Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
File:                     HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json)
Hash identifier:          T0u05dXoDPT+QkCGa5gapYcFnJ8+J9cEbM5UPgSK6FA=
Subject key identifier:   49:7C:8B:5F:9B:73:9C:82:D6:75:DF:FD:C3:D3:AB:85:EC:09:03:1C
Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71
Certificate issuer:       /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
Certificate serial:       019D3A53646214E46B41B78CD4CEF208D69F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
Manifest number:          06C4
Signing time:             Sun 29 Mar 2026 16:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:36 +0000
Files and hashes:         1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: rnyR2JGJ7eZruvdSD8R92FPjVEtrMelJCqiFe9oxlMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:64:62:14:e4:6b:41:b7:8c:d4:ce:f2:08:d6:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
        Validity
            Not Before: Mar 29 16:00:36 2026 GMT
            Not After : Mar 30 16:00:36 2026 GMT
        Subject: CN=497c8b5f9b739c82d675dffdc3d3ab85ec09031c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:76:af:20:cb:54:40:12:cd:a4:40:16:86:d5:
                    c5:63:f3:e4:0c:72:05:f9:89:29:e5:3f:d3:4b:63:
                    ed:2b:66:0b:14:3a:55:e1:7c:42:b3:e4:59:69:7c:
                    cc:ae:10:cb:d4:30:f4:35:af:d4:35:68:ff:c1:ff:
                    df:7c:5b:d5:dc:56:03:6c:23:8d:38:3d:f0:a5:88:
                    d0:70:36:37:3b:81:2a:9f:08:7b:dc:b3:62:c4:d8:
                    59:ae:c7:2f:b5:30:b6:b6:f7:36:02:77:b2:29:10:
                    6f:5a:f5:ca:8d:b8:ea:cb:6d:92:4e:95:a9:26:c3:
                    00:e4:19:17:e0:10:a2:7d:e8:57:d4:c3:16:09:1e:
                    69:3d:27:a3:90:81:62:4e:88:65:e6:f9:7a:d7:26:
                    55:d0:6b:ff:f5:e8:04:9c:23:f9:f7:21:cf:0c:f9:
                    bf:18:80:f5:cf:58:6d:c6:f1:6a:88:54:09:28:c1:
                    10:a3:10:ac:73:31:d0:4e:1c:68:cb:85:65:00:4e:
                    a1:75:bb:b5:68:78:14:4f:d8:19:f6:8a:7a:b2:2c:
                    e1:3c:28:a9:e8:d6:0f:ce:b8:96:8b:9e:65:8a:9d:
                    f7:1b:36:04:84:26:ab:57:26:eb:7b:5f:7b:7d:62:
                    74:3e:f2:ea:9e:b3:5c:18:a8:6f:ba:27:94:ea:52:
                    52:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:7C:8B:5F:9B:73:9C:82:D6:75:DF:FD:C3:D3:AB:85:EC:09:03:1C
            X509v3 Authority Key Identifier:
                keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:cd:72:c1:2e:44:73:75:f0:a7:33:73:0f:f5:76:a3:7d:82:
         cc:44:36:4d:01:d2:be:99:33:13:5e:78:e1:23:49:94:51:22:
         ff:d8:03:20:a0:14:32:0d:de:77:7d:96:0e:c4:81:72:f7:0f:
         9c:7f:af:c1:95:b7:1b:eb:c2:e9:f5:6a:f5:81:80:93:bd:82:
         ed:06:d0:00:c8:e7:81:06:02:a8:66:fe:a4:5d:4c:7d:a3:ed:
         52:6e:69:16:fe:d1:45:ad:a2:8b:f5:d2:2d:70:f3:67:62:12:
         23:73:28:da:15:b1:55:48:ca:b0:30:6e:59:78:52:a6:eb:cd:
         63:75:97:21:ab:3a:13:f9:85:27:44:30:24:09:da:16:21:93:
         10:52:d3:02:d7:65:39:45:85:d7:dc:5c:18:be:04:87:7b:ae:
         52:b4:d3:66:6c:6a:34:89:58:29:21:4c:31:f3:1e:23:ba:43:
         8a:69:1d:f2:2b:2e:e4:d3:d0:69:51:4c:27:6a:31:61:6e:1c:
         3b:00:2a:af:d5:82:ee:8d:ca:64:2d:0f:97:12:a0:8b:0c:1c:
         02:99:04:ef:e1:f9:1c:ce:47:fe:76:e1:e6:fb:64:8e:11:8a:
         ae:d0:6f:3a:e6:b9:5b:ff:44:20:11:5f:62:36:1b:6c:6a:56:
         1c:06:5c:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U2RiFORrQbeM1M7yCNafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx
MzI4NzEwHhcNMjYwMzI5MTYwMDM2WhcNMjYwMzMwMTYwMDM2WjAzMTEwLwYDVQQD
Eyg0OTdjOGI1ZjliNzM5YzgyZDY3NWRmZmRjM2QzYWI4NWVjMDkwMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnavIMtUQBLNpEAWhtXFY/PkDHIF
+Ykp5T/TS2PtK2YLFDpV4XxCs+RZaXzMrhDL1DD0Na/UNWj/wf/ffFvV3FYDbCON
OD3wpYjQcDY3O4Eqnwh73LNixNhZrscvtTC2tvc2AneyKRBvWvXKjbjqy22STpWp
JsMA5BkX4BCifehX1MMWCR5pPSejkIFiTohl5vl61yZV0Gv/9egEnCP59yHPDPm/
GID1z1htxvFqiFQJKMEQoxCsczHQThxoy4VlAE6hdbu1aHgUT9gZ9op6sizhPCip
6NYPzriWi55lip33GzYEhCarVybre197fWJ0PvLqnrNcGKhvuieU6lJS9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEl8i1+bc5yC1nXf/cPTq4XsCQMcMB8GA1UdIwQY
MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt
NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl
LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI81ywS5E
c3XwpzNzD/V2o32CzEQ2TQHSvpkzE1544SNJlFEi/9gDIKAUMg3ed32WDsSBcvcP
nH+vwZW3G+vC6fVq9YGAk72C7QbQAMjngQYCqGb+pF1MfaPtUm5pFv7RRa2ii/XS
LXDzZ2ISI3Mo2hWxVUjKsDBuWXhSpuvNY3WXIas6E/mFJ0QwJAnaFiGTEFLTAtdl
OUWF19xcGL4Eh3uuUrTTZmxqNIlYKSFMMfMeI7pDimkd8isu5NPQaVFMJ2oxYW4c
OwAqr9WC7o3KZC0PlxKgiwwcApkE7+H5HM5H/nbh5vtkjhGKrtBvOua5W/9EIBFf
YjYbbGpWHAZcZA==
-----END CERTIFICATE-----