Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          D41Ah7NO98SPC0TyaxIrIgEXsXqQ3fhgSmtFxc+WUcM=
Subject key identifier:   47:84:83:F6:7D:D0:96:E5:31:3B:F1:F1:39:A1:A7:B3:9C:AF:FE:61
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       019880C2A4DAAAD4CF6E860EB5F25895C7BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          0453
Signing time:             Wed 06 Aug 2025 19:01:36 +0000
Manifest this update:     Wed 06 Aug 2025 19:01:36 +0000
Manifest next update:     Thu 07 Aug 2025 19:01:36 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: u0kQ68d3UNvsdbAPzaS1dZWjuRBomEdoPJal9567Oyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c2:a4:da:aa:d4:cf:6e:86:0e:b5:f2:58:95:c7:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Aug  6 19:01:36 2025 GMT
            Not After : Aug  7 19:01:36 2025 GMT
        Subject: CN=478483f67dd096e5313bf1f139a1a7b39caffe61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:52:7c:05:29:e1:06:ee:03:2d:94:5e:b0:99:
                    be:a7:95:cd:3a:39:ce:03:06:6f:61:59:ee:fd:7a:
                    31:8d:e5:5e:e1:23:b7:48:d9:b7:d4:9f:c5:68:5e:
                    ea:d3:a1:40:12:c0:0a:c3:9e:a5:90:f9:c0:95:29:
                    30:13:3a:e9:e5:a3:fd:ea:cc:24:79:3b:d2:c7:9a:
                    95:33:47:2f:6f:94:cb:12:5c:e0:5b:87:89:56:21:
                    9e:f2:db:6c:97:c1:75:73:6c:51:01:89:b5:c1:ab:
                    35:80:c3:7c:5d:9b:b0:ca:32:84:74:97:1c:f7:f1:
                    04:0a:39:16:5f:4e:0c:57:ef:9d:be:38:98:9e:c1:
                    ea:3c:22:0d:47:68:ac:cd:ae:70:bb:2c:3d:b6:ad:
                    93:4d:4d:1a:82:71:e6:7e:b7:28:c6:1a:e6:3d:fa:
                    7c:a0:df:a7:ee:38:fd:ac:ab:f9:2a:a6:7e:ae:a0:
                    ab:59:4e:e0:1c:ac:d7:ff:ac:d3:8c:c9:51:dd:26:
                    75:ef:f4:1e:ed:93:c8:82:7a:2d:d5:a2:bc:57:c8:
                    f4:30:4d:f0:94:e5:4d:2d:e0:4b:36:26:ee:16:f4:
                    48:b7:d9:11:fa:86:e8:6e:57:6e:50:b7:4d:73:58:
                    0d:60:48:ef:56:28:25:bb:4f:68:80:fd:84:93:3c:
                    6c:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:84:83:F6:7D:D0:96:E5:31:3B:F1:F1:39:A1:A7:B3:9C:AF:FE:61
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:06:35:f2:b9:1f:60:3a:d1:42:ce:66:7b:a9:d7:f6:23:30:
         36:c6:66:a3:81:e9:07:e3:f5:f2:1a:0d:35:cc:d4:fe:0b:8d:
         2f:22:f5:56:e7:07:8c:e8:67:b2:4d:37:08:9c:5d:a1:48:1b:
         88:b8:e3:db:5a:32:c5:6f:a4:9d:0b:85:e9:45:ed:6d:6e:20:
         97:93:39:f7:99:d9:c5:99:b7:9a:e8:2c:19:39:48:1e:9d:76:
         c8:a1:48:49:02:b4:02:43:8b:52:52:1d:f3:40:a3:96:25:85:
         dd:a2:fc:9f:74:48:c6:c5:15:13:ae:5d:54:91:c5:46:dc:67:
         1b:5d:53:ca:4c:c8:ec:c9:29:01:5e:ec:db:a3:4a:06:f6:9b:
         72:7d:e3:fa:32:b9:81:ae:a9:e9:38:c5:fa:99:b7:ff:c4:e0:
         77:6c:f0:88:c3:81:30:e5:2b:11:76:bb:27:e9:bc:2f:19:0f:
         12:29:8a:01:8a:ef:9a:51:e3:5d:a8:08:57:3a:98:68:d3:6e:
         f6:a1:41:04:0f:11:36:b1:b9:f8:e9:c7:14:76:2a:9d:9b:c7:
         4a:11:30:77:64:11:0a:16:6f:a4:18:d0:da:94:79:72:15:e7:
         bf:fa:92:71:fb:27:b7:0b:70:0a:33:f7:3b:40:e2:48:cb:fd:
         84:c3:72:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAwqTaqtTPboYOtfJYlce+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjUwODA2MTkwMTM2WhcNMjUwODA3MTkwMTM2WjAzMTEwLwYDVQQD
Eyg0Nzg0ODNmNjdkZDA5NmU1MzEzYmYxZjEzOWExYTdiMzljYWZmZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVJ8BSnhBu4DLZResJm+p5XNOjnO
AwZvYVnu/XoxjeVe4SO3SNm31J/FaF7q06FAEsAKw56lkPnAlSkwEzrp5aP96swk
eTvSx5qVM0cvb5TLElzgW4eJViGe8ttsl8F1c2xRAYm1was1gMN8XZuwyjKEdJcc
9/EECjkWX04MV++dvjiYnsHqPCINR2isza5wuyw9tq2TTU0agnHmfrcoxhrmPfp8
oN+n7jj9rKv5KqZ+rqCrWU7gHKzX/6zTjMlR3SZ17/Qe7ZPIgnot1aK8V8j0ME3w
lOVNLeBLNibuFvRIt9kR+oboblduULdNc1gNYEjvViglu09ogP2EkzxsuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEeEg/Z90JblMTvx8Tmhp7Ocr/5hMB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQY18rkf
YDrRQs5me6nX9iMwNsZmo4HpB+P18hoNNczU/guNLyL1VucHjOhnsk03CJxdoUgb
iLjj21oyxW+knQuF6UXtbW4gl5M595nZxZm3mugsGTlIHp12yKFISQK0AkOLUlId
80CjliWF3aL8n3RIxsUVE65dVJHFRtxnG11TykzI7MkpAV7s26NKBvabcn3j+jK5
ga6p6TjF+pm3/8Tgd2zwiMOBMOUrEXa7J+m8LxkPEimKAYrvmlHjXagIVzqYaNNu
9qFBBA8RNrG5+OnHFHYqnZvHShEwd2QRChZvpBjQ2pR5chXnv/qScfsntwtwCjP3
O0DiSMv9hMNyig==
-----END CERTIFICATE-----