Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
File:                     H0qus-K3pD3wHzHVGiDvIlXOr-M.mft (raw, json)
Hash identifier:          88XeothwLYwbFkNlZ4Z7V8IqKwOyqM72W7TkaANlfM0=
Subject key identifier:   F7:48:AA:60:93:C3:BA:83:58:E8:B4:9D:A4:39:A5:70:84:48:4D:E4
Authority key identifier: 1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3
Certificate issuer:       /CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
Certificate serial:       019CAB6BE373875F009C1133945B38A35C9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
Manifest number:          06E7
Signing time:             Sun 01 Mar 2026 22:01:40 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:40 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:40 +0000
Files and hashes:         1: H0qus-K3pD3wHzHVGiDvIlXOr-M.crl (hash: YnALK/ehF2PvJmWTo9zAxH3bre4R931EdoYlT/ZBdTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:e3:73:87:5f:00:9c:11:33:94:5b:38:a3:5c:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
        Validity
            Not Before: Mar  1 22:01:40 2026 GMT
            Not After : Mar  2 22:01:40 2026 GMT
        Subject: CN=f748aa6093c3ba8358e8b49da439a57084484de4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:85:64:9f:bc:5e:ef:db:00:4d:41:96:94:c3:
                    f1:f7:ef:9e:bd:bf:78:cc:f7:59:11:53:6a:8a:2f:
                    dc:55:8e:8c:e9:64:8b:4c:a5:8d:90:a7:84:bc:bb:
                    8a:9a:3b:e3:99:29:0b:f1:d9:7f:69:92:80:0a:04:
                    17:91:1a:c6:b8:39:1c:b7:83:b2:47:03:d3:d0:eb:
                    ea:4a:0b:32:f9:a6:62:86:07:60:b4:ec:f2:52:ce:
                    41:fb:dd:6e:d6:a3:5c:4a:52:28:f6:32:c2:76:99:
                    c5:f9:e5:d2:8e:e9:36:03:6e:b1:30:63:92:b7:fc:
                    d9:21:64:9d:b8:52:b2:c0:3f:e0:28:36:a9:f8:9c:
                    47:a6:91:24:d6:a1:11:a9:e2:87:91:a7:0e:7b:0f:
                    e8:24:ec:92:41:5d:9c:ea:d0:91:ac:bb:9a:d4:92:
                    9b:00:cb:b3:85:02:b1:0d:61:35:d7:c4:39:51:20:
                    c2:a6:be:f3:a2:a9:43:af:2e:a9:7b:83:b2:2a:62:
                    98:bc:af:d7:89:9d:4e:29:cf:4f:c2:b1:6c:0c:3b:
                    ba:79:e6:f7:cd:9e:d7:01:1f:0b:7e:04:ed:ae:75:
                    49:f4:0c:40:6b:74:d1:91:4c:6a:69:82:3e:38:49:
                    80:b3:c1:ba:72:2b:f2:66:58:ea:cd:a4:e5:11:cb:
                    25:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:48:AA:60:93:C3:BA:83:58:E8:B4:9D:A4:39:A5:70:84:48:4D:E4
            X509v3 Authority Key Identifier:
                keyid:1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:88:13:34:af:5c:cd:d8:fb:cc:9f:82:61:ea:d2:f5:ed:db:
         a5:a0:42:6b:9a:1e:f1:b4:76:d4:97:30:e0:7f:b5:03:c4:a6:
         03:8c:da:5f:3e:6d:26:93:37:bd:e7:e7:c5:97:b0:02:27:51:
         e1:64:48:31:4f:22:15:6f:26:20:b4:cb:65:70:c4:c8:b9:a1:
         9a:2a:25:8d:5b:7d:2b:29:78:eb:e9:64:46:a1:5b:d0:51:17:
         ba:cf:b0:c9:f0:bd:07:f2:fe:32:10:de:03:42:be:20:e5:f5:
         af:e9:c4:c7:05:cf:b0:31:94:8d:57:67:db:de:e9:7a:c0:a6:
         92:12:7e:97:9a:50:97:b4:01:13:cd:80:e4:ac:cf:85:66:22:
         fe:d0:59:9a:0f:b0:e4:bb:7c:03:f7:5b:65:3a:c8:d5:44:63:
         1c:ba:39:76:60:7b:17:5a:e2:2e:46:76:90:6e:1e:07:1e:f6:
         f1:46:04:40:80:98:0c:2f:85:60:02:cc:32:9f:81:67:b4:d7:
         27:9a:99:cb:b4:5d:29:65:1a:ea:8c:36:b5:28:5b:f5:a8:09:
         39:e0:dc:c2:b0:c6:47:aa:90:b1:f3:d5:2e:5f:8e:4c:8a:90:
         cb:04:d3:92:ae:bf:96:b8:2d:65:df:ab:25:2f:42:b7:87:83:
         25:ee:6f:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra+Nzh18AnBEzlFs4o1ydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNGFhZWIzZTJiN2E0M2RmMDFmMzFkNTFhMjBlZjIyNTVj
ZWFmZTMwHhcNMjYwMzAxMjIwMTQwWhcNMjYwMzAyMjIwMTQwWjAzMTEwLwYDVQQD
EyhmNzQ4YWE2MDkzYzNiYTgzNThlOGI0OWRhNDM5YTU3MDg0NDg0ZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIVkn7xe79sATUGWlMPx9++evb94
zPdZEVNqii/cVY6M6WSLTKWNkKeEvLuKmjvjmSkL8dl/aZKACgQXkRrGuDkct4Oy
RwPT0OvqSgsy+aZihgdgtOzyUs5B+91u1qNcSlIo9jLCdpnF+eXSjuk2A26xMGOS
t/zZIWSduFKywD/gKDap+JxHppEk1qERqeKHkacOew/oJOySQV2c6tCRrLua1JKb
AMuzhQKxDWE118Q5USDCpr7zoqlDry6pe4OyKmKYvK/XiZ1OKc9PwrFsDDu6eeb3
zZ7XAR8LfgTtrnVJ9AxAa3TRkUxqaYI+OEmAs8G6civyZljqzaTlEcslgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdIqmCTw7qDWOi0naQ5pXCESE3kMB8GA1UdIwQY
MBaAFB9KrrPit6Q98B8x1Rog7yJVzq/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMt
ZTE4NDJiZTQxMmQxLzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMtZTE4NDJiZTQxMmQx
LzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhogTNK9c
zdj7zJ+CYerS9e3bpaBCa5oe8bR21Jcw4H+1A8SmA4zaXz5tJpM3vefnxZewAidR
4WRIMU8iFW8mILTLZXDEyLmhmioljVt9Kyl46+lkRqFb0FEXus+wyfC9B/L+MhDe
A0K+IOX1r+nExwXPsDGUjVdn297pesCmkhJ+l5pQl7QBE82A5KzPhWYi/tBZmg+w
5Lt8A/dbZTrI1URjHLo5dmB7F1riLkZ2kG4eBx728UYEQICYDC+FYALMMp+BZ7TX
J5qZy7RdKWUa6ow2tShb9agJOeDcwrDGR6qQsfPVLl+OTIqQywTTkq6/lrgtZd+r
JS9Ct4eDJe5v2A==
-----END CERTIFICATE-----