Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          6ETbPGnqmin3eT4efvJZNgsPPx/6Y75cJ4cnxLEJXTQ=
Subject key identifier:   D7:BC:34:B2:46:5E:D6:21:B5:88:3F:B3:4D:77:EF:C8:7E:6F:35:64
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       01977753FCE028A7B741160596D50E09B343
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          158F
Signing time:             Mon 16 Jun 2025 06:01:22 +0000
Manifest this update:     Mon 16 Jun 2025 06:01:22 +0000
Manifest next update:     Tue 17 Jun 2025 06:01:22 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: tgnuJSgzu4fHMQgikRajPWTxk3gmVQdUudV1O2wEmMo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 06:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:77:53:fc:e0:28:a7:b7:41:16:05:96:d5:0e:09:b3:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Jun 16 06:01:22 2025 GMT
            Not After : Jun 17 06:01:22 2025 GMT
        Subject: CN=d7bc34b2465ed621b5883fb34d77efc87e6f3564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:57:d7:9d:ae:ad:ff:06:84:4a:df:4f:67:8b:
                    41:9e:72:11:0c:cb:f3:35:0d:1a:c4:d5:08:54:75:
                    1d:1f:dc:72:65:cb:0c:18:de:6b:1e:ea:86:84:13:
                    df:23:f7:25:e2:d5:70:3b:e3:81:6e:51:fb:50:32:
                    b6:0b:a7:7e:b2:9f:7a:a5:ab:d8:51:7d:98:af:0a:
                    37:e3:42:ba:4e:7a:d9:13:29:31:b9:9c:62:ea:91:
                    07:2b:4b:8a:f7:ef:9b:52:7f:7d:83:43:55:7a:ee:
                    39:14:d8:f5:5d:a8:b5:82:3f:12:b6:a7:5a:93:d1:
                    e3:c6:8f:4a:8e:ab:eb:56:26:98:99:08:ac:2c:c7:
                    9b:b7:48:c1:0a:48:35:fe:49:31:d1:c9:2b:38:ed:
                    10:5d:39:29:9c:be:27:6b:2c:6e:8a:9c:c3:bc:6a:
                    38:36:e3:13:35:8a:52:00:95:3b:ce:f8:67:8b:9b:
                    b0:b7:fb:16:ba:a3:bb:91:83:05:a3:8c:51:a6:32:
                    87:3f:c3:6d:cb:37:55:48:09:89:b8:54:ce:e9:de:
                    24:d7:07:2c:2d:6a:6e:41:18:e1:be:7d:c1:76:ba:
                    8d:53:42:4f:2e:84:43:df:0e:c5:7b:c1:1d:d2:bd:
                    dc:e4:1c:fe:e6:9a:93:cb:d9:a9:30:83:42:ce:b2:
                    a5:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:BC:34:B2:46:5E:D6:21:B5:88:3F:B3:4D:77:EF:C8:7E:6F:35:64
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:6d:5a:b5:7f:17:13:21:01:bf:5e:89:50:44:60:74:8b:b6:
         3d:69:f0:98:5e:b0:3c:45:84:f9:b9:f5:84:c6:9d:3b:69:f5:
         4d:30:6b:3d:34:73:14:d9:e2:b7:f3:97:eb:8e:3d:b4:85:33:
         77:fd:be:16:7d:51:0c:05:a5:d8:ad:28:6e:61:dc:c9:34:63:
         4e:41:6c:b0:42:d7:01:32:98:08:53:81:a4:b0:dc:6e:85:eb:
         44:57:ec:d7:53:6b:76:06:e0:86:e1:1c:a8:1c:f9:da:85:dc:
         db:d5:94:32:82:75:0e:f1:a0:09:f1:4d:90:20:8e:b1:87:d5:
         81:0f:44:e1:24:d8:bc:4b:f6:98:cd:f9:7a:42:29:e8:26:64:
         78:22:48:8f:9b:1a:dd:fe:30:8b:9f:cd:c8:bc:06:c7:82:60:
         35:1c:6a:82:09:bf:21:01:19:7f:67:38:c5:a5:d6:52:15:2a:
         68:a4:c5:19:68:9d:c7:fb:e8:cc:89:32:8f:00:f7:9a:3b:0b:
         6b:0b:9a:29:95:4f:20:be:8c:f6:c7:a1:6c:88:f9:ac:08:ad:
         40:c7:12:07:f3:fd:23:8b:06:da:cb:8f:20:9a:78:12:32:85:
         4b:2b:c8:4d:45:cc:fb:f6:29:ff:0e:bd:87:09:64:90:00:66:
         0e:89:31:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd3U/zgKKe3QRYFltUOCbNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjUwNjE2MDYwMTIyWhcNMjUwNjE3MDYwMTIyWjAzMTEwLwYDVQQD
EyhkN2JjMzRiMjQ2NWVkNjIxYjU4ODNmYjM0ZDc3ZWZjODdlNmYzNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVfXna6t/waESt9PZ4tBnnIRDMvz
NQ0axNUIVHUdH9xyZcsMGN5rHuqGhBPfI/cl4tVwO+OBblH7UDK2C6d+sp96pavY
UX2Yrwo340K6TnrZEykxuZxi6pEHK0uK9++bUn99g0NVeu45FNj1Xai1gj8Stqda
k9Hjxo9KjqvrViaYmQisLMebt0jBCkg1/kkx0ckrOO0QXTkpnL4nayxuipzDvGo4
NuMTNYpSAJU7zvhni5uwt/sWuqO7kYMFo4xRpjKHP8NtyzdVSAmJuFTO6d4k1wcs
LWpuQRjhvn3BdrqNU0JPLoRD3w7Fe8Ed0r3c5Bz+5pqTy9mpMINCzrKlEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNe8NLJGXtYhtYg/s01378h+bzVkMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeG1atX8X
EyEBv16JUERgdIu2PWnwmF6wPEWE+bn1hMadO2n1TTBrPTRzFNnit/OX6449tIUz
d/2+Fn1RDAWl2K0obmHcyTRjTkFssELXATKYCFOBpLDcboXrRFfs11NrdgbghuEc
qBz52oXc29WUMoJ1DvGgCfFNkCCOsYfVgQ9E4STYvEv2mM35ekIp6CZkeCJIj5sa
3f4wi5/NyLwGx4JgNRxqggm/IQEZf2c4xaXWUhUqaKTFGWidx/vozIkyjwD3mjsL
awuaKZVPIL6M9sehbIj5rAitQMcSB/P9I4sG2suPIJp4EjKFSyvITUXM+/Yp/w69
hwlkkABmDokxwg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:45:33 2025 by rpki-client