Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
File:                     hpA1wxdzT2Ybv4XCGEFVofNhat0.mft (raw, json)
Hash identifier:          6unfQMCHcj7drDkk+OgTpUp/hAqmq95MSiCLE3a2Mkg=
Subject key identifier:   AA:43:69:CC:31:56:29:D8:D6:B1:86:9E:09:C2:E9:55:E5:E1:80:6C
Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
Certificate issuer:       /CN=869035c317734f661bbf85c2184155a1f3616add
Certificate serial:       01988B101EC6AA2437AE9A905527BAF87C47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
Manifest number:          11A9
Signing time:             Fri 08 Aug 2025 19:02:26 +0000
Manifest this update:     Fri 08 Aug 2025 19:02:26 +0000
Manifest next update:     Sat 09 Aug 2025 19:02:26 +0000
Files and hashes:         1: AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa (hash: tZKNbZDCtPOdNWQDTedTIFStwLgZ/2vtLmBHU+SWAQk=)
                          2: hpA1wxdzT2Ybv4XCGEFVofNhat0.crl (hash: 0EfJ0ZX/5kBevuWYek/LDWq45y1c87f4yxe1NJdLVIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:10:1e:c6:aa:24:37:ae:9a:90:55:27:ba:f8:7c:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=869035c317734f661bbf85c2184155a1f3616add
        Validity
            Not Before: Aug  8 19:02:26 2025 GMT
            Not After : Aug  9 19:02:26 2025 GMT
        Subject: CN=aa4369cc315629d8d6b1869e09c2e955e5e1806c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ef:80:48:79:48:ad:b0:ec:3a:a6:ce:f4:63:
                    dc:2b:6a:bd:bb:1c:61:77:b8:db:a8:67:a6:fd:c2:
                    cc:dc:6d:7f:6f:f5:26:aa:96:f4:87:d5:2e:f8:81:
                    6f:71:04:d5:7f:fa:3d:76:95:f4:8d:69:49:b9:11:
                    ad:4c:3c:2e:c3:8e:d6:59:bf:48:98:df:f7:63:c6:
                    60:35:f2:14:35:88:1e:b0:be:ac:91:61:5a:8a:35:
                    3d:1e:a9:43:f7:49:38:47:60:af:b9:b8:26:f8:80:
                    9b:3f:07:6d:74:62:9a:90:a4:f1:7c:85:43:83:5c:
                    79:de:81:f7:5c:fd:02:4b:8a:5b:d8:d6:0d:16:a7:
                    51:cd:fc:ee:cd:c4:9a:3a:09:02:ee:a5:54:eb:2b:
                    4b:f3:39:1b:cf:39:ad:e2:b3:55:cc:2a:75:35:26:
                    4f:cd:4b:da:2a:9a:a0:08:c5:c8:26:f7:b9:60:2c:
                    59:b3:32:01:73:4d:a1:02:d8:7a:61:a3:b6:c6:b9:
                    97:3c:f4:af:51:df:4f:17:99:0b:c4:e9:87:c5:15:
                    b5:c6:79:89:a0:84:40:fa:66:94:d1:03:0c:ba:bd:
                    5a:4a:ec:c2:3d:bf:26:55:2c:8c:c8:87:9c:b3:d8:
                    41:fe:a7:da:08:35:d0:c6:64:72:fd:be:89:ed:65:
                    33:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:43:69:CC:31:56:29:D8:D6:B1:86:9E:09:C2:E9:55:E5:E1:80:6C
            X509v3 Authority Key Identifier:
                keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:1b:73:d7:cf:7d:4a:c8:ae:06:48:c9:d7:c8:a6:89:27:e1:
         fd:c9:c3:10:19:48:7f:9b:e8:0c:8b:ef:00:2d:51:40:a5:9c:
         2c:40:c6:ee:81:6f:cc:91:4c:38:6c:1f:a4:6c:ee:c8:25:b9:
         86:6e:54:7f:a7:d4:69:a6:f7:12:fa:bf:3c:4a:8c:d0:cd:8c:
         b9:24:11:43:0e:95:63:de:e9:0b:ae:8d:0c:ab:8a:04:0f:95:
         30:86:a4:9c:b3:ce:c8:a2:91:b1:95:7f:d3:d9:77:e5:c8:8e:
         2a:10:a2:11:b2:ee:12:f2:69:2a:d1:fd:44:2b:ee:06:42:f2:
         b5:67:3d:22:26:7e:a9:56:2a:61:32:bd:9d:d7:31:f9:d7:17:
         bd:e6:02:4b:70:ea:5e:ac:41:23:73:6a:06:f0:b9:85:fd:41:
         32:f9:10:4c:aa:e1:6e:7c:f5:19:38:d5:84:01:fa:9d:78:72:
         8e:f8:df:2d:88:3e:85:17:2d:eb:62:c4:a2:7a:34:af:95:c9:
         39:16:64:40:17:8a:15:ec:27:a9:3b:a8:9c:e3:5e:de:49:01:
         a9:9d:be:84:0b:b7:d4:d9:65:0c:7b:b3:ac:46:4f:cd:67:11:
         40:ce:40:49:0a:14:e4:48:23:c6:93:33:a5:7e:61:70:74:ec:
         3b:d1:2f:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLEB7GqiQ3rpqQVSe6+HxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2
MTZhZGQwHhcNMjUwODA4MTkwMjI2WhcNMjUwODA5MTkwMjI2WjAzMTEwLwYDVQQD
EyhhYTQzNjljYzMxNTYyOWQ4ZDZiMTg2OWUwOWMyZTk1NWU1ZTE4MDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu+ASHlIrbDsOqbO9GPcK2q9uxxh
d7jbqGem/cLM3G1/b/Umqpb0h9Uu+IFvcQTVf/o9dpX0jWlJuRGtTDwuw47WWb9I
mN/3Y8ZgNfIUNYgesL6skWFaijU9HqlD90k4R2Cvubgm+ICbPwdtdGKakKTxfIVD
g1x53oH3XP0CS4pb2NYNFqdRzfzuzcSaOgkC7qVU6ytL8zkbzzmt4rNVzCp1NSZP
zUvaKpqgCMXIJve5YCxZszIBc02hAth6YaO2xrmXPPSvUd9PF5kLxOmHxRW1xnmJ
oIRA+maU0QMMur1aSuzCPb8mVSyMyIecs9hB/qfaCDXQxmRy/b6J7WUzCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpDacwxVinY1rGGngnC6VXl4YBsMB8GA1UdIwQY
MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt
NjAyOGMyNjU0OTQwLzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw
LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsRtz1899
SsiuBkjJ18imiSfh/cnDEBlIf5voDIvvAC1RQKWcLEDG7oFvzJFMOGwfpGzuyCW5
hm5Uf6fUaab3Evq/PEqM0M2MuSQRQw6VY97pC66NDKuKBA+VMIaknLPOyKKRsZV/
09l35ciOKhCiEbLuEvJpKtH9RCvuBkLytWc9IiZ+qVYqYTK9ndcx+dcXveYCS3Dq
XqxBI3NqBvC5hf1BMvkQTKrhbnz1GTjVhAH6nXhyjvjfLYg+hRct62LEono0r5XJ
ORZkQBeKFewnqTuonONe3kkBqZ2+hAu31NllDHuzrEZPzWcRQM5ASQoU5EgjxpMz
pX5hcHTsO9EvUA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:23:12 2025 by rpki-client