Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
File:                     hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft (raw, json)
Hash identifier:          ++bDIhvJMZLG0HJFhj78peto9lDRx0o75tk03RJdZfk=
Subject key identifier:   20:2A:13:BB:6E:91:1E:B8:E5:AB:71:87:7E:EA:98:17:AC:33:FE:8A
Authority key identifier: 85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C
Certificate issuer:       /CN=856350305f11387500f03c5a06ff73aa13592f1c
Certificate serial:       01976BBCFBC1607E7D9BE54A713ED744F0CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
Manifest number:          158A
Signing time:             Sat 14 Jun 2025 00:00:36 +0000
Manifest this update:     Sat 14 Jun 2025 00:00:36 +0000
Manifest next update:     Sun 15 Jun 2025 00:00:36 +0000
Files and hashes:         1: hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl (hash: ZOoTaJpsM3gYmRL1Ay/NXYyheE2/HrnLgdmeUm0jrE8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bc:fb:c1:60:7e:7d:9b:e5:4a:71:3e:d7:44:f0:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=856350305f11387500f03c5a06ff73aa13592f1c
        Validity
            Not Before: Jun 14 00:00:36 2025 GMT
            Not After : Jun 15 00:00:36 2025 GMT
        Subject: CN=202a13bb6e911eb8e5ab71877eea9817ac33fe8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:b7:b8:fd:ba:3b:ab:4e:02:77:76:c5:89:05:
                    05:c6:8a:a1:62:77:c0:a4:cf:ca:59:4a:89:f6:1d:
                    7c:f2:ff:92:eb:e5:eb:05:00:b7:f0:a1:37:1e:d1:
                    98:8f:4e:f9:c1:4b:a4:bf:70:9c:c8:5a:aa:83:03:
                    e9:81:05:d0:cd:8e:e5:c8:93:82:a6:d8:bb:27:5f:
                    48:cb:b3:40:dc:70:28:5d:42:82:ed:d5:51:8b:c4:
                    fe:46:48:8a:c5:f4:6e:25:2c:9d:c4:98:c9:43:0b:
                    ce:ad:0c:a1:43:95:f4:f8:b7:df:4d:30:77:97:dd:
                    4d:50:f3:f7:b2:50:eb:f1:95:ba:8e:31:40:92:8a:
                    f8:10:b2:99:45:bb:cd:84:65:11:5e:e1:1b:55:71:
                    1a:b4:af:1f:bb:12:19:b8:8c:59:c8:56:9b:82:ce:
                    ac:8b:04:08:68:6f:2d:49:93:55:12:a0:5a:7e:ba:
                    28:dc:b0:be:a8:49:ee:94:4c:98:e3:fc:c0:f0:82:
                    ee:c8:36:49:c8:20:ce:0b:1c:07:17:e3:2b:d2:1d:
                    74:4d:c1:00:bf:b1:2b:ab:3d:31:6c:a1:26:7e:d0:
                    00:98:fd:08:50:be:e9:04:a0:e6:3e:4d:4e:de:fe:
                    fb:37:05:e7:9a:ea:b2:93:8e:1b:68:cb:c3:90:dc:
                    15:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:2A:13:BB:6E:91:1E:B8:E5:AB:71:87:7E:EA:98:17:AC:33:FE:8A
            X509v3 Authority Key Identifier:
                keyid:85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:f8:ea:87:43:79:03:fd:5c:0e:c0:61:ad:a9:55:97:75:ea:
         2e:c2:23:6b:3b:92:b5:78:21:a2:05:e7:52:d3:3f:0c:ab:ab:
         b5:08:15:ce:87:ab:a9:87:3f:d9:5f:e8:93:93:ce:29:4e:00:
         23:8e:5a:6a:c2:e4:67:6a:16:c0:33:17:cf:c6:6c:bb:5d:31:
         f4:d0:c9:e9:9f:98:dc:f7:24:0d:90:37:75:b1:7c:19:a3:8d:
         74:62:76:d1:1c:33:88:db:27:ad:59:a1:91:48:a9:35:5d:c8:
         2f:2a:32:dd:95:55:f4:5d:bf:05:d8:b3:2d:16:49:4b:b4:71:
         e3:f6:d0:c8:e4:0c:76:57:bf:8c:de:3c:bd:40:95:6f:f2:f7:
         43:b3:48:9e:6f:52:47:fb:3f:7b:34:7a:95:ec:ea:cd:d1:22:
         52:15:1e:73:9d:d7:5e:aa:d0:86:b2:56:bd:6f:06:2b:8c:df:
         39:6a:9c:f8:aa:ac:21:f8:0b:33:b2:a4:b4:07:59:52:e2:32:
         86:65:65:c8:a0:86:f9:89:0f:68:30:16:b6:60:82:35:f6:c2:
         66:58:11:6f:10:3a:4d:59:56:3d:7f:71:35:1a:31:a7:ca:dc:
         78:46:29:da:df:f5:54:c0:2d:45:4e:c0:26:5e:bd:42:7d:49:
         65:e3:1e:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvPvBYH59m+VKcT7XRPDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjM1MDMwNWYxMTM4NzUwMGYwM2M1YTA2ZmY3M2FhMTM1
OTJmMWMwHhcNMjUwNjE0MDAwMDM2WhcNMjUwNjE1MDAwMDM2WjAzMTEwLwYDVQQD
EygyMDJhMTNiYjZlOTExZWI4ZTVhYjcxODc3ZWVhOTgxN2FjMzNmZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAire4/bo7q04Cd3bFiQUFxoqhYnfA
pM/KWUqJ9h188v+S6+XrBQC38KE3HtGYj075wUukv3CcyFqqgwPpgQXQzY7lyJOC
pti7J19Iy7NA3HAoXUKC7dVRi8T+RkiKxfRuJSydxJjJQwvOrQyhQ5X0+LffTTB3
l91NUPP3slDr8ZW6jjFAkor4ELKZRbvNhGURXuEbVXEatK8fuxIZuIxZyFabgs6s
iwQIaG8tSZNVEqBafroo3LC+qEnulEyY4/zA8ILuyDZJyCDOCxwHF+Mr0h10TcEA
v7Erqz0xbKEmftAAmP0IUL7pBKDmPk1O3v77NwXnmuqyk44baMvDkNwVxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAqE7tukR645atxh37qmBesM/6KMB8GA1UdIwQY
MBaAFIVjUDBfETh1APA8Wgb/c6oTWS8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTct
ZWNlYzFiMmVkYjU5LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTctZWNlYzFiMmVkYjU5
LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASvjqh0N5
A/1cDsBhralVl3XqLsIjazuStXghogXnUtM/DKurtQgVzoerqYc/2V/ok5POKU4A
I45aasLkZ2oWwDMXz8Zsu10x9NDJ6Z+Y3PckDZA3dbF8GaONdGJ20RwziNsnrVmh
kUipNV3ILyoy3ZVV9F2/BdizLRZJS7Rx4/bQyOQMdle/jN48vUCVb/L3Q7NInm9S
R/s/ezR6lezqzdEiUhUec53XXqrQhrJWvW8GK4zfOWqc+KqsIfgLM7KktAdZUuIy
hmVlyKCG+YkPaDAWtmCCNfbCZlgRbxA6TVlWPX9xNRoxp8rceEYp2t/1VMAtRU7A
Jl69Qn1JZeMeZA==
-----END CERTIFICATE-----