Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          WMT0MS5kgKKq96ypb9o0wmfHfqUaax4eKgFvHh6vtcY=
Subject key identifier:   8B:34:C8:0A:88:A1:00:33:09:C5:66:BF:7C:C4:74:CC:0A:6D:8B:8C
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       0198745001844BC3071B65C70835CDA1FD80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          05E8
Signing time:             Mon 04 Aug 2025 09:00:56 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:56 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:56 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: W09tWjR5/RIi13Vl5awauXoaI1MaeLiyam4rGpFItrw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:01:84:4b:c3:07:1b:65:c7:08:35:cd:a1:fd:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Aug  4 09:00:56 2025 GMT
            Not After : Aug  5 09:00:56 2025 GMT
        Subject: CN=8b34c80a88a1003309c566bf7cc474cc0a6d8b8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ef:c9:03:59:19:5e:41:b3:b7:aa:e8:07:2a:
                    7e:f4:3a:64:e1:8f:90:63:b7:01:10:1a:07:63:a8:
                    f0:e7:aa:5f:12:34:dc:d9:4d:66:9e:47:30:51:bb:
                    96:85:de:1f:8b:84:29:94:43:f0:f3:48:18:1a:15:
                    83:7a:bb:93:89:5f:bf:1a:41:8c:db:91:51:52:d0:
                    c1:36:df:bb:41:bc:20:3c:0d:68:f2:29:69:21:f9:
                    40:4e:35:a7:a7:01:1d:2c:5b:b0:33:36:1e:24:9d:
                    d6:e4:e7:56:3b:36:b0:e4:ff:b7:62:82:d4:b2:c9:
                    a5:e8:7f:7c:34:a2:c4:03:8e:d6:88:4b:f3:d6:6b:
                    c8:a5:94:ad:8f:fe:dd:b6:16:56:53:93:82:5a:09:
                    3c:c5:0b:7f:01:5d:df:1f:aa:97:d1:f6:12:43:a8:
                    84:15:74:96:4d:7a:60:be:eb:ab:4b:1e:46:a8:4b:
                    10:fe:10:00:90:df:1d:8e:a9:44:49:35:a7:73:fe:
                    85:70:d2:b5:e5:98:ee:01:13:15:4f:3e:14:c9:84:
                    19:f2:8c:9a:aa:c8:24:36:df:1c:cb:36:a6:fa:be:
                    91:71:f4:5c:3b:96:e0:30:0d:63:25:3d:c6:31:13:
                    d8:dc:9e:43:2e:9f:5d:98:65:ed:22:e6:4c:12:5a:
                    d7:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:34:C8:0A:88:A1:00:33:09:C5:66:BF:7C:C4:74:CC:0A:6D:8B:8C
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:58:6f:7e:60:f5:f5:6f:c3:1f:79:a7:82:9f:08:4f:af:e0:
         07:50:0f:ce:f2:61:eb:ee:ff:aa:a5:75:ee:08:cd:b5:97:73:
         8e:31:54:4c:47:90:73:42:4d:7c:c5:20:2c:9d:68:ea:c6:1a:
         c1:bd:87:4f:00:9d:e5:5d:14:96:0b:64:0a:26:c9:80:a7:5f:
         34:62:41:ee:65:06:69:89:4b:8f:0b:0a:dd:96:1c:03:07:80:
         6f:bd:a4:ec:a9:57:d1:d3:b4:aa:64:c4:20:12:a2:1b:76:b6:
         ec:e8:71:ce:74:cb:38:30:81:75:3a:86:87:d7:e8:de:a5:6a:
         c7:7e:b7:ba:69:74:d8:24:73:61:b3:57:fb:39:c7:90:3a:7c:
         a7:dd:5c:8e:a9:3a:52:28:18:3a:1c:35:d6:3b:a7:46:7d:73:
         a9:6e:7d:4e:58:09:56:b1:cb:0f:98:b4:42:f5:d3:0c:9e:f7:
         5c:fc:21:83:32:b5:17:e0:7e:aa:ce:07:31:5b:9e:6f:67:11:
         ee:9c:d7:4b:9b:a4:9c:1b:e5:4e:5b:b1:b1:b4:f7:e1:79:f6:
         87:48:e5:bd:71:8c:e0:c3:87:08:98:90:15:71:9a:f9:ee:8c:
         d2:2a:95:df:b8:ba:36:23:e3:92:af:20:b7:ce:54:cd:ee:e2:
         07:3b:4b:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UAGES8MHG2XHCDXNof2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjUwODA0MDkwMDU2WhcNMjUwODA1MDkwMDU2WjAzMTEwLwYDVQQD
Eyg4YjM0YzgwYTg4YTEwMDMzMDljNTY2YmY3Y2M0NzRjYzBhNmQ4YjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+/JA1kZXkGzt6roByp+9Dpk4Y+Q
Y7cBEBoHY6jw56pfEjTc2U1mnkcwUbuWhd4fi4QplEPw80gYGhWDeruTiV+/GkGM
25FRUtDBNt+7QbwgPA1o8ilpIflATjWnpwEdLFuwMzYeJJ3W5OdWOzaw5P+3YoLU
ssml6H98NKLEA47WiEvz1mvIpZStj/7dthZWU5OCWgk8xQt/AV3fH6qX0fYSQ6iE
FXSWTXpgvuurSx5GqEsQ/hAAkN8djqlESTWnc/6FcNK15ZjuARMVTz4UyYQZ8oya
qsgkNt8cyzam+r6RcfRcO5bgMA1jJT3GMRPY3J5DLp9dmGXtIuZMElrX3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIs0yAqIoQAzCcVmv3zEdMwKbYuMMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF1hvfmD1
9W/DH3mngp8IT6/gB1APzvJh6+7/qqV17gjNtZdzjjFUTEeQc0JNfMUgLJ1o6sYa
wb2HTwCd5V0UlgtkCibJgKdfNGJB7mUGaYlLjwsK3ZYcAweAb72k7KlX0dO0qmTE
IBKiG3a27OhxznTLODCBdTqGh9fo3qVqx363uml02CRzYbNX+znHkDp8p91cjqk6
UigYOhw11junRn1zqW59TlgJVrHLD5i0QvXTDJ73XPwhgzK1F+B+qs4HMVueb2cR
7pzXS5uknBvlTluxsbT34Xn2h0jlvXGM4MOHCJiQFXGa+e6M0iqV37i6NiPjkq8g
t85Uze7iBztLkg==
-----END CERTIFICATE-----