Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
File:                     hhiHKrn6K6AssBpEzo64dkEoHBw.mft (raw, json)
Hash identifier:          7kKkxfD4vsaaCiGBH2zJrieDl9AWaFZDmEdIrj5Sjbs=
Subject key identifier:   3C:9C:40:7B:2F:72:EE:FB:FF:3C:1E:91:23:A5:48:B4:DA:53:19:D3
Authority key identifier: 86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C
Certificate issuer:       /CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
Certificate serial:       01976F99C309AD191D6399CA225C1DE63F42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
Manifest number:          052F
Signing time:             Sat 14 Jun 2025 18:00:36 +0000
Manifest this update:     Sat 14 Jun 2025 18:00:36 +0000
Manifest next update:     Sun 15 Jun 2025 18:00:36 +0000
Files and hashes:         1: hhiHKrn6K6AssBpEzo64dkEoHBw.crl (hash: 7+W+99nvPPeyjktHc1WOJg+uM5o+b2YQgi26SjcGcqE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 18:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:99:c3:09:ad:19:1d:63:99:ca:22:5c:1d:e6:3f:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
        Validity
            Not Before: Jun 14 18:00:36 2025 GMT
            Not After : Jun 15 18:00:36 2025 GMT
        Subject: CN=3c9c407b2f72eefbff3c1e9123a548b4da5319d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:f6:42:df:9e:06:12:87:53:84:5c:fb:8b:8f:
                    aa:dc:1e:ad:54:c2:12:30:05:d9:42:1c:eb:b4:96:
                    e9:41:68:5b:9c:a6:fb:3e:fc:e4:21:ca:7c:83:6e:
                    4f:01:b6:0d:9c:e8:6e:8b:5e:4d:6c:09:59:1a:08:
                    80:ad:32:83:95:94:e9:9a:b9:5d:28:cb:27:ce:c9:
                    df:eb:a8:6c:47:2a:7c:71:13:90:41:1a:28:b6:df:
                    da:3c:a6:21:f0:b1:c3:d3:5e:9a:97:51:cf:a8:87:
                    07:11:5d:f1:70:9f:9b:82:b4:1b:0a:a3:89:44:83:
                    f1:33:22:e6:a1:8b:63:ee:26:f4:c3:70:f5:9b:72:
                    f9:d2:eb:9f:0e:67:a2:d4:47:58:6f:ca:79:3a:e4:
                    97:65:37:ba:a2:30:56:ad:67:45:dd:25:47:65:83:
                    3e:66:04:67:38:fb:58:8a:04:00:96:fa:2a:19:11:
                    a6:b6:dc:4b:23:97:69:43:ef:72:fd:26:cc:38:89:
                    9b:1e:61:eb:ab:43:74:2f:1d:a3:ce:cd:e4:85:c6:
                    5c:39:ef:bc:5f:5e:ad:e7:89:cf:f9:58:8a:ba:5a:
                    ca:33:31:10:8d:41:a2:76:50:9a:34:0e:2e:58:6e:
                    0f:39:3b:11:c7:a6:52:fc:6d:64:97:b3:24:e2:83:
                    8b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:9C:40:7B:2F:72:EE:FB:FF:3C:1E:91:23:A5:48:B4:DA:53:19:D3
            X509v3 Authority Key Identifier:
                keyid:86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:df:33:dc:72:8c:07:90:92:13:66:17:0e:64:03:e4:77:70:
         d9:99:d2:ce:f0:ac:0c:40:14:8c:78:f5:e6:13:48:49:63:22:
         7a:80:f3:40:68:c1:db:5b:c3:0b:39:7b:d8:18:64:5d:5a:22:
         96:b4:a8:22:d6:3b:be:3a:5f:73:f9:1d:1b:0e:df:fe:b6:1d:
         fe:69:64:63:87:d4:e4:f0:8c:88:cb:e2:09:83:d0:11:dc:c4:
         a1:c2:51:d9:8e:f8:a0:ed:c0:60:9b:de:1d:2c:05:b5:f8:5c:
         70:2c:42:6a:a7:a4:05:fc:5d:be:3c:ec:ff:2c:e5:cf:da:d8:
         55:fc:13:70:ea:8e:5c:1b:89:34:18:e0:b5:0e:6b:a4:0f:6e:
         c7:ce:e0:9c:43:39:8f:c6:5a:8d:0f:86:23:0c:52:dc:40:8c:
         62:dd:fd:6a:9d:9a:54:f0:48:77:68:1e:7e:ba:f5:ce:9a:55:
         1f:c9:5c:dd:0a:59:90:77:ce:7b:3a:3b:73:23:f4:ee:38:be:
         a0:2e:00:cc:3e:27:5e:bc:58:90:d9:52:87:88:be:0a:c7:31:
         93:19:c2:f9:86:eb:07:74:e1:13:6e:86:1d:3f:30:84:7e:83:
         a0:c1:0d:27:fd:3b:b4:ed:0d:ee:e0:5b:0c:cf:5c:da:5e:be:
         58:0e:ca:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmcMJrRkdY5nKIlwd5j9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTg4NzJhYjlmYTJiYTAyY2IwMWE0NGNlOGViODc2NDEy
ODFjMWMwHhcNMjUwNjE0MTgwMDM2WhcNMjUwNjE1MTgwMDM2WjAzMTEwLwYDVQQD
EygzYzljNDA3YjJmNzJlZWZiZmYzYzFlOTEyM2E1NDhiNGRhNTMxOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfZC354GEodThFz7i4+q3B6tVMIS
MAXZQhzrtJbpQWhbnKb7PvzkIcp8g25PAbYNnOhui15NbAlZGgiArTKDlZTpmrld
KMsnzsnf66hsRyp8cROQQRoott/aPKYh8LHD016al1HPqIcHEV3xcJ+bgrQbCqOJ
RIPxMyLmoYtj7ib0w3D1m3L50uufDmei1EdYb8p5OuSXZTe6ojBWrWdF3SVHZYM+
ZgRnOPtYigQAlvoqGRGmttxLI5dpQ+9y/SbMOImbHmHrq0N0Lx2jzs3khcZcOe+8
X16t54nP+ViKulrKMzEQjUGidlCaNA4uWG4POTsRx6ZS/G1kl7Mk4oOL3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDycQHsvcu77/zwekSOlSLTaUxnTMB8GA1UdIwQY
MBaAFIYYhyq5+iugLLAaRM6OuHZBKBwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMt
YmQ2OWY1MjYxODFiLzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMtYmQ2OWY1MjYxODFi
LzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqN8z3HKM
B5CSE2YXDmQD5Hdw2ZnSzvCsDEAUjHj15hNISWMieoDzQGjB21vDCzl72BhkXVoi
lrSoItY7vjpfc/kdGw7f/rYd/mlkY4fU5PCMiMviCYPQEdzEocJR2Y74oO3AYJve
HSwFtfhccCxCaqekBfxdvjzs/yzlz9rYVfwTcOqOXBuJNBjgtQ5rpA9ux87gnEM5
j8ZajQ+GIwxS3ECMYt39ap2aVPBId2gefrr1zppVH8lc3QpZkHfOezo7cyP07ji+
oC4AzD4nXrxYkNlSh4i+CscxkxnC+YbrB3ThE26GHT8whH6DoMENJ/07tO0N7uBb
DM9c2l6+WA7Kvw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:58:32 2025 by rpki-client