Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
File:                     hwCTRBAfUQ52oqserOnpp9kuTtU.mft (raw, json)
Hash identifier:          TUTLvR/8OJGQ42fJBZqVfDTQPBSs1QZzPsknjB5sD7E=
Subject key identifier:   B7:38:D6:DB:47:D7:6C:FF:12:EB:CA:5B:C1:10:E5:E8:14:8D:01:2D
Authority key identifier: 87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5
Certificate issuer:       /CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
Certificate serial:       01984965355649C99FCE7BE4F84281FDA754
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
Manifest number:          0863
Signing time:             Sun 27 Jul 2025 01:00:26 +0000
Manifest this update:     Sun 27 Jul 2025 01:00:26 +0000
Manifest next update:     Mon 28 Jul 2025 01:00:26 +0000
Files and hashes:         1: hwCTRBAfUQ52oqserOnpp9kuTtU.crl (hash: PrIYXUFGofhP3wYF+3hRuBrR4/4Zt5xsv7yMLSa1pnw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:65:35:56:49:c9:9f:ce:7b:e4:f8:42:81:fd:a7:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
        Validity
            Not Before: Jul 27 01:00:26 2025 GMT
            Not After : Jul 28 01:00:26 2025 GMT
        Subject: CN=b738d6db47d76cff12ebca5bc110e5e8148d012d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:fd:72:97:15:d0:af:60:09:d3:e2:56:5f:71:
                    74:72:7c:85:dc:71:34:ca:f6:e1:50:a7:8c:55:a1:
                    9e:95:84:80:1d:bb:df:25:2e:15:2f:ab:a3:05:a3:
                    fb:51:7a:62:7f:4d:9d:08:69:a5:23:db:b1:eb:d5:
                    75:66:be:c8:1e:1f:40:6f:c6:8e:43:24:96:b0:b7:
                    db:c8:9d:d0:a9:76:a3:9c:7d:e2:2c:db:89:a8:8b:
                    1d:a6:e6:85:41:d1:1d:1b:92:dd:c7:a8:ef:c5:5d:
                    ca:ae:12:d1:97:59:59:bd:1d:aa:80:95:14:e0:85:
                    7a:35:a2:e0:85:93:71:7b:7e:9b:dd:77:ee:e8:5f:
                    f6:e2:ec:17:fd:1a:4d:58:22:c2:bc:83:84:6b:22:
                    3f:93:8a:7b:e9:35:c2:52:f0:20:fa:29:e2:c6:21:
                    d2:13:72:b6:f1:65:74:df:98:18:40:44:b9:98:c1:
                    66:ae:fe:dc:fe:74:d5:11:37:04:06:de:b6:da:ad:
                    4a:f7:ea:82:97:30:6c:54:78:3d:cc:45:1e:65:da:
                    2a:d0:a7:5f:55:82:16:d1:92:c3:d9:ad:4d:3a:71:
                    80:22:88:4c:0d:90:48:90:3f:63:93:56:a0:81:1e:
                    35:2f:94:3b:f6:dc:f2:eb:e6:ae:7f:eb:91:23:be:
                    57:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:38:D6:DB:47:D7:6C:FF:12:EB:CA:5B:C1:10:E5:E8:14:8D:01:2D
            X509v3 Authority Key Identifier:
                keyid:87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:ad:e9:15:6f:6f:51:47:f9:c1:c7:25:ab:6e:c1:48:5f:01:
         6e:0d:cf:ac:e6:42:5b:9b:10:16:4f:39:a7:24:66:a3:41:51:
         0a:02:a6:2e:ce:b4:0e:e7:4a:4e:20:47:40:3b:de:25:32:64:
         ee:1d:8d:6c:8d:a1:80:ee:67:83:8e:d8:c4:80:1f:a2:aa:d9:
         ad:57:23:0f:a6:89:63:9a:6a:ba:db:01:47:a1:fa:0e:df:bb:
         0d:53:24:94:d8:ad:4b:d7:a5:10:fc:95:08:e2:98:2a:da:32:
         81:9b:26:67:ed:b6:f4:47:34:de:92:f4:69:51:d7:0d:8e:47:
         36:aa:2c:9c:37:bb:0b:38:f9:76:06:fb:d3:ad:35:db:75:59:
         5d:52:68:9f:26:99:a4:19:63:cc:47:21:ba:03:14:4c:1a:c6:
         e0:d3:2c:21:84:37:af:64:fd:a8:ef:d2:79:ab:99:e2:10:07:
         62:0f:1f:cc:bf:3a:72:9c:bb:87:dc:06:c4:5c:b8:4f:d1:96:
         b9:4b:58:56:b7:68:4e:cd:fc:77:6b:d7:2c:4c:b8:f6:b8:f7:
         de:46:23:68:dd:02:47:40:94:14:77:9c:05:79:33:b8:e3:3d:
         a1:b2:22:c7:0b:c3:e2:27:e5:85:ae:6a:d4:cd:f2:9d:f4:37:
         b0:2a:e4:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZTVWScmfznvk+EKB/adUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MDA5MzQ0MTAxZjUxMGU3NmEyYWIxZWFjZTllOWE3ZDky
ZTRlZDUwHhcNMjUwNzI3MDEwMDI2WhcNMjUwNzI4MDEwMDI2WjAzMTEwLwYDVQQD
EyhiNzM4ZDZkYjQ3ZDc2Y2ZmMTJlYmNhNWJjMTEwZTVlODE0OGQwMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif1ylxXQr2AJ0+JWX3F0cnyF3HE0
yvbhUKeMVaGelYSAHbvfJS4VL6ujBaP7UXpif02dCGmlI9ux69V1Zr7IHh9Ab8aO
QySWsLfbyJ3QqXajnH3iLNuJqIsdpuaFQdEdG5Ldx6jvxV3KrhLRl1lZvR2qgJUU
4IV6NaLghZNxe36b3Xfu6F/24uwX/RpNWCLCvIOEayI/k4p76TXCUvAg+inixiHS
E3K28WV035gYQES5mMFmrv7c/nTVETcEBt622q1K9+qClzBsVHg9zEUeZdoq0Kdf
VYIW0ZLD2a1NOnGAIohMDZBIkD9jk1aggR41L5Q79tzy6+auf+uRI75X1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLc41ttH12z/EuvKW8EQ5egUjQEtMB8GA1UdIwQY
MBaAFIcAk0QQH1EOdqKrHqzp6afZLk7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDkt
ZDZhZGExMjgxNjY4LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDktZDZhZGExMjgxNjY4
LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPa3pFW9v
UUf5wcclq27BSF8Bbg3PrOZCW5sQFk85pyRmo0FRCgKmLs60DudKTiBHQDveJTJk
7h2NbI2hgO5ng47YxIAfoqrZrVcjD6aJY5pqutsBR6H6Dt+7DVMklNitS9elEPyV
COKYKtoygZsmZ+229Ec03pL0aVHXDY5HNqosnDe7Czj5dgb7060123VZXVJonyaZ
pBljzEchugMUTBrG4NMsIYQ3r2T9qO/SeauZ4hAHYg8fzL86cpy7h9wGxFy4T9GW
uUtYVrdoTs38d2vXLEy49rj33kYjaN0CR0CUFHecBXkzuOM9obIixwvD4iflha5q
1M3ynfQ3sCrksA==
-----END CERTIFICATE-----