Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
File:                     hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft (raw, json)
Hash identifier:          jQ/cx1T1MaiuNZPXuN75Fpo974JIgAPmSOXrMgakSF4=
Subject key identifier:   B4:FC:67:2A:50:9D:F8:11:C8:03:7D:DC:47:47:6E:C8:C0:D3:B1:8A
Authority key identifier: 84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C
Certificate issuer:       /CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
Certificate serial:       019DA48AED150756B0E4931332347320B9B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
Manifest number:          0BAC
Signing time:             Sun 19 Apr 2026 07:01:01 +0000
Manifest this update:     Sun 19 Apr 2026 07:01:01 +0000
Manifest next update:     Mon 20 Apr 2026 07:01:01 +0000
Files and hashes:         1: hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl (hash: e/T/bWUwxONUJNGfdUGgLs02EcVBklv+kyBQ/dDEk+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:ed:15:07:56:b0:e4:93:13:32:34:73:20:b9:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
        Validity
            Not Before: Apr 19 07:01:01 2026 GMT
            Not After : Apr 20 07:01:01 2026 GMT
        Subject: CN=b4fc672a509df811c8037ddc47476ec8c0d3b18a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b7:f5:14:4c:3f:98:16:85:93:29:33:26:6b:
                    30:43:a4:23:24:6c:4a:70:65:11:b1:d3:9f:8e:88:
                    72:52:6c:95:a0:63:b7:c7:6b:56:50:b5:4d:d3:02:
                    28:d3:21:e9:53:2e:8d:04:5d:d9:62:36:1c:a3:dd:
                    48:19:cc:e0:0d:65:47:7b:88:fd:92:65:4f:84:44:
                    71:d3:d2:76:57:3f:f4:ad:a8:fd:b5:31:1e:ff:2f:
                    43:07:10:ed:94:b4:03:72:22:6e:53:ad:ac:ae:54:
                    1e:a7:80:81:6e:14:24:fb:34:ca:b5:a3:8f:d2:dc:
                    a5:c9:57:2f:4a:ae:94:6a:66:42:5b:72:ca:6a:0b:
                    7d:28:7c:4c:54:20:85:44:7e:43:fe:0a:5b:ab:22:
                    aa:04:b6:4d:4d:35:b5:16:ed:3a:2a:bb:85:3a:83:
                    17:8f:c1:78:99:e7:65:4e:6a:00:9e:19:0b:4f:2b:
                    4f:7b:e2:5c:59:a9:d1:df:c0:d0:85:83:17:cc:3c:
                    c9:91:b3:49:b4:af:94:06:a4:f4:35:a9:bc:f3:43:
                    83:2e:9e:2d:70:78:5b:94:e9:1c:36:9a:9b:03:2e:
                    db:d8:6f:b0:e9:ed:6c:a1:36:d9:22:03:ed:41:8f:
                    d3:10:73:f6:d2:df:90:01:d9:4e:9a:6d:b8:12:ce:
                    63:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:FC:67:2A:50:9D:F8:11:C8:03:7D:DC:47:47:6E:C8:C0:D3:B1:8A
            X509v3 Authority Key Identifier:
                keyid:84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:dc:4b:75:2f:97:9e:5e:f2:48:91:75:1d:7a:38:03:4a:ef:
         60:89:c0:f6:0b:f5:90:cd:b8:a8:5d:b9:b6:ed:f2:fd:4e:f6:
         9c:7e:ea:71:bc:17:fc:87:5a:56:b1:91:8c:f8:a4:5c:8b:7f:
         04:f5:68:01:4f:10:ef:05:86:70:35:ef:f8:cd:7c:a2:5f:de:
         04:44:17:a6:da:d5:7c:ba:de:23:b5:ea:e7:71:06:c1:7d:f7:
         47:6b:dd:19:91:fd:90:c6:fb:9f:20:d4:d6:f4:f0:41:75:ff:
         41:77:31:b3:b4:cf:73:17:44:38:8d:a2:11:25:f8:2a:46:72:
         00:b1:74:34:df:81:d5:be:33:4a:9b:e2:1a:49:03:ae:b6:1f:
         aa:46:96:75:36:f1:ee:a1:e8:c3:56:f8:43:0b:4c:8c:5f:41:
         d9:48:63:93:91:2b:bb:4e:67:6e:c9:f3:f4:fe:e1:88:be:1f:
         c3:d8:b0:ed:dd:b7:ae:c1:73:a4:91:dc:27:de:46:a6:72:d1:
         5d:ec:2a:e0:48:c2:f5:71:b1:4b:53:07:68:1b:07:70:e1:31:
         0a:67:6a:2d:27:a8:e8:b6:29:66:7a:8c:22:2c:ad:ea:6c:5f:
         02:32:2f:a6:68:81:19:0a:4c:33:9e:ad:79:10:b4:f0:35:87:
         f7:5d:71:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kiu0VB1aw5JMTMjRzILm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MmIxOGY4ZDFkYjFmOTQ3NjIxYjJkOGY3ODY2MDNlMmIx
YmQ1MGMwHhcNMjYwNDE5MDcwMTAxWhcNMjYwNDIwMDcwMTAxWjAzMTEwLwYDVQQD
EyhiNGZjNjcyYTUwOWRmODExYzgwMzdkZGM0NzQ3NmVjOGMwZDNiMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7f1FEw/mBaFkykzJmswQ6QjJGxK
cGURsdOfjohyUmyVoGO3x2tWULVN0wIo0yHpUy6NBF3ZYjYco91IGczgDWVHe4j9
kmVPhERx09J2Vz/0raj9tTEe/y9DBxDtlLQDciJuU62srlQep4CBbhQk+zTKtaOP
0tylyVcvSq6UamZCW3LKagt9KHxMVCCFRH5D/gpbqyKqBLZNTTW1Fu06KruFOoMX
j8F4medlTmoAnhkLTytPe+JcWanR38DQhYMXzDzJkbNJtK+UBqT0Nam880ODLp4t
cHhblOkcNpqbAy7b2G+w6e1soTbZIgPtQY/TEHP20t+QAdlOmm24Es5j8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLT8ZypQnfgRyAN93EdHbsjA07GKMB8GA1UdIwQY
MBaAFIQrGPjR2x+UdiGy2PeGYD4rG9UMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgt
MGI5NzBiOTZjOTBiLzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgtMGI5NzBiOTZjOTBi
LzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG9xLdS+X
nl7ySJF1HXo4A0rvYInA9gv1kM24qF25tu3y/U72nH7qcbwX/IdaVrGRjPikXIt/
BPVoAU8Q7wWGcDXv+M18ol/eBEQXptrVfLreI7Xq53EGwX33R2vdGZH9kMb7nyDU
1vTwQXX/QXcxs7TPcxdEOI2iESX4KkZyALF0NN+B1b4zSpviGkkDrrYfqkaWdTbx
7qHow1b4QwtMjF9B2Uhjk5Eru05nbsnz9P7hiL4fw9iw7d23rsFzpJHcJ95GpnLR
Xewq4EjC9XGxS1MHaBsHcOExCmdqLSeo6LYpZnqMIiyt6mxfAjIvpmiBGQpMM56t
eRC08DWH911xjg==
-----END CERTIFICATE-----