Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          /rE3riKuMADHZCDEaTZpswpbYBnXh63Zv1P2k5+LogU=
Subject key identifier:   93:9A:EC:95:FD:C6:29:32:C1:C9:75:C7:CA:69:80:07:A7:7C:01:6B
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       019D38D34F1CE29B1905833EB8802030B325
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 09:01:05 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:05 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:05 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: GFkTq3oJ2Vz9OK/1efhDspNDnBkxAMZ7hYxmXPK/qB0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:4f:1c:e2:9b:19:05:83:3e:b8:80:20:30:b3:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Mar 29 09:01:05 2026 GMT
            Not After : Mar 30 09:01:05 2026 GMT
        Subject: CN=939aec95fdc62932c1c975c7ca698007a77c016b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:43:3b:8e:2e:17:97:80:ac:c4:2e:54:36:62:
                    02:60:af:e5:c0:77:00:0f:1f:cd:93:73:54:f1:82:
                    ae:20:55:13:12:21:08:91:68:9c:e5:51:0f:6d:91:
                    77:7e:a9:21:0b:85:15:7c:89:57:8c:90:a7:1e:35:
                    26:8f:bd:13:c1:90:0b:c8:fb:1e:1f:4d:23:36:ec:
                    60:4b:50:2b:6c:2d:ce:8d:b6:3c:ac:93:f4:09:00:
                    f6:17:04:60:37:c2:e8:0e:0e:b6:62:3e:0b:f9:33:
                    87:00:15:0b:89:df:8e:aa:e6:5f:1c:bd:05:5a:da:
                    c9:b4:31:23:bc:b9:b3:6c:9f:19:91:08:0d:88:a0:
                    08:26:9c:91:d6:9c:a3:eb:f6:b1:c0:bd:45:1e:7c:
                    20:9b:48:3f:46:d9:72:d1:31:69:31:ed:a6:03:bf:
                    7c:a9:fb:c4:66:0e:27:65:65:f6:dd:64:c2:a6:9a:
                    28:4d:a1:98:e1:16:cc:ce:8d:2b:ab:55:99:97:39:
                    d1:22:ad:a3:53:50:87:ae:3b:ca:89:85:5c:67:4d:
                    30:ed:40:bb:f9:2a:32:37:08:ba:e7:7c:6d:cd:3e:
                    03:30:98:7a:fc:98:dc:64:4a:a7:4f:e0:7c:5c:1e:
                    dd:5f:16:a8:5a:df:74:38:e4:a9:69:1f:6a:cf:9c:
                    bf:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:9A:EC:95:FD:C6:29:32:C1:C9:75:C7:CA:69:80:07:A7:7C:01:6B
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:17:79:a5:8d:29:4b:f9:80:6d:8a:eb:53:c4:02:28:b4:90:
         fa:ef:48:2e:57:ef:56:7d:ce:4d:a4:92:1e:5e:cc:fd:92:5e:
         bc:92:c0:67:fe:a8:7f:46:20:65:af:72:5a:b1:1e:29:ba:81:
         02:6d:65:7e:97:36:cd:2f:77:8c:b0:e7:70:c7:0f:65:39:8d:
         a2:0d:fb:cd:0e:bd:83:0d:df:82:3d:9c:1c:88:f9:9f:ad:17:
         15:55:83:f2:0b:e9:cb:cb:ae:e0:5b:f5:5b:da:9f:63:a0:06:
         aa:ec:78:33:3b:c0:5e:f7:35:23:02:b1:d1:27:7e:44:76:3e:
         74:57:6b:ce:58:50:82:61:cc:8c:10:7b:43:6e:14:16:d0:cf:
         4a:dd:88:94:55:c7:34:cb:91:79:78:dc:ff:9c:9c:60:f0:e6:
         0f:85:75:f4:03:e4:75:a2:3e:f3:42:c0:c8:63:80:0a:f6:59:
         9e:4a:39:14:c7:c0:2e:3d:e5:cd:c3:06:4f:17:f4:7c:7c:e5:
         f5:ba:14:0e:22:24:a0:80:39:38:90:15:d6:e0:7f:73:41:eb:
         a8:d0:4c:72:76:4d:87:2b:6d:96:c5:25:c6:96:42:f4:6a:11:
         2f:e3:21:02:64:c2:8c:d2:99:c3:58:e6:5d:e5:3a:5d:54:7f:
         fe:12:fb:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04008c4psZBYM+uIAgMLMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjYwMzI5MDkwMTA1WhcNMjYwMzMwMDkwMTA1WjAzMTEwLwYDVQQD
Eyg5MzlhZWM5NWZkYzYyOTMyYzFjOTc1YzdjYTY5ODAwN2E3N2MwMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EM7ji4Xl4CsxC5UNmICYK/lwHcA
Dx/Nk3NU8YKuIFUTEiEIkWic5VEPbZF3fqkhC4UVfIlXjJCnHjUmj70TwZALyPse
H00jNuxgS1ArbC3OjbY8rJP0CQD2FwRgN8LoDg62Yj4L+TOHABULid+OquZfHL0F
WtrJtDEjvLmzbJ8ZkQgNiKAIJpyR1pyj6/axwL1FHnwgm0g/Rtly0TFpMe2mA798
qfvEZg4nZWX23WTCppooTaGY4RbMzo0rq1WZlznRIq2jU1CHrjvKiYVcZ00w7UC7
+SoyNwi653xtzT4DMJh6/JjcZEqnT+B8XB7dXxaoWt90OOSpaR9qz5y/2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOa7JX9xikywcl1x8ppgAenfAFrMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARhd5pY0p
S/mAbYrrU8QCKLSQ+u9ILlfvVn3OTaSSHl7M/ZJevJLAZ/6of0YgZa9yWrEeKbqB
Am1lfpc2zS93jLDncMcPZTmNog37zQ69gw3fgj2cHIj5n60XFVWD8gvpy8uu4Fv1
W9qfY6AGqux4MzvAXvc1IwKx0Sd+RHY+dFdrzlhQgmHMjBB7Q24UFtDPSt2IlFXH
NMuReXjc/5ycYPDmD4V19APkdaI+80LAyGOACvZZnko5FMfALj3lzcMGTxf0fHzl
9boUDiIkoIA5OJAV1uB/c0HrqNBMcnZNhyttlsUlxpZC9GoRL+MhAmTCjNKZw1jm
XeU6XVR//hL76A==
-----END CERTIFICATE-----