Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          yhmFfTuq4Mqv+S+wqhDyeXsIyig4t6CVfOxCyFYYJW8=
Subject key identifier:   31:F0:3C:50:B7:96:FD:4A:62:95:98:8F:32:FF:B8:27:A8:21:BD:7E
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       019A4F6233761D359CD5A7FF98ACCF321169
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          1707
Signing time:             Tue 04 Nov 2025 15:00:27 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:27 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:27 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: 0l9uHEH0p9GmIo51vtDkA8ruAbj0i2Tap3QAvlsRKOM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:33:76:1d:35:9c:d5:a7:ff:98:ac:cf:32:11:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: Nov  4 15:00:27 2025 GMT
            Not After : Nov  5 15:00:27 2025 GMT
        Subject: CN=31f03c50b796fd4a6295988f32ffb827a821bd7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:6f:d7:2e:6d:07:52:e8:c3:d5:72:68:6b:97:
                    5d:5a:d2:27:64:b9:71:72:c3:16:09:16:d8:f6:1d:
                    80:ae:10:a3:a7:a2:f7:fb:0d:7f:8c:07:70:56:7f:
                    a6:2d:73:1c:ed:d1:1b:0c:78:2b:53:0f:7e:e9:a7:
                    0b:ba:b9:46:6f:4c:ea:a6:76:14:4c:ee:18:20:02:
                    b5:52:ba:b8:8d:2f:0f:3f:e3:35:3d:09:23:be:0a:
                    dc:40:18:8e:8a:ca:38:b6:55:ac:34:a5:4d:4a:22:
                    bb:72:47:d2:e5:b2:8f:14:05:77:25:eb:bb:91:5c:
                    13:10:e5:d0:e2:82:32:11:89:f1:6c:cb:c6:9a:c0:
                    3c:b2:68:dd:89:96:d2:f0:2a:df:4c:14:77:cb:71:
                    09:51:c0:12:6d:97:2f:f9:d6:e3:57:42:1d:78:ce:
                    b7:07:1a:2f:0e:62:25:0d:79:29:82:db:26:ab:ea:
                    22:c3:cd:15:53:e2:6b:03:39:86:17:f6:88:28:e0:
                    5f:b1:a6:55:43:a4:aa:42:5c:7e:b3:d7:22:8f:25:
                    6e:61:dc:9e:c5:7b:9c:15:bb:a5:1f:e3:b7:55:87:
                    d1:3a:d4:0d:a4:d6:52:f6:1c:4d:cf:de:d4:61:1b:
                    00:b4:68:21:3c:ab:fd:b3:36:97:4d:a3:19:cb:38:
                    5b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:F0:3C:50:B7:96:FD:4A:62:95:98:8F:32:FF:B8:27:A8:21:BD:7E
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:f5:59:33:17:30:50:63:2c:a0:2e:d4:81:87:0d:e2:a6:4a:
         49:cc:45:7b:12:5b:bf:45:05:f8:e4:48:93:bb:af:a4:c7:5e:
         a8:86:62:96:1a:26:7b:b2:5f:92:70:88:8b:0f:7c:42:99:7b:
         9f:da:9e:f0:6e:42:80:99:a4:ba:a7:21:19:3d:1e:f6:cc:92:
         10:6e:a9:af:e8:a4:4e:13:c7:1d:68:d4:c3:ed:ce:84:6a:15:
         d3:0b:9f:aa:bd:31:a8:82:46:32:7b:21:6b:f8:a1:6d:bd:e1:
         6b:fb:cf:7a:13:21:52:71:df:97:0b:20:d4:45:35:63:7c:f1:
         eb:f1:89:31:9d:20:b3:34:76:ca:fa:4b:97:8d:c4:39:c6:27:
         1f:fd:ff:f5:d9:c2:77:61:39:a4:fa:ff:29:51:42:96:b2:53:
         8d:22:a7:97:7a:33:06:0b:bd:2a:77:34:e9:d2:85:bb:e1:36:
         ae:37:78:80:5d:81:18:05:23:9b:21:4e:79:67:c0:e0:c5:51:
         48:c9:c5:b1:bd:ed:ae:cd:6a:d1:ac:33:77:ef:c2:cc:06:0c:
         d2:8b:e1:1c:03:1c:24:6e:d4:55:83:c6:a5:6f:fe:1d:17:b6:
         69:82:3f:b9:74:05:c7:c2:14:4f:96:63:60:be:cb:fe:ae:c7:
         65:3c:2e:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYjN2HTWc1af/mKzPMhFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjUxMTA0MTUwMDI3WhcNMjUxMTA1MTUwMDI3WjAzMTEwLwYDVQQD
EygzMWYwM2M1MGI3OTZmZDRhNjI5NTk4OGYzMmZmYjgyN2E4MjFiZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW/XLm0HUujD1XJoa5ddWtInZLlx
csMWCRbY9h2ArhCjp6L3+w1/jAdwVn+mLXMc7dEbDHgrUw9+6acLurlGb0zqpnYU
TO4YIAK1Urq4jS8PP+M1PQkjvgrcQBiOiso4tlWsNKVNSiK7ckfS5bKPFAV3Jeu7
kVwTEOXQ4oIyEYnxbMvGmsA8smjdiZbS8CrfTBR3y3EJUcASbZcv+dbjV0IdeM63
BxovDmIlDXkpgtsmq+oiw80VU+JrAzmGF/aIKOBfsaZVQ6SqQlx+s9cijyVuYdye
xXucFbulH+O3VYfROtQNpNZS9hxNz97UYRsAtGghPKv9szaXTaMZyzhbbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHwPFC3lv1KYpWYjzL/uCeoIb1+MB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi/VZMxcw
UGMsoC7UgYcN4qZKScxFexJbv0UF+ORIk7uvpMdeqIZilhome7JfknCIiw98Qpl7
n9qe8G5CgJmkuqchGT0e9sySEG6pr+ikThPHHWjUw+3OhGoV0wufqr0xqIJGMnsh
a/ihbb3ha/vPehMhUnHflwsg1EU1Y3zx6/GJMZ0gszR2yvpLl43EOcYnH/3/9dnC
d2E5pPr/KVFClrJTjSKnl3ozBgu9Knc06dKFu+E2rjd4gF2BGAUjmyFOeWfA4MVR
SMnFsb3trs1q0awzd+/CzAYM0ovhHAMcJG7UVYPGpW/+HRe2aYI/uXQFx8IUT5Zj
YL7L/q7HZTwuaA==
-----END CERTIFICATE-----