Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
File:                     HFGW3tW6XWhucJXG1cY4xrj4uto.mft (raw, json)
Hash identifier:          2jDjq8ngevUiQdYHmhYScK3YLRt7j/O8yK+Cx+svHiA=
Subject key identifier:   57:72:B6:C1:96:69:FC:C4:8D:7B:6E:E8:2B:02:EA:98:07:C5:EE:34
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Certificate issuer:       /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial:       0198439A87022A4093F7C2E00A386F7097D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
Manifest number:          0F43
Signing time:             Fri 25 Jul 2025 22:00:57 +0000
Manifest this update:     Fri 25 Jul 2025 22:00:57 +0000
Manifest next update:     Sat 26 Jul 2025 22:00:57 +0000
Files and hashes:         1: HFGW3tW6XWhucJXG1cY4xrj4uto.crl (hash: ZL5MWqBm47qKv7XwN1ZpACuyE3QRtQZQmGZfLW+0t2k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 26 Jul 2025 21:50:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:43:9a:87:02:2a:40:93:f7:c2:e0:0a:38:6f:70:97:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
        Validity
            Not Before: Jul 25 22:00:57 2025 GMT
            Not After : Jul 26 22:00:57 2025 GMT
        Subject: CN=5772b6c19669fcc48d7b6ee82b02ea9807c5ee34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:18:3a:44:7d:f9:b0:62:9d:75:a9:a4:28:06:
                    cd:d2:88:70:08:a9:66:ab:dc:61:55:c5:55:ce:06:
                    2b:ac:96:f1:2e:cf:95:51:c6:bf:36:08:f7:cd:c4:
                    59:9c:a5:b4:4b:29:09:0e:b7:22:1e:da:13:a8:76:
                    7b:4c:4a:86:e5:72:1b:eb:aa:49:90:94:23:e6:5c:
                    14:e9:41:75:e5:60:7e:30:a7:48:07:72:ae:d0:87:
                    2f:0e:c8:84:ab:34:c8:3c:52:9c:71:7c:fd:1b:b4:
                    4e:4e:6f:c8:a5:61:df:08:ba:b2:0f:0c:cd:c9:2a:
                    61:8a:cc:1a:76:91:54:b0:d9:9d:2e:84:b8:1a:e3:
                    56:2b:37:e6:dc:67:13:d0:62:b2:84:04:80:e2:77:
                    b2:77:4a:73:6a:2e:bf:53:51:d7:ee:40:51:24:f7:
                    ca:a8:cc:3b:a9:33:0d:62:aa:6b:c7:4f:2f:4f:7d:
                    10:fc:47:90:8a:ee:5e:84:92:9c:35:28:ae:69:06:
                    9d:57:6f:2c:fa:0d:e9:52:e5:a3:cb:3e:6f:87:38:
                    21:a0:97:58:1b:ea:40:d9:e2:34:ad:da:8d:9a:c1:
                    ed:ac:81:4a:8d:f0:e9:c6:42:65:89:66:8f:ff:63:
                    f3:8c:7e:57:70:e7:18:77:05:fb:12:28:db:94:18:
                    a3:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:72:B6:C1:96:69:FC:C4:8D:7B:6E:E8:2B:02:EA:98:07:C5:EE:34
            X509v3 Authority Key Identifier:
                keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:0b:af:ed:47:82:87:6e:18:b6:6b:4c:06:f8:ff:23:d4:0a:
         06:6e:6b:45:d1:f2:eb:bb:92:2d:d4:1b:5e:63:e2:e9:ab:4e:
         f7:64:13:dc:30:f2:91:c3:3e:71:21:cc:e1:e7:c6:c0:8f:74:
         9f:0c:4e:44:54:15:20:d5:00:74:59:b1:24:99:24:1f:c1:fe:
         68:a1:f9:f7:61:83:26:b1:59:47:8e:61:59:20:5c:a5:bd:37:
         c7:96:eb:16:dc:71:b7:33:05:9e:9d:b5:68:a4:be:d0:18:14:
         6a:52:91:0b:b5:29:f4:03:3b:4e:15:a6:5a:70:d0:cb:3a:d5:
         2b:8e:33:79:ed:17:e8:96:74:ec:38:f4:95:a4:1e:a8:f3:58:
         a9:35:58:6c:ab:21:c3:3d:e5:2a:e6:34:75:97:51:02:5f:90:
         fd:73:1b:74:d1:83:3c:64:69:d9:7f:67:4d:24:85:e4:7d:6b:
         7d:bf:be:26:9a:96:5a:51:29:ac:27:17:58:05:37:8e:02:a0:
         8a:aa:af:da:aa:92:a9:f8:38:d9:e7:bb:cd:4a:86:dc:33:2f:
         cd:2e:0f:ca:ad:a8:c6:f5:fe:14:6d:85:f7:0d:7c:da:57:51:
         7c:ab:a0:13:93:f0:8c:c4:4c:8a:1b:0e:2d:8c:56:79:ec:d3:
         67:6a:01:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhDmocCKkCT98LgCjhvcJfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjUwNzI1MjIwMDU3WhcNMjUwNzI2MjIwMDU3WjAzMTEwLwYDVQQD
Eyg1NzcyYjZjMTk2NjlmY2M0OGQ3YjZlZTgyYjAyZWE5ODA3YzVlZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hg6RH35sGKddamkKAbN0ohwCKlm
q9xhVcVVzgYrrJbxLs+VUca/Ngj3zcRZnKW0SykJDrciHtoTqHZ7TEqG5XIb66pJ
kJQj5lwU6UF15WB+MKdIB3Ku0IcvDsiEqzTIPFKccXz9G7ROTm/IpWHfCLqyDwzN
ySphiswadpFUsNmdLoS4GuNWKzfm3GcT0GKyhASA4neyd0pzai6/U1HX7kBRJPfK
qMw7qTMNYqprx08vT30Q/EeQiu5ehJKcNSiuaQadV28s+g3pUuWjyz5vhzghoJdY
G+pA2eI0rdqNmsHtrIFKjfDpxkJliWaP/2PzjH5XcOcYdwX7EijblBij5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdytsGWafzEjXtu6CsC6pgHxe40MB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOwuv7UeC
h24YtmtMBvj/I9QKBm5rRdHy67uSLdQbXmPi6atO92QT3DDykcM+cSHM4efGwI90
nwxORFQVINUAdFmxJJkkH8H+aKH592GDJrFZR45hWSBcpb03x5brFtxxtzMFnp21
aKS+0BgUalKRC7Up9AM7ThWmWnDQyzrVK44zee0X6JZ07Dj0laQeqPNYqTVYbKsh
wz3lKuY0dZdRAl+Q/XMbdNGDPGRp2X9nTSSF5H1rfb++JpqWWlEprCcXWAU3jgKg
iqqv2qqSqfg42ee7zUqG3DMvzS4Pyq2oxvX+FG2F9w182ldRfKugE5PwjMRMihsO
LYxWeezTZ2oBlQ==
-----END CERTIFICATE-----