Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
File:                     hhiHKrn6K6AssBpEzo64dkEoHBw.mft (raw, json)
Hash identifier:          yqW9TP2+rU8vKfxaPxCX5a8y8tesD/8spIKlRelC/zc=
Subject key identifier:   4A:77:AF:53:ED:B3:12:A7:EC:91:9A:61:20:F4:91:7C:8A:91:09:89
Authority key identifier: 86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C
Certificate issuer:       /CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
Certificate serial:       0199221E226FFB94737FEAAD0140D2F2561B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
Manifest number:          0610
Signing time:             Sun 07 Sep 2025 03:00:24 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:24 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:24 +0000
Files and hashes:         1: hhiHKrn6K6AssBpEzo64dkEoHBw.crl (hash: jQgQIDChyPCLOombIt4Jsdu7IFvoRcj8RO8ilKovK4E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:22:6f:fb:94:73:7f:ea:ad:01:40:d2:f2:56:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
        Validity
            Not Before: Sep  7 03:00:24 2025 GMT
            Not After : Sep  8 03:00:24 2025 GMT
        Subject: CN=4a77af53edb312a7ec919a6120f4917c8a910989
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:bb:05:51:66:4f:38:27:a5:eb:d1:48:d4:f1:
                    36:61:98:64:81:b3:57:d4:70:58:20:1f:93:bf:bf:
                    f7:c7:2d:3d:77:d8:5c:cf:c8:55:6f:86:27:41:7d:
                    aa:fb:93:c7:d9:fe:5d:ab:92:81:9e:06:1a:f1:21:
                    70:81:ca:58:2c:ac:ae:a6:87:e9:a6:94:1a:9f:9a:
                    a4:36:4b:28:bc:fb:d5:de:9d:41:e3:2e:58:dd:12:
                    b1:40:98:03:3f:66:2c:66:ff:fc:95:d7:be:56:83:
                    da:f1:0e:4a:a5:dc:54:50:34:a5:cc:cb:1d:58:35:
                    5d:c9:0a:89:3f:6f:f9:20:77:62:cd:70:55:f0:8a:
                    eb:73:fe:24:48:0a:ab:d7:99:99:1a:44:80:15:fb:
                    b2:f0:54:63:dd:7a:b7:a7:57:9b:58:cf:19:cb:86:
                    d3:54:f6:24:71:0b:11:3e:a8:c1:57:51:90:41:3a:
                    5d:b1:16:48:b1:89:01:ce:e5:12:8e:ae:bd:b7:3c:
                    2d:af:83:b0:60:91:03:55:bb:62:e6:fb:33:0c:41:
                    fa:46:d4:b6:b2:6b:b1:e3:9a:ed:f8:51:5e:23:81:
                    e8:4d:88:07:c4:4a:30:f9:9d:07:bf:57:a7:44:3c:
                    8f:50:40:60:cf:3e:99:93:4d:2e:a3:90:94:72:28:
                    35:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:77:AF:53:ED:B3:12:A7:EC:91:9A:61:20:F4:91:7C:8A:91:09:89
            X509v3 Authority Key Identifier:
                keyid:86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:11:db:e6:b9:af:de:46:bf:52:c2:fc:78:11:14:ba:5b:21:
         2b:77:0f:8e:81:f7:72:56:5e:5d:b9:1d:17:08:ba:57:fb:34:
         d4:d4:a8:e8:77:70:60:b3:71:86:dd:e2:c8:97:5e:29:e5:a0:
         06:b5:a0:37:a5:64:cf:a2:97:78:4f:29:4a:7a:57:bf:c8:20:
         45:0a:59:6e:05:55:b5:38:b2:2d:1a:47:e8:27:23:f9:bf:57:
         f5:5b:6b:46:64:42:9e:ea:cc:ca:9d:b3:58:e5:dc:08:1c:23:
         d2:b9:12:62:5a:a6:78:26:7e:34:d7:bf:11:71:e0:9d:94:c7:
         56:ef:c8:ca:68:71:b3:0c:23:4f:9a:0e:bc:c4:ba:66:e4:95:
         c3:06:54:a4:36:88:77:39:2f:71:c9:39:7a:41:2b:c1:25:90:
         6e:c4:12:3e:0c:78:6b:c1:25:e1:26:04:ff:72:40:09:d4:84:
         dd:b5:a3:4b:72:6a:c8:0b:f9:fc:ad:d9:d1:3b:ca:57:cf:f3:
         69:49:8a:80:88:e7:70:54:8f:2e:06:9f:a7:5c:66:0f:bf:89:
         ca:a1:68:b8:0f:86:05:ad:30:9d:13:70:e9:22:ec:7a:76:d2:
         86:9a:51:7e:00:0c:5f:fe:9f:a4:1e:95:0f:a7:dc:ef:c8:15:
         7d:5e:c1:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHiJv+5Rzf+qtAUDS8lYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTg4NzJhYjlmYTJiYTAyY2IwMWE0NGNlOGViODc2NDEy
ODFjMWMwHhcNMjUwOTA3MDMwMDI0WhcNMjUwOTA4MDMwMDI0WjAzMTEwLwYDVQQD
Eyg0YTc3YWY1M2VkYjMxMmE3ZWM5MTlhNjEyMGY0OTE3YzhhOTEwOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7sFUWZPOCel69FI1PE2YZhkgbNX
1HBYIB+Tv7/3xy09d9hcz8hVb4YnQX2q+5PH2f5dq5KBngYa8SFwgcpYLKyupofp
ppQan5qkNksovPvV3p1B4y5Y3RKxQJgDP2YsZv/8lde+VoPa8Q5KpdxUUDSlzMsd
WDVdyQqJP2/5IHdizXBV8Irrc/4kSAqr15mZGkSAFfuy8FRj3Xq3p1ebWM8Zy4bT
VPYkcQsRPqjBV1GQQTpdsRZIsYkBzuUSjq69tzwtr4OwYJEDVbti5vszDEH6RtS2
smux45rt+FFeI4HoTYgHxEow+Z0Hv1enRDyPUEBgzz6Zk00uo5CUcig1/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEp3r1PtsxKn7JGaYSD0kXyKkQmJMB8GA1UdIwQY
MBaAFIYYhyq5+iugLLAaRM6OuHZBKBwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMt
YmQ2OWY1MjYxODFiLzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMtYmQ2OWY1MjYxODFi
LzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaBHb5rmv
3ka/UsL8eBEUulshK3cPjoH3clZeXbkdFwi6V/s01NSo6HdwYLNxht3iyJdeKeWg
BrWgN6Vkz6KXeE8pSnpXv8ggRQpZbgVVtTiyLRpH6Ccj+b9X9VtrRmRCnurMyp2z
WOXcCBwj0rkSYlqmeCZ+NNe/EXHgnZTHVu/IymhxswwjT5oOvMS6ZuSVwwZUpDaI
dzkvcck5ekErwSWQbsQSPgx4a8El4SYE/3JACdSE3bWjS3JqyAv5/K3Z0TvKV8/z
aUmKgIjncFSPLgafp1xmD7+JyqFouA+GBa0wnRNw6SLsenbShppRfgAMX/6fpB6V
D6fc78gVfV7BNg==
-----END CERTIFICATE-----