Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          4ZhxI0yQHJd9Cp+C5sEwE9md/s6ufQqBzcvDfTN5hrc=
Subject key identifier:   06:9F:A6:D4:0A:A6:DE:B8:F7:1A:CA:FB:0F:9E:AE:30:BE:00:7F:C4
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       01977075DDC4C8DE30EAD4CFC3A5877C3130
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          158F
Signing time:             Sat 14 Jun 2025 22:01:02 +0000
Manifest this update:     Sat 14 Jun 2025 22:01:02 +0000
Manifest next update:     Sun 15 Jun 2025 22:01:02 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: kZoJ4yU2sTy2UJcc+BX1zMshSQfUxS89vjFdjEZHY7w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:75:dd:c4:c8:de:30:ea:d4:cf:c3:a5:87:7c:31:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Jun 14 22:01:02 2025 GMT
            Not After : Jun 15 22:01:02 2025 GMT
        Subject: CN=069fa6d40aa6deb8f71acafb0f9eae30be007fc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:51:5b:4f:97:28:6a:4c:ac:a6:7c:63:0f:7f:
                    72:da:9f:b4:d6:e0:3c:da:d1:1e:19:09:9e:7d:e8:
                    7d:54:80:f5:43:e1:ce:4e:dc:4f:ef:f8:1f:b5:26:
                    1e:54:e6:f4:c0:08:7c:fb:44:62:bd:27:13:5b:f5:
                    03:f4:39:a9:e6:45:82:cc:4a:1e:aa:69:ea:be:ae:
                    a5:05:33:51:7b:c0:84:da:74:5b:6a:cf:01:af:92:
                    6d:9a:9f:f2:c9:21:e7:06:09:8a:7e:1e:55:5c:58:
                    33:d1:46:5a:ed:28:28:3f:fd:f4:a4:11:5b:f8:d2:
                    81:91:8b:eb:9c:ad:31:8d:80:9c:4c:2d:ce:c3:28:
                    f8:07:9d:01:df:d6:47:40:c2:d8:ac:0e:4d:73:9e:
                    39:03:dd:55:a3:0b:55:19:69:dd:5e:8c:b1:7e:67:
                    96:b8:77:49:58:75:05:12:1b:8f:5e:88:32:00:96:
                    60:66:6b:8d:b0:f0:13:d5:d6:cd:d7:70:52:af:46:
                    23:15:e7:aa:66:c8:10:2b:62:d6:95:36:a6:91:d4:
                    3c:56:91:a8:c2:e3:d5:c3:ec:80:63:ae:38:4d:47:
                    e3:92:46:23:15:36:e2:59:7a:7d:f7:c2:cc:73:d5:
                    a5:8c:86:81:64:01:15:ca:8c:2d:08:3a:93:56:cc:
                    45:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:9F:A6:D4:0A:A6:DE:B8:F7:1A:CA:FB:0F:9E:AE:30:BE:00:7F:C4
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:5a:7c:d1:41:2d:47:71:6f:20:e5:2a:90:e7:41:76:c3:a2:
         c4:51:b7:cc:64:9c:59:91:ac:51:38:88:c4:a7:45:3d:cc:bf:
         d2:b1:23:79:e4:02:bc:52:b1:34:89:2e:d4:2b:15:e1:8d:e1:
         c9:df:26:b2:c2:40:22:c9:70:ae:86:3e:39:94:e1:dc:5b:d3:
         75:62:c3:6f:db:5b:80:9d:e5:1d:67:38:26:f4:84:61:3d:78:
         f8:02:46:76:0c:c2:ab:68:cf:77:dc:ec:1d:98:56:e6:71:9d:
         f3:35:c0:27:86:84:39:b0:60:b8:3a:5a:48:0f:56:a4:6c:45:
         95:15:58:aa:67:57:19:0e:b4:52:9d:06:36:af:d8:d4:b4:37:
         e2:37:a7:42:8a:30:b3:66:c8:b9:44:4e:69:bf:99:78:78:4c:
         40:97:83:db:f1:6d:78:71:4e:6b:1f:17:f4:df:b6:83:ab:cd:
         ff:06:38:2c:80:5d:73:a8:83:55:b0:3d:f3:83:a7:fd:d8:e5:
         58:c5:ef:78:0c:51:e8:93:03:d6:52:27:36:8a:34:39:c8:69:
         f4:2c:32:b0:9b:ba:f6:79:dd:0c:02:1a:bc:ad:9d:c7:36:ae:
         1f:7e:07:15:e7:4f:63:28:ab:a8:3d:fb:96:9f:0a:c8:94:39:
         03:50:24:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwdd3EyN4w6tTPw6WHfDEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjUwNjE0MjIwMTAyWhcNMjUwNjE1MjIwMTAyWjAzMTEwLwYDVQQD
EygwNjlmYTZkNDBhYTZkZWI4ZjcxYWNhZmIwZjllYWUzMGJlMDA3ZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVFbT5coakyspnxjD39y2p+01uA8
2tEeGQmefeh9VID1Q+HOTtxP7/gftSYeVOb0wAh8+0RivScTW/UD9Dmp5kWCzEoe
qmnqvq6lBTNRe8CE2nRbas8Br5Jtmp/yySHnBgmKfh5VXFgz0UZa7SgoP/30pBFb
+NKBkYvrnK0xjYCcTC3Owyj4B50B39ZHQMLYrA5Nc545A91VowtVGWndXoyxfmeW
uHdJWHUFEhuPXogyAJZgZmuNsPAT1dbN13BSr0YjFeeqZsgQK2LWlTamkdQ8VpGo
wuPVw+yAY644TUfjkkYjFTbiWXp998LMc9WljIaBZAEVyowtCDqTVsxFswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAafptQKpt649xrK+w+erjC+AH/EMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO1p80UEt
R3FvIOUqkOdBdsOixFG3zGScWZGsUTiIxKdFPcy/0rEjeeQCvFKxNIku1CsV4Y3h
yd8mssJAIslwroY+OZTh3FvTdWLDb9tbgJ3lHWc4JvSEYT14+AJGdgzCq2jPd9zs
HZhW5nGd8zXAJ4aEObBguDpaSA9WpGxFlRVYqmdXGQ60Up0GNq/Y1LQ34jenQoow
s2bIuUROab+ZeHhMQJeD2/FteHFOax8X9N+2g6vN/wY4LIBdc6iDVbA984On/djl
WMXveAxR6JMD1lInNoo0Ochp9CwysJu69nndDAIavK2dxzauH34HFedPYyirqD37
lp8KyJQ5A1Ak9Q==
-----END CERTIFICATE-----