Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
File:                     HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json)
Hash identifier:          5EnQrbwajYh2C/s3g5UZRDt75Ht1/TsJOszIL/8SXj0=
Subject key identifier:   BE:42:4B:00:20:70:1D:EF:FF:B5:E2:38:99:00:B5:1E:95:89:40:25
Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71
Certificate issuer:       /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
Certificate serial:       01988B10515D221D4DDC15234FD97052477A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
Manifest number:          0457
Signing time:             Fri 08 Aug 2025 19:02:39 +0000
Manifest this update:     Fri 08 Aug 2025 19:02:39 +0000
Manifest next update:     Sat 09 Aug 2025 19:02:39 +0000
Files and hashes:         1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: nA18jeE2ZVtvD56TPxsaHrzgV6ZxgizpK+GsHsgUhIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:02:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:10:51:5d:22:1d:4d:dc:15:23:4f:d9:70:52:47:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
        Validity
            Not Before: Aug  8 19:02:39 2025 GMT
            Not After : Aug  9 19:02:39 2025 GMT
        Subject: CN=be424b0020701defffb5e2389900b51e95894025
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:54:46:d7:7a:87:84:bc:37:3a:56:15:75:54:
                    db:3f:4a:d6:a6:cc:94:93:04:a0:4a:4e:6f:36:0e:
                    36:7a:0c:67:48:80:8b:06:9a:82:75:10:15:4e:61:
                    e6:ef:68:6a:de:8a:21:40:b8:58:d2:0f:50:ee:1e:
                    84:e6:69:72:98:9a:16:84:f1:a7:7b:7e:aa:a3:48:
                    61:ee:20:4a:53:34:a5:07:7a:10:70:45:45:09:f5:
                    cc:0b:a2:17:e6:e5:24:af:de:39:b7:e0:f2:b8:b8:
                    30:62:ff:21:4f:4f:4a:52:b5:cf:5b:c5:82:71:85:
                    28:f8:a0:72:d7:07:9e:e7:1a:77:4c:29:f4:32:7f:
                    25:e8:3f:40:9f:10:d3:24:b9:0e:32:b9:8f:05:48:
                    57:a0:7f:41:5d:cc:4e:99:17:f1:01:91:c0:86:77:
                    69:29:f5:72:10:24:1e:1f:07:27:35:32:f3:f0:5c:
                    35:51:9d:a3:ac:53:c7:4a:2d:92:47:2c:35:75:ad:
                    0a:84:bf:91:40:a3:66:7d:91:df:5c:f9:60:70:d8:
                    95:40:50:b2:74:96:10:8d:95:a2:73:11:2f:86:9c:
                    28:10:b7:21:77:fc:66:00:e0:b9:4c:0f:05:01:e2:
                    f9:7a:c2:5f:6c:41:13:5d:6f:02:28:bd:2e:3c:02:
                    e8:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:42:4B:00:20:70:1D:EF:FF:B5:E2:38:99:00:B5:1E:95:89:40:25
            X509v3 Authority Key Identifier:
                keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:5f:3d:6b:a2:82:f5:80:eb:40:c0:e5:b7:49:da:e0:5f:22:
         b6:ef:ad:42:ad:a4:03:4e:30:fb:d9:b3:e3:91:47:f4:46:af:
         03:e0:ca:a8:69:33:3a:c8:c7:c2:e0:27:1a:a2:cf:f2:31:2f:
         e9:5c:4e:dc:16:58:b7:8c:18:95:d9:66:c1:4f:1f:37:a4:60:
         0d:79:4a:2f:32:96:2d:1d:6b:5f:dd:91:11:de:63:5c:3e:2e:
         3f:23:7c:29:7d:75:cc:33:48:ab:7b:45:3b:11:4d:ca:b5:35:
         2e:24:8d:81:d2:bd:71:72:7c:70:c6:1f:9d:94:1a:65:42:cc:
         ed:a2:7e:a0:91:6d:c5:79:98:2f:06:93:d7:aa:49:5e:51:5e:
         34:25:7c:9c:38:7a:69:ef:b9:52:f8:df:c8:f9:21:a7:9b:90:
         ad:6d:c4:50:d6:6d:8b:7d:68:f6:75:27:a0:98:23:15:6d:65:
         08:ea:7c:fb:bf:b3:1b:7d:c0:e6:b3:4f:2b:6b:7b:cd:90:15:
         07:fd:31:a0:b2:5a:4d:4b:19:2e:da:16:53:1b:17:f5:0f:18:
         b8:82:14:6a:1e:35:f1:b8:2a:31:f3:9e:18:35:27:da:43:40:
         23:bd:61:56:ca:cd:44:90:cc:c2:c5:04:80:52:bc:b0:85:7b:
         02:9d:fb:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLEFFdIh1N3BUjT9lwUkd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx
MzI4NzEwHhcNMjUwODA4MTkwMjM5WhcNMjUwODA5MTkwMjM5WjAzMTEwLwYDVQQD
EyhiZTQyNGIwMDIwNzAxZGVmZmZiNWUyMzg5OTAwYjUxZTk1ODk0MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlRG13qHhLw3OlYVdVTbP0rWpsyU
kwSgSk5vNg42egxnSICLBpqCdRAVTmHm72hq3oohQLhY0g9Q7h6E5mlymJoWhPGn
e36qo0hh7iBKUzSlB3oQcEVFCfXMC6IX5uUkr945t+DyuLgwYv8hT09KUrXPW8WC
cYUo+KBy1wee5xp3TCn0Mn8l6D9AnxDTJLkOMrmPBUhXoH9BXcxOmRfxAZHAhndp
KfVyECQeHwcnNTLz8Fw1UZ2jrFPHSi2SRyw1da0KhL+RQKNmfZHfXPlgcNiVQFCy
dJYQjZWicxEvhpwoELchd/xmAOC5TA8FAeL5esJfbEETXW8CKL0uPALobQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5CSwAgcB3v/7XiOJkAtR6ViUAlMB8GA1UdIwQY
MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt
NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl
LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWV89a6KC
9YDrQMDlt0na4F8itu+tQq2kA04w+9mz45FH9EavA+DKqGkzOsjHwuAnGqLP8jEv
6VxO3BZYt4wYldlmwU8fN6RgDXlKLzKWLR1rX92REd5jXD4uPyN8KX11zDNIq3tF
OxFNyrU1LiSNgdK9cXJ8cMYfnZQaZULM7aJ+oJFtxXmYLwaT16pJXlFeNCV8nDh6
ae+5UvjfyPkhp5uQrW3EUNZti31o9nUnoJgjFW1lCOp8+7+zG33A5rNPK2t7zZAV
B/0xoLJaTUsZLtoWUxsX9Q8YuIIUah418bgqMfOeGDUn2kNAI71hVsrNRJDMwsUE
gFK8sIV7Ap37Bw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:22:23 2025 by rpki-client