr2focbcXB+1luSlQsAr9NKU
N2F2tHxlH5qGU9RYHCpx25qmYffQovVHnl4oM1HXOZw5NNMqEyqvDsy782dcNKtP
VyJL4Cftj4MXt+4F+7NxLi+fUjvDwLgQyK5oDiZa1dJRjxWx6mGtTKQ5dZ98rOP3
6Dwf+ONBY5dmKQ==
-----END CERTIFICATE-----