Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          srYzmRfzJxavHK6p9lZ/ONXBFxd1bwOOznlPvaEl+iw=
Subject key identifier:   84:CC:A6:DB:17:E4:A4:F3:C7:7B:64:3C:74:32:F3:B1:95:00:26:35
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       019D9962A3261B86FE854DBF7628459C0E21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          18BB
Signing time:             Fri 17 Apr 2026 03:01:11 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:11 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:11 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: TiKlQh163Qlcwb5HuvTpDGIbU2M7i4Cn5r6CRlRiqdM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:a3:26:1b:86:fe:85:4d:bf:76:28:45:9c:0e:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: Apr 17 03:01:11 2026 GMT
            Not After : Apr 18 03:01:11 2026 GMT
        Subject: CN=84cca6db17e4a4f3c77b643c7432f3b195002635
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:db:62:bc:05:f0:3b:13:75:7a:6a:99:55:59:
                    32:d1:8a:2c:a8:02:d9:07:d3:b5:d3:b1:0c:a2:8f:
                    09:01:2b:a6:d8:4a:71:36:bc:e4:e2:c4:5d:31:2d:
                    31:93:07:31:26:a6:82:59:45:67:2f:73:59:96:fe:
                    32:b4:75:6f:ad:94:14:3d:b5:05:a2:e9:6c:8f:11:
                    49:4d:e3:ea:8f:ae:6c:43:26:a1:71:48:62:b6:03:
                    74:5b:32:9b:2f:ce:e2:d3:e5:3f:74:93:45:f7:6b:
                    54:ea:71:18:c2:6d:5a:25:9e:d0:5b:4b:53:d7:9c:
                    97:ce:0a:de:99:42:65:37:1d:e7:1b:2b:94:b4:f6:
                    97:06:ca:10:10:e2:d2:26:20:0f:7c:8f:2e:4e:45:
                    61:7e:d9:18:7c:0c:6e:1d:ac:40:04:5e:7d:9c:46:
                    da:48:bb:64:32:46:a1:b9:9b:9a:45:eb:bb:a5:6b:
                    09:03:dd:08:5e:77:7d:4b:45:71:cc:6d:31:39:b5:
                    95:d3:12:46:fb:1f:d6:fa:01:17:c7:a6:ea:9a:27:
                    a4:d8:d0:12:f8:8e:a5:83:bf:b3:76:36:e6:f2:3a:
                    94:44:34:1f:6d:da:ad:80:f8:31:36:48:fb:3b:1d:
                    9c:71:be:74:11:f9:0f:e1:f6:7f:53:d7:aa:40:cd:
                    69:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:CC:A6:DB:17:E4:A4:F3:C7:7B:64:3C:74:32:F3:B1:95:00:26:35
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:52:31:3f:49:d4:83:24:68:e5:50:3a:d6:88:27:f9:b4:67:
         c5:9e:c0:50:84:b8:41:c2:68:e8:84:e4:ef:a5:da:44:7e:f2:
         cc:5a:51:ab:2e:3e:cb:a4:3b:d3:41:20:82:14:42:7b:a8:cd:
         be:81:05:4e:74:d5:c3:88:a6:32:8a:0f:64:e9:fe:14:c3:9c:
         2b:07:21:c6:58:79:2b:34:7e:87:da:1c:19:4c:51:89:46:c9:
         7b:62:10:c8:a7:0a:44:55:c6:e4:c9:1a:92:0c:ba:b2:e9:49:
         40:4b:4d:2e:5e:b6:d6:35:fa:e8:88:e4:12:41:62:fd:4b:bc:
         3e:1d:5f:1f:79:71:69:88:5e:30:8f:63:76:cc:3e:9a:7b:26:
         65:af:1f:d5:79:68:27:f7:7b:e0:5d:4e:ca:73:9f:29:0c:5f:
         83:73:f2:f0:67:1f:fa:75:b2:c3:f7:d2:f1:ca:d1:72:65:ee:
         c9:eb:cd:d3:c0:cc:03:68:c8:44:d0:9d:76:8d:2b:67:67:cb:
         1e:21:4e:3e:c3:23:e9:2e:85:91:54:41:87:b7:3d:1c:3e:47:
         10:32:b7:b2:31:b4:d2:35:80:a4:87:4d:3f:30:5d:9d:b7:1a:
         bd:5f:70:ef:68:c5:98:4d:13:63:28:ab:38:c0:cf:aa:e5:8a:
         ba:7f:07:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYqMmG4b+hU2/dihFnA4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjYwNDE3MDMwMTExWhcNMjYwNDE4MDMwMTExWjAzMTEwLwYDVQQD
Eyg4NGNjYTZkYjE3ZTRhNGYzYzc3YjY0M2M3NDMyZjNiMTk1MDAyNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9tivAXwOxN1emqZVVky0YosqALZ
B9O107EMoo8JASum2EpxNrzk4sRdMS0xkwcxJqaCWUVnL3NZlv4ytHVvrZQUPbUF
oulsjxFJTePqj65sQyahcUhitgN0WzKbL87i0+U/dJNF92tU6nEYwm1aJZ7QW0tT
15yXzgremUJlNx3nGyuUtPaXBsoQEOLSJiAPfI8uTkVhftkYfAxuHaxABF59nEba
SLtkMkahuZuaReu7pWsJA90IXnd9S0VxzG0xObWV0xJG+x/W+gEXx6bqmiek2NAS
+I6lg7+zdjbm8jqURDQfbdqtgPgxNkj7Ox2ccb50EfkP4fZ/U9eqQM1pAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITMptsX5KTzx3tkPHQy87GVACY1MB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAilIxP0nU
gyRo5VA61ogn+bRnxZ7AUIS4QcJo6ITk76XaRH7yzFpRqy4+y6Q700EgghRCe6jN
voEFTnTVw4imMooPZOn+FMOcKwchxlh5KzR+h9ocGUxRiUbJe2IQyKcKRFXG5Mka
kgy6sulJQEtNLl621jX66IjkEkFi/Uu8Ph1fH3lxaYheMI9jdsw+mnsmZa8f1Xlo
J/d74F1OynOfKQxfg3Py8Gcf+nWyw/fS8crRcmXuyevN08DMA2jIRNCddo0rZ2fL
HiFOPsMj6S6FkVRBh7c9HD5HEDK3sjG00jWApIdNPzBdnbcavV9w72jFmE0TYyir
OMDPquWKun8HtQ==
-----END CERTIFICATE-----