Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
File:                     HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft (raw, json)
Hash identifier:          a7vjk8Vl1JlpGUjXQT1E+vzSBZxRo4jqqhCWq947pho=
Subject key identifier:   55:E6:B7:06:95:61:B1:CD:8A:82:F7:49:7A:BA:05:06:31:C6:07:92
Authority key identifier: 1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D
Certificate issuer:       /CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d
Certificate serial:       0198481BD3C7AA4AA1F716AFF7A19075788E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
Manifest number:          134D
Signing time:             Sat 26 Jul 2025 19:00:39 +0000
Manifest this update:     Sat 26 Jul 2025 19:00:39 +0000
Manifest next update:     Sun 27 Jul 2025 19:00:39 +0000
Files and hashes:         1: HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl (hash: LDYaIWMC8keh3bJ0ixD/LLQmyA0DgCMFQVqmE+0P54c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 15:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:48:1b:d3:c7:aa:4a:a1:f7:16:af:f7:a1:90:75:78:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d
        Validity
            Not Before: Jul 26 19:00:39 2025 GMT
            Not After : Jul 27 19:00:39 2025 GMT
        Subject: CN=55e6b7069561b1cd8a82f7497aba050631c60792
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:74:7b:10:85:09:a5:80:99:9f:f3:b1:b2:e9:
                    5e:06:3c:4e:25:d8:3e:29:f2:3f:7c:05:6e:05:35:
                    78:7e:43:c2:74:3d:13:fc:fa:fc:d8:f9:fd:cd:8c:
                    f5:01:7d:8c:5f:4e:72:f1:f0:bb:3e:03:e1:3c:72:
                    3e:35:79:cf:ad:d4:b4:28:b2:47:98:19:80:38:9c:
                    af:24:4d:ea:92:69:c3:e3:19:36:3f:80:ac:9a:2b:
                    b3:3f:d0:5e:5e:01:70:21:13:09:34:e3:f0:f7:62:
                    93:be:be:cb:43:43:6f:83:ba:43:f7:80:6d:e7:4e:
                    03:66:e9:7c:91:27:7d:d1:a4:0d:e5:e1:6d:50:1a:
                    95:45:4d:d5:3a:9c:f7:20:8c:83:74:95:1a:c3:3d:
                    1d:38:f8:c2:9f:6f:9e:c0:c5:32:d2:5e:20:38:5e:
                    1d:ad:ee:c6:bd:71:6e:d7:95:69:dd:50:e8:da:76:
                    44:63:6f:c6:26:a5:69:88:c2:17:09:c3:cf:cc:5b:
                    19:7b:4a:29:e5:86:58:8b:5a:c9:a1:c5:16:5b:1a:
                    21:8f:97:3e:47:76:16:61:96:49:da:8e:34:13:26:
                    c6:f2:55:93:0d:cb:81:eb:14:db:c3:06:61:de:16:
                    5c:c4:4e:2e:36:4a:e4:b3:d0:e8:5e:70:36:63:ea:
                    6e:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:E6:B7:06:95:61:B1:CD:8A:82:F7:49:7A:BA:05:06:31:C6:07:92
            X509v3 Authority Key Identifier:
                keyid:1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:31:cc:c8:ab:05:8f:51:42:38:b6:f1:ee:be:88:c9:b3:a4:
         68:77:5b:02:31:f2:ec:bb:a8:ab:c6:97:46:26:97:e3:a0:5f:
         60:fd:92:52:58:b6:aa:e1:95:fc:f7:aa:c7:f6:72:c3:c4:5b:
         cd:8d:d7:ef:17:c4:5a:d5:2b:ec:3f:77:df:2c:36:1b:7b:2e:
         cc:a4:94:f5:e5:23:a4:cb:bf:53:0f:1f:25:dc:c0:9e:a4:bd:
         c2:c4:8f:f1:b1:b4:62:31:e2:fb:0b:01:66:dd:98:20:87:07:
         cc:98:94:4f:ae:e1:e7:5c:7d:11:25:e6:fb:e2:47:3b:36:72:
         fd:e9:e0:a6:3a:7a:14:ad:7b:12:31:fb:30:39:37:fb:e2:f2:
         78:fc:39:8b:e2:71:b4:43:c2:e5:53:ea:26:85:77:35:33:79:
         9c:62:04:73:ec:a0:4f:fe:45:b1:2f:fe:3f:6a:a5:23:82:92:
         47:a9:d6:9c:3e:7c:df:04:d4:8b:c6:9b:70:6d:29:e9:a2:a3:
         61:d3:26:46:13:f1:d9:e2:8f:4a:bc:8c:95:eb:4c:af:ee:b2:
         f5:fe:e5:83:d3:12:01:c5:ef:7f:b0:01:70:41:a1:d6:22:3c:
         5a:23:43:f5:59:76:09:8a:c4:72:49:43:e0:e6:19:e1:94:13:
         f0:13:1f:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhIG9PHqkqh9xav96GQdXiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGMzOTFlZGQ1Y2JlZTFhMTRlMGFiM2Y5M2Q4MzRmYWU1
MTFlNGQwHhcNMjUwNzI2MTkwMDM5WhcNMjUwNzI3MTkwMDM5WjAzMTEwLwYDVQQD
Eyg1NWU2YjcwNjk1NjFiMWNkOGE4MmY3NDk3YWJhMDUwNjMxYzYwNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXR7EIUJpYCZn/OxsuleBjxOJdg+
KfI/fAVuBTV4fkPCdD0T/Pr82Pn9zYz1AX2MX05y8fC7PgPhPHI+NXnPrdS0KLJH
mBmAOJyvJE3qkmnD4xk2P4CsmiuzP9BeXgFwIRMJNOPw92KTvr7LQ0Nvg7pD94Bt
504DZul8kSd90aQN5eFtUBqVRU3VOpz3IIyDdJUawz0dOPjCn2+ewMUy0l4gOF4d
re7GvXFu15Vp3VDo2nZEY2/GJqVpiMIXCcPPzFsZe0op5YZYi1rJocUWWxohj5c+
R3YWYZZJ2o40EybG8lWTDcuB6xTbwwZh3hZcxE4uNkrks9DoXnA2Y+pu2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXmtwaVYbHNioL3SXq6BQYxxgeSMB8GA1UdIwQY
MBaAFB0MOR7dXL7hoU4Ks/k9g0+uUR5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQt
MGY4OTllMGMyMGNkLzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQtMGY4OTllMGMyMGNk
LzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdzHMyKsF
j1FCOLbx7r6IybOkaHdbAjHy7Luoq8aXRiaX46BfYP2SUli2quGV/Peqx/Zyw8Rb
zY3X7xfEWtUr7D933yw2G3suzKSU9eUjpMu/Uw8fJdzAnqS9wsSP8bG0YjHi+wsB
Zt2YIIcHzJiUT67h51x9ESXm++JHOzZy/engpjp6FK17EjH7MDk3++LyePw5i+Jx
tEPC5VPqJoV3NTN5nGIEc+ygT/5FsS/+P2qlI4KSR6nWnD583wTUi8abcG0p6aKj
YdMmRhPx2eKPSryMletMr+6y9f7lg9MSAcXvf7ABcEGh1iI8WiND9Vl2CYrEcklD
4OYZ4ZQT8BMfRQ==
-----END CERTIFICATE-----