Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
File:                     hUYNJS18tlxJNM6stG-pbctrVws.mft (raw, json)
Hash identifier:          KWiRKV1wRg1trHaKyRbQWTehGloEdZuYQVjPQ9v3oYE=
Subject key identifier:   84:34:66:FB:80:92:3A:2A:01:F0:21:BC:E7:80:7C:8C:4F:3E:AF:3C
Authority key identifier: 85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B
Certificate issuer:       /CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
Certificate serial:       01976884FE05CCF2360A4F927AADB0C29586
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
Manifest number:          06BB
Signing time:             Fri 13 Jun 2025 09:00:35 +0000
Manifest this update:     Fri 13 Jun 2025 09:00:35 +0000
Manifest next update:     Sat 14 Jun 2025 09:00:35 +0000
Files and hashes:         1: hUYNJS18tlxJNM6stG-pbctrVws.crl (hash: t2xIRoGDN1x78psvr3QAZpLToKyT6np9s/4EBHh/Lg4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 09:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:84:fe:05:cc:f2:36:0a:4f:92:7a:ad:b0:c2:95:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
        Validity
            Not Before: Jun 13 09:00:35 2025 GMT
            Not After : Jun 14 09:00:35 2025 GMT
        Subject: CN=843466fb80923a2a01f021bce7807c8c4f3eaf3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:d1:76:86:f4:01:a1:e6:e5:8f:c6:47:81:e2:
                    1b:f4:9c:51:d9:f2:87:17:14:27:9d:26:6f:55:a4:
                    53:14:e3:95:18:93:fb:46:3e:ba:3c:45:80:90:94:
                    c1:44:86:45:30:84:5f:d1:2a:75:13:f2:65:48:d3:
                    89:ba:1c:68:82:64:c2:37:84:0c:ee:75:4e:30:87:
                    e3:a8:16:0c:2a:de:6a:c0:3f:2d:1d:7e:de:20:35:
                    ca:f4:74:38:37:56:2a:fe:0c:55:5d:78:a6:18:90:
                    e9:42:58:a6:33:4f:c7:ed:76:89:30:92:95:33:23:
                    eb:19:d1:29:63:94:32:31:3a:f4:82:cc:c2:54:7d:
                    6b:67:89:58:c6:01:b9:b9:a8:5e:3e:23:0a:ba:a0:
                    1d:c9:c9:de:ab:c9:01:79:ca:1a:42:1c:55:b9:2e:
                    8a:ec:04:75:5a:32:32:ff:87:c8:a4:72:aa:83:80:
                    b3:0b:5e:c0:7a:64:3b:ab:6b:50:52:85:69:61:6e:
                    39:f8:db:7d:c6:9c:1a:7e:9c:f6:ca:5b:eb:ab:af:
                    7e:10:75:ce:91:41:97:14:cf:40:ab:0e:bd:bf:5e:
                    bb:fd:8a:9e:73:38:ba:90:91:d9:87:6e:52:75:31:
                    83:9d:74:e3:9d:73:4e:49:d3:b7:2e:ab:85:25:db:
                    20:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:34:66:FB:80:92:3A:2A:01:F0:21:BC:E7:80:7C:8C:4F:3E:AF:3C
            X509v3 Authority Key Identifier:
                keyid:85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:c2:e5:0e:42:af:4d:e5:05:30:1a:f8:2a:33:8a:2b:d9:88:
         93:00:6d:50:b5:00:d9:d4:be:a6:2a:37:47:af:d2:63:16:28:
         4c:f2:a2:a5:da:78:fe:7c:24:41:c9:07:ba:3b:dc:7e:3d:aa:
         ca:fb:12:81:2e:01:06:ed:cf:0a:fa:1d:96:e5:16:c8:6a:f3:
         58:af:0c:5d:a2:74:ba:02:1f:77:4e:78:a0:6a:b7:ad:94:f3:
         a1:6c:55:7f:9b:22:ff:7c:c6:9e:9c:23:9c:dd:04:27:5f:af:
         55:b1:a5:b3:c8:58:e8:36:c8:91:41:cb:e7:ab:36:f9:10:f3:
         02:5e:0f:e4:ce:87:e9:3e:f2:8c:88:d3:f2:f8:08:ea:82:17:
         b2:c8:38:d1:70:0f:59:fe:4b:ff:f8:ea:36:db:92:61:32:89:
         39:a7:82:78:6e:d4:7a:9d:74:fc:be:81:ff:85:b5:d1:66:4b:
         cb:6e:1a:46:a9:9b:e3:50:e2:d0:5c:a4:a4:eb:5a:a2:80:89:
         b0:43:d4:c5:e0:d5:2b:02:8c:d5:da:16:67:3d:ba:6e:f9:3c:
         0c:f2:57:ff:c3:b3:02:3a:61:e6:72:1c:20:01:aa:fe:b4:78:
         27:bf:b2:a1:18:e9:aa:4b:78:ed:d7:ab:f7:b4:06:20:b5:b7:
         3b:b4:9a:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdohP4FzPI2Ck+Seq2wwpWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYwZDI1MmQ3Y2I2NWM0OTM0Y2VhY2I0NmZhOTZkY2I2
YjU3MGIwHhcNMjUwNjEzMDkwMDM1WhcNMjUwNjE0MDkwMDM1WjAzMTEwLwYDVQQD
Eyg4NDM0NjZmYjgwOTIzYTJhMDFmMDIxYmNlNzgwN2M4YzRmM2VhZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNF2hvQBoeblj8ZHgeIb9JxR2fKH
FxQnnSZvVaRTFOOVGJP7Rj66PEWAkJTBRIZFMIRf0Sp1E/JlSNOJuhxogmTCN4QM
7nVOMIfjqBYMKt5qwD8tHX7eIDXK9HQ4N1Yq/gxVXXimGJDpQlimM0/H7XaJMJKV
MyPrGdEpY5QyMTr0gszCVH1rZ4lYxgG5uahePiMKuqAdycneq8kBecoaQhxVuS6K
7AR1WjIy/4fIpHKqg4CzC17AemQ7q2tQUoVpYW45+Nt9xpwafpz2ylvrq69+EHXO
kUGXFM9Aqw69v167/Yqeczi6kJHZh25SdTGDnXTjnXNOSdO3LquFJdsgowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQ0ZvuAkjoqAfAhvOeAfIxPPq88MB8GA1UdIwQY
MBaAFIVGDSUtfLZcSTTOrLRvqW3La1cLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2Qt
OTI2YTBiMmQ1N2FkLzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2QtOTI2YTBiMmQ1N2Fk
LzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkMLlDkKv
TeUFMBr4KjOKK9mIkwBtULUA2dS+pio3R6/SYxYoTPKipdp4/nwkQckHujvcfj2q
yvsSgS4BBu3PCvodluUWyGrzWK8MXaJ0ugIfd054oGq3rZTzoWxVf5si/3zGnpwj
nN0EJ1+vVbGls8hY6DbIkUHL56s2+RDzAl4P5M6H6T7yjIjT8vgI6oIXssg40XAP
Wf5L//jqNtuSYTKJOaeCeG7Uep10/L6B/4W10WZLy24aRqmb41Di0FykpOtaooCJ
sEPUxeDVKwKM1doWZz26bvk8DPJX/8OzAjph5nIcIAGq/rR4J7+yoRjpqkt47der
97QGILW3O7Salw==
-----END CERTIFICATE-----