Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          1YiWCdy2BVO9D2/xI1OXJXQIol180OFMP5kFCvKZH/U=
Subject key identifier:   9D:BE:65:91:96:49:AC:CA:05:C4:0A:E1:54:4C:D3:7E:F9:9C:F8:39
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       01988C57EABEE2D44029B37B3AF49A3306C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          1622
Signing time:             Sat 09 Aug 2025 01:00:28 +0000
Manifest this update:     Sat 09 Aug 2025 01:00:28 +0000
Manifest next update:     Sun 10 Aug 2025 01:00:28 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: DL6/keTorV+qMDOzLfaEt/KRznhNSzafI/XIG4dNXkA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8c:57:ea:be:e2:d4:40:29:b3:7b:3a:f4:9a:33:06:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Aug  9 01:00:28 2025 GMT
            Not After : Aug 10 01:00:28 2025 GMT
        Subject: CN=9dbe65919649acca05c40ae1544cd37ef99cf839
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:57:8b:db:fa:7c:63:0e:6e:a0:9d:89:5f:30:
                    e9:ec:78:b1:7f:3d:cb:bf:3b:19:e3:c9:ea:f3:a0:
                    c8:bc:7a:85:82:40:ea:e7:5e:8d:1a:c8:a3:f2:d2:
                    1a:9e:8f:3c:f0:3a:bb:98:d6:47:70:2a:94:d9:7f:
                    2a:af:d6:6b:87:10:73:9d:fa:6b:db:17:9c:ad:02:
                    f9:bf:76:6c:73:98:ab:ba:a1:be:62:a0:35:04:be:
                    32:df:ce:5e:c8:b0:54:c3:32:87:cd:d6:39:54:ed:
                    04:21:4f:35:5c:82:73:47:be:d1:64:03:44:e0:15:
                    dc:2e:72:78:3d:39:07:d2:06:f7:87:20:ca:56:69:
                    4d:a0:2e:52:64:f2:7a:4f:16:2d:f4:aa:33:cb:1f:
                    a3:4f:f1:ae:f2:04:c5:d0:a8:27:35:74:2c:9c:45:
                    f5:f0:04:8e:7f:49:a6:c9:fd:19:bd:36:5a:08:8f:
                    a2:e8:a7:8a:d7:e3:9b:d5:b9:75:ec:de:e9:bb:fb:
                    e8:b0:db:18:b7:19:ac:ee:5c:3e:b6:be:bc:1c:1d:
                    f5:42:c3:7e:9a:c2:12:41:a1:55:87:1e:96:d5:00:
                    a4:d5:21:63:44:ee:c4:94:f9:03:f8:76:4e:6b:82:
                    da:18:8b:ff:ba:ac:55:ec:fe:a6:0d:e1:24:08:d8:
                    27:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:BE:65:91:96:49:AC:CA:05:C4:0A:E1:54:4C:D3:7E:F9:9C:F8:39
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:28:8d:a8:d1:8b:db:c9:14:6d:d9:23:35:0e:fe:2e:ad:22:
         c7:54:14:f9:31:25:d9:d3:d7:fc:f0:38:38:33:7f:c7:56:cb:
         18:9b:cb:f0:50:72:ab:dd:ab:da:69:4c:0c:5d:e3:57:69:c1:
         91:0c:7d:c7:48:c4:c2:b5:1b:73:2e:76:64:06:62:3c:ad:44:
         7a:d5:97:c1:b5:36:19:c8:6b:f7:a4:46:93:45:e9:9e:b6:27:
         8c:a3:ef:5e:16:1e:95:b9:32:45:7a:73:d3:d6:2a:57:a9:5f:
         d8:ee:2d:76:24:60:69:c1:cd:6d:c2:14:8c:d5:3d:a7:e1:5f:
         67:aa:3e:a1:64:52:a3:bb:c3:56:d7:4f:2d:be:25:4a:25:28:
         1d:83:e8:be:98:70:3e:62:76:cb:05:b9:5e:c7:c9:7e:16:31:
         8a:32:03:cd:e4:78:73:48:c4:dd:f4:78:1c:bf:c2:38:ba:d0:
         cc:5b:aa:40:39:12:f1:a0:d8:32:ef:38:86:36:18:6f:44:6f:
         13:3a:4d:4d:cb:87:bc:e6:7c:9c:e0:66:47:38:0f:2e:fc:26:
         71:aa:40:84:76:f2:11:51:ee:d4:e4:1e:e7:95:bd:a5:b7:77:
         4c:23:8c:c1:f7:ca:8c:95:42:cf:9d:21:c7:3b:f2:07:af:2a:
         d2:28:d9:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiMV+q+4tRAKbN7OvSaMwbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjUwODA5MDEwMDI4WhcNMjUwODEwMDEwMDI4WjAzMTEwLwYDVQQD
Eyg5ZGJlNjU5MTk2NDlhY2NhMDVjNDBhZTE1NDRjZDM3ZWY5OWNmODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVeL2/p8Yw5uoJ2JXzDp7Hixfz3L
vzsZ48nq86DIvHqFgkDq516NGsij8tIano888Dq7mNZHcCqU2X8qr9ZrhxBznfpr
2xecrQL5v3Zsc5iruqG+YqA1BL4y385eyLBUwzKHzdY5VO0EIU81XIJzR77RZANE
4BXcLnJ4PTkH0gb3hyDKVmlNoC5SZPJ6TxYt9Kozyx+jT/Gu8gTF0KgnNXQsnEX1
8ASOf0mmyf0ZvTZaCI+i6KeK1+Ob1bl17N7pu/vosNsYtxms7lw+tr68HB31QsN+
msISQaFVhx6W1QCk1SFjRO7ElPkD+HZOa4LaGIv/uqxV7P6mDeEkCNgnmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2+ZZGWSazKBcQK4VRM0375nPg5MB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJyiNqNGL
28kUbdkjNQ7+Lq0ix1QU+TEl2dPX/PA4ODN/x1bLGJvL8FByq92r2mlMDF3jV2nB
kQx9x0jEwrUbcy52ZAZiPK1EetWXwbU2Gchr96RGk0XpnrYnjKPvXhYelbkyRXpz
09YqV6lf2O4tdiRgacHNbcIUjNU9p+FfZ6o+oWRSo7vDVtdPLb4lSiUoHYPovphw
PmJ2ywW5XsfJfhYxijIDzeR4c0jE3fR4HL/COLrQzFuqQDkS8aDYMu84hjYYb0Rv
EzpNTcuHvOZ8nOBmRzgPLvwmcapAhHbyEVHu1OQe55W9pbd3TCOMwffKjJVCz50h
xzvyB68q0ijZ+g==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:52:19 2025 by rpki-client