Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          Y17NRSQN8AehCsquRHT5c/m2o+Zw0fEejLOIPi8dMrQ=
Subject key identifier:   D3:81:B9:66:11:FE:6D:F9:14:CB:5B:A5:DB:BA:28:5D:AD:59:D3:73
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       019D98F4BFA44E3FC63F0D2A6DAC475981C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 01:01:09 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:09 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:09 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: 9AHe/a7g+yTCSNo63qE5OtmLNSEB3aYGb1X2yPj2UuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:bf:a4:4e:3f:c6:3f:0d:2a:6d:ac:47:59:81:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Apr 17 01:01:09 2026 GMT
            Not After : Apr 18 01:01:09 2026 GMT
        Subject: CN=d381b96611fe6df914cb5ba5dbba285dad59d373
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:40:50:a1:10:e7:04:8f:5c:6d:06:f4:44:36:
                    93:7c:b1:11:fc:e9:cf:c2:3b:4b:58:fe:4f:52:c5:
                    10:44:ca:20:ec:be:57:e5:7c:ee:9c:1c:bb:3d:81:
                    2a:1a:e6:74:7d:f1:e9:a2:f3:ef:ce:f4:3f:02:ca:
                    5b:4c:76:3a:92:cd:e7:2b:6f:a9:1a:86:71:17:26:
                    25:a4:1b:a1:5f:97:eb:68:ea:d0:64:7e:03:bf:9d:
                    1a:24:16:f7:17:2c:c3:51:6d:d3:ed:3f:59:d5:82:
                    09:79:c5:51:96:11:7c:9b:6a:f5:96:67:02:52:04:
                    e7:b8:08:ec:af:07:00:3d:a3:c0:31:88:2b:0f:91:
                    d7:c3:19:33:da:17:58:84:32:85:1b:21:f8:09:54:
                    7a:d2:ab:99:de:a0:b6:59:18:54:c6:37:0f:44:f7:
                    97:5e:1c:0f:33:b6:e7:c7:e7:80:7a:93:79:b3:84:
                    1e:7f:ec:61:a9:a9:ac:97:01:cb:68:f0:be:da:86:
                    7c:fb:11:d9:20:eb:d1:05:46:83:97:6b:23:11:32:
                    45:4e:06:ca:76:05:ad:28:f9:26:37:de:98:c2:7f:
                    8d:72:ea:1d:97:fe:3c:ea:49:4e:f9:f0:c6:98:ac:
                    cf:1f:af:87:58:15:a1:3c:7a:16:10:76:6e:03:e8:
                    ec:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:81:B9:66:11:FE:6D:F9:14:CB:5B:A5:DB:BA:28:5D:AD:59:D3:73
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:41:fa:95:3d:66:d1:89:57:4b:0e:24:60:84:3f:05:e6:6a:
         81:a8:56:02:eb:58:45:f7:98:1d:55:72:b9:d1:5f:a0:13:9d:
         bd:39:36:da:1b:1c:c1:ab:c1:23:9a:7b:49:f8:6d:b5:a0:4e:
         31:ed:8f:6c:47:d8:84:79:72:23:74:a2:21:a6:f6:04:7a:32:
         e2:22:8e:c3:e3:5c:81:55:04:3a:d6:b9:5a:b5:71:cc:dd:9f:
         4e:30:75:11:07:1d:fe:c8:40:05:ec:a5:43:ec:b7:ba:09:d0:
         44:82:41:d9:f2:e4:2d:78:ae:19:3f:73:16:e9:84:b8:b2:ae:
         a8:c8:b8:f3:73:5a:3b:01:fe:99:dc:89:72:12:48:7e:14:a3:
         14:be:91:18:53:85:a1:de:c1:00:32:12:7b:0c:04:c9:90:48:
         f3:93:1a:e5:64:fe:e9:f6:96:bf:88:47:3f:48:88:93:f4:27:
         60:5f:9a:37:7c:09:44:70:46:ea:86:b6:8a:a4:23:bc:ba:a9:
         77:e2:6c:c5:c9:2d:57:55:30:1d:2a:52:9e:90:fb:da:81:a4:
         ff:89:f3:d1:f5:56:ec:87:d8:8f:6a:b4:38:ab:04:fd:03:1b:
         09:2d:d6:90:7c:37:34:37:f1:44:d9:f4:b8:4a:79:db:9b:b9:
         bb:de:89:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9L+kTj/GPw0qbaxHWYHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjYwNDE3MDEwMTA5WhcNMjYwNDE4MDEwMTA5WjAzMTEwLwYDVQQD
EyhkMzgxYjk2NjExZmU2ZGY5MTRjYjViYTVkYmJhMjg1ZGFkNTlkMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50BQoRDnBI9cbQb0RDaTfLER/OnP
wjtLWP5PUsUQRMog7L5X5XzunBy7PYEqGuZ0ffHpovPvzvQ/AspbTHY6ks3nK2+p
GoZxFyYlpBuhX5fraOrQZH4Dv50aJBb3FyzDUW3T7T9Z1YIJecVRlhF8m2r1lmcC
UgTnuAjsrwcAPaPAMYgrD5HXwxkz2hdYhDKFGyH4CVR60quZ3qC2WRhUxjcPRPeX
XhwPM7bnx+eAepN5s4Qef+xhqamslwHLaPC+2oZ8+xHZIOvRBUaDl2sjETJFTgbK
dgWtKPkmN96Ywn+Ncuodl/486klO+fDGmKzPH6+HWBWhPHoWEHZuA+jsWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOBuWYR/m35FMtbpdu6KF2tWdNzMB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIkH6lT1m
0YlXSw4kYIQ/BeZqgahWAutYRfeYHVVyudFfoBOdvTk22hscwavBI5p7SfhttaBO
Me2PbEfYhHlyI3SiIab2BHoy4iKOw+NcgVUEOta5WrVxzN2fTjB1EQcd/shABeyl
Q+y3ugnQRIJB2fLkLXiuGT9zFumEuLKuqMi483NaOwH+mdyJchJIfhSjFL6RGFOF
od7BADISewwEyZBI85Ma5WT+6faWv4hHP0iIk/QnYF+aN3wJRHBG6oa2iqQjvLqp
d+JsxcktV1UwHSpSnpD72oGk/4nz0fVW7IfYj2q0OKsE/QMbCS3WkHw3NDfxRNn0
uEp525u5u96JOQ==
-----END CERTIFICATE-----