Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File:                     hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier:          RNum27anFUN9a+clIssVCuIpsQM0c93NCxOIw/bnJ+0=
Subject key identifier:   B2:A4:43:37:93:CC:78:79:2F:E2:6E:CC:28:90:16:8D:BE:00:12:35
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer:       /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial:       019D9B516592E22AFBF2FD342E13C29B8D78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number:          0C69
Signing time:             Fri 17 Apr 2026 12:01:35 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:35 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:35 +0000
Files and hashes:         1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: WUOevPTL57dkjzAhqm1a91Q4Z5o8Q5Vm6YKiw04jjOc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:51:65:92:e2:2a:fb:f2:fd:34:2e:13:c2:9b:8d:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
        Validity
            Not Before: Apr 17 12:01:35 2026 GMT
            Not After : Apr 18 12:01:35 2026 GMT
        Subject: CN=b2a4433793cc78792fe26ecc2890168dbe001235
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:17:de:e0:3f:d4:58:24:f5:cf:6d:28:9c:f5:
                    cf:77:b3:ed:01:0e:e7:05:c5:7d:be:30:65:82:02:
                    81:ca:97:33:ab:d5:36:b3:fa:58:28:d3:e1:71:a9:
                    84:1b:69:57:a6:13:15:6f:97:1c:6a:33:c3:98:cc:
                    22:32:7f:dd:50:e7:de:f1:a7:fd:e1:6b:0f:65:1c:
                    23:d1:f5:8c:eb:1d:8f:e6:e5:2a:2a:43:8b:50:6e:
                    3a:0a:94:d0:dd:e4:a3:88:a1:a6:29:32:73:85:ea:
                    4d:39:3c:f9:d4:3f:45:ba:8b:f7:7c:5a:56:fa:4a:
                    8f:64:9a:ce:53:71:b4:f5:4d:97:84:64:c3:6a:c7:
                    16:ff:00:63:5b:8f:7b:e3:12:b2:e4:ab:2b:c1:12:
                    ad:31:5b:2c:6c:1b:b2:f8:6e:4e:c0:72:00:e4:5d:
                    ba:3d:62:d3:2b:af:99:c9:1d:b6:65:ed:47:94:b9:
                    01:07:46:46:c6:77:b7:85:0a:38:df:89:27:1c:97:
                    3f:ca:f6:7b:6e:a5:2a:1a:93:f9:18:2c:bf:d5:29:
                    f4:d0:28:8e:d7:d7:64:85:27:8d:be:73:70:ad:08:
                    7b:1f:cd:01:12:8e:cb:3a:5e:5e:68:ff:d2:74:77:
                    80:c1:b8:b5:32:54:8d:54:7c:5b:e0:9e:fe:24:a0:
                    99:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:A4:43:37:93:CC:78:79:2F:E2:6E:CC:28:90:16:8D:BE:00:12:35
            X509v3 Authority Key Identifier:
                keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:09:de:63:57:fe:f0:63:9c:6c:1a:96:dd:44:a0:6f:6f:77:
         28:c5:60:00:7c:a9:c5:a5:85:95:91:a5:c5:2c:91:00:71:41:
         84:aa:a6:55:38:dd:41:34:8b:30:9a:9f:48:51:f6:94:73:36:
         a2:10:41:47:c2:db:0c:75:7b:16:50:b6:21:22:31:db:f3:58:
         ff:1c:82:42:f7:af:3d:8a:64:1a:99:ce:85:23:bd:99:17:df:
         11:b8:ad:80:f8:52:4f:3a:b1:fc:1e:1c:49:82:6e:7f:5a:b6:
         76:1b:e5:a6:2d:5f:4c:93:b9:5e:95:b4:f4:9a:93:e1:27:7b:
         f5:4c:83:8a:3e:9c:52:3a:45:e2:8c:9c:48:0f:1e:e0:61:7e:
         7c:03:9f:50:67:97:7a:40:85:12:c4:da:a0:63:7f:66:0d:92:
         21:5e:62:95:f2:0b:dc:21:a9:db:c8:3e:66:6f:fc:13:2c:4d:
         a3:46:3e:6f:4d:1e:ad:80:3b:af:c6:87:44:b8:6b:14:2f:bd:
         df:51:86:55:0f:d7:b2:e6:74:a0:ca:03:c7:38:3d:86:b3:c0:
         e0:c4:fa:bd:dd:2b:3f:36:f8:f7:98:fc:81:dd:25:2f:ad:ff:
         22:6b:2e:df:4c:89:c0:81:83:e1:9a:f6:d5:d0:82:ae:18:df:
         24:99:29:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUWWS4ir78v00LhPCm414MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjYwNDE3MTIwMTM1WhcNMjYwNDE4MTIwMTM1WjAzMTEwLwYDVQQD
EyhiMmE0NDMzNzkzY2M3ODc5MmZlMjZlY2MyODkwMTY4ZGJlMDAxMjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Bfe4D/UWCT1z20onPXPd7PtAQ7n
BcV9vjBlggKBypczq9U2s/pYKNPhcamEG2lXphMVb5ccajPDmMwiMn/dUOfe8af9
4WsPZRwj0fWM6x2P5uUqKkOLUG46CpTQ3eSjiKGmKTJzhepNOTz51D9Fuov3fFpW
+kqPZJrOU3G09U2XhGTDascW/wBjW4974xKy5KsrwRKtMVssbBuy+G5OwHIA5F26
PWLTK6+ZyR22Ze1HlLkBB0ZGxne3hQo434knHJc/yvZ7bqUqGpP5GCy/1Sn00CiO
19dkhSeNvnNwrQh7H80BEo7LOl5eaP/SdHeAwbi1MlSNVHxb4J7+JKCZ3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKkQzeTzHh5L+JuzCiQFo2+ABI1MB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQneY1f+
8GOcbBqW3USgb293KMVgAHypxaWFlZGlxSyRAHFBhKqmVTjdQTSLMJqfSFH2lHM2
ohBBR8LbDHV7FlC2ISIx2/NY/xyCQvevPYpkGpnOhSO9mRffEbitgPhSTzqx/B4c
SYJuf1q2dhvlpi1fTJO5XpW09JqT4Sd79UyDij6cUjpF4oycSA8e4GF+fAOfUGeX
ekCFEsTaoGN/Zg2SIV5ilfIL3CGp28g+Zm/8EyxNo0Y+b00erYA7r8aHRLhrFC+9
31GGVQ/XsuZ0oMoDxzg9hrPA4MT6vd0rPzb495j8gd0lL63/Imsu30yJwIGD4Zr2
1dCCrhjfJJkpEA==
-----END CERTIFICATE-----