Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
File:                     HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft (raw, json)
Hash identifier:          zBCSV+zYfAdt8Ufx/KwOCJsXCfbuC6ljfLtDsaPBKRk=
Subject key identifier:   5F:F9:47:56:8E:88:6C:16:10:93:BE:EC:BE:5E:EC:08:72:2C:F0:4D
Authority key identifier: 1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52
Certificate issuer:       /CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
Certificate serial:       01984BC1AEA6455296ACE7DBEC9CC1BDBF6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
Manifest number:          0259
Signing time:             Sun 27 Jul 2025 12:00:41 +0000
Manifest this update:     Sun 27 Jul 2025 12:00:41 +0000
Manifest next update:     Mon 28 Jul 2025 12:00:41 +0000
Files and hashes:         1: HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl (hash: TH+s/7XFfIszREq6DYsf/xN4Dk5pibvKGaM0AUjzh64=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4b:c1:ae:a6:45:52:96:ac:e7:db:ec:9c:c1:bd:bf:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
        Validity
            Not Before: Jul 27 12:00:41 2025 GMT
            Not After : Jul 28 12:00:41 2025 GMT
        Subject: CN=5ff947568e886c161093beecbe5eec08722cf04d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:86:a8:98:92:51:51:5b:23:9d:98:b4:fb:fd:
                    a5:2d:98:ae:f9:5c:76:59:58:f1:d2:fd:77:44:d9:
                    ba:e8:ca:b5:84:bd:51:87:b7:21:68:69:9a:c1:af:
                    4e:9f:fc:db:88:9a:80:a1:56:80:07:ad:49:d1:35:
                    5e:6f:25:90:24:25:5e:3e:6e:15:24:11:67:ec:81:
                    1b:d4:3b:66:3b:7f:1c:c7:ac:87:1b:05:30:43:97:
                    65:f7:40:30:30:9b:a5:cb:98:d0:c0:ca:16:f6:dc:
                    81:c5:da:da:8d:95:d2:3f:df:db:43:49:93:2a:f0:
                    b5:87:62:b5:19:39:ac:b6:62:5e:47:b0:b0:0c:27:
                    33:57:61:1b:69:1b:11:ee:fc:bb:9a:2e:89:b0:8e:
                    1d:8c:a7:a9:af:f3:16:d4:9c:ad:d7:e3:33:05:f3:
                    da:54:02:df:20:b7:bc:df:b4:98:f5:c3:a4:b8:6a:
                    50:28:f1:0e:c3:d2:c1:42:f8:1e:3a:f5:f4:73:bf:
                    dc:3e:30:c7:c8:a5:0b:68:c6:fe:86:2d:fe:a0:2b:
                    d0:b0:ac:f7:b6:ef:fe:03:97:ae:67:d6:40:b1:7c:
                    4e:3d:54:2f:25:dd:25:3c:c8:d3:3a:7d:62:e9:c4:
                    b4:f1:21:3b:18:f1:24:53:c7:13:6f:9b:05:ec:3f:
                    46:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:F9:47:56:8E:88:6C:16:10:93:BE:EC:BE:5E:EC:08:72:2C:F0:4D
            X509v3 Authority Key Identifier:
                keyid:1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:75:cc:e9:16:b3:90:b2:3f:67:ff:cf:45:f6:8a:4f:76:4a:
         fa:12:15:ce:f1:b1:f3:94:bc:d2:64:41:a2:f6:8c:35:6d:71:
         0c:07:f4:d9:e6:48:83:c1:88:ba:76:c7:2d:dd:c6:32:da:ff:
         94:fd:64:8f:10:61:54:29:98:6c:45:74:4f:e5:91:91:05:bb:
         91:a4:46:f2:f2:f1:ec:89:0c:97:97:c0:0d:dc:5c:79:a4:74:
         6f:85:b6:f8:6c:6d:7b:63:a4:68:6a:3b:9c:ee:4e:47:f4:c2:
         18:3d:26:d2:c7:6a:fe:5c:82:65:a3:48:cb:91:87:87:c8:80:
         fd:3f:61:51:2f:12:f7:f2:27:63:bf:26:34:7f:de:9f:66:5e:
         cf:d8:98:68:3d:e6:62:d7:27:41:61:55:04:d0:79:f2:ea:6f:
         a0:6b:eb:43:e5:82:5a:97:ea:76:32:de:d6:ce:5a:fe:34:4c:
         27:08:eb:c1:d6:d6:98:bf:b6:2e:8f:37:4c:24:a8:6c:ba:4c:
         0f:4a:0e:a6:4b:94:15:4f:05:e5:2d:67:9e:70:9a:91:51:d6:
         a4:75:48:d3:1a:bc:5a:6f:44:eb:6b:7b:c3:e5:91:28:e7:3f:
         c8:d3:41:14:fd:74:79:91:fe:b5:0f:28:a0:ac:5f:9c:00:59:
         4b:9f:fc:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLwa6mRVKWrOfb7JzBvb9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDJlNzhhMDk3ZjI5MGZjMmZjYWY1ZDljN2Q4OGZjYzg3
YmQ0NTIwHhcNMjUwNzI3MTIwMDQxWhcNMjUwNzI4MTIwMDQxWjAzMTEwLwYDVQQD
Eyg1ZmY5NDc1NjhlODg2YzE2MTA5M2JlZWNiZTVlZWMwODcyMmNmMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoaomJJRUVsjnZi0+/2lLZiu+Vx2
WVjx0v13RNm66Mq1hL1Rh7chaGmawa9On/zbiJqAoVaAB61J0TVebyWQJCVePm4V
JBFn7IEb1DtmO38cx6yHGwUwQ5dl90AwMJuly5jQwMoW9tyBxdrajZXSP9/bQ0mT
KvC1h2K1GTmstmJeR7CwDCczV2EbaRsR7vy7mi6JsI4djKepr/MW1Jyt1+MzBfPa
VALfILe837SY9cOkuGpQKPEOw9LBQvgeOvX0c7/cPjDHyKULaMb+hi3+oCvQsKz3
tu/+A5euZ9ZAsXxOPVQvJd0lPMjTOn1i6cS08SE7GPEkU8cTb5sF7D9GywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/5R1aOiGwWEJO+7L5e7AhyLPBNMB8GA1UdIwQY
MBaAFBzS54oJfykPwvyvXZx9iPzIe9RSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWIt
MDZjMGYyYTE3NTdmLzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWItMDZjMGYyYTE3NTdm
LzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgHXM6Raz
kLI/Z//PRfaKT3ZK+hIVzvGx85S80mRBovaMNW1xDAf02eZIg8GIunbHLd3GMtr/
lP1kjxBhVCmYbEV0T+WRkQW7kaRG8vLx7IkMl5fADdxceaR0b4W2+Gxte2OkaGo7
nO5OR/TCGD0m0sdq/lyCZaNIy5GHh8iA/T9hUS8S9/InY78mNH/en2Zez9iYaD3m
YtcnQWFVBNB58upvoGvrQ+WCWpfqdjLe1s5a/jRMJwjrwdbWmL+2Lo83TCSobLpM
D0oOpkuUFU8F5S1nnnCakVHWpHVI0xq8Wm9E62t7w+WRKOc/yNNBFP10eZH+tQ8o
oKxfnABZS5/8mw==
-----END CERTIFICATE-----