Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
File:                     HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft (raw, json)
Hash identifier:          Vcw4EwpADdjixw5zH7Np8u0oe8r5cgw9EfRQtPiNNio=
Subject key identifier:   29:57:69:81:04:31:45:3E:77:CF:AA:1D:A3:7A:34:67:B8:30:7F:D6
Authority key identifier: 1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60
Certificate issuer:       /CN=1c1618e04372d9b27f417d229f82614027bc3c60
Certificate serial:       019921B2168A7034615AF07F50745A7757D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
Manifest number:          09CD
Signing time:             Sun 07 Sep 2025 01:02:23 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:23 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:23 +0000
Files and hashes:         1: HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl (hash: kQOAacDDFxWAZqKz8oVFIFRBBW2O58V5fhClRNBys6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b2:16:8a:70:34:61:5a:f0:7f:50:74:5a:77:57:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1618e04372d9b27f417d229f82614027bc3c60
        Validity
            Not Before: Sep  7 01:02:23 2025 GMT
            Not After : Sep  8 01:02:23 2025 GMT
        Subject: CN=295769810431453e77cfaa1da37a3467b8307fd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:bd:be:77:39:bb:6b:b5:4e:03:68:19:23:49:
                    75:21:bb:12:b5:07:50:9a:e0:4f:5b:f3:28:e3:7a:
                    8f:d7:5c:f4:90:49:52:30:b4:30:da:4c:ed:d1:57:
                    e3:6e:e1:2f:e4:b2:d1:99:75:64:f6:e0:16:20:4c:
                    73:d1:79:46:78:be:79:96:52:20:06:45:b3:05:16:
                    2b:6b:11:4b:c4:88:d9:4b:6c:a3:17:1c:46:96:39:
                    cc:2c:62:94:b8:01:2d:99:df:db:1f:96:f6:70:79:
                    39:82:87:a1:c7:7f:c7:9c:2b:bc:91:51:d5:0e:0d:
                    e2:1c:c6:ce:89:43:dc:80:65:d2:ef:37:a9:d0:77:
                    fd:40:63:e6:30:f8:3f:23:0a:79:cb:7f:20:ae:f3:
                    8a:b1:e5:09:6d:15:cc:37:98:99:d3:90:72:7d:9d:
                    20:3a:59:ca:74:0f:8c:fe:16:74:6d:64:15:28:58:
                    36:ae:15:fb:02:9c:20:1e:ff:05:3a:c0:bd:de:b7:
                    3a:16:38:c7:14:63:b6:0d:f4:93:65:71:25:da:60:
                    c6:60:7f:36:35:ee:e8:9a:53:23:50:99:60:c3:54:
                    0c:03:2f:1a:9f:b0:c4:2f:69:0d:63:94:93:28:dc:
                    d9:be:03:5f:dc:4a:ff:98:0a:33:0a:29:9a:df:58:
                    df:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:57:69:81:04:31:45:3E:77:CF:AA:1D:A3:7A:34:67:B8:30:7F:D6
            X509v3 Authority Key Identifier:
                keyid:1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:38:ac:18:c1:26:98:3a:14:e7:9d:bd:c1:b7:f3:20:fa:3f:
         48:80:d4:c9:08:4d:a1:08:5c:57:c3:3c:c9:12:ab:ee:ba:39:
         5e:24:07:80:c0:9d:f1:9c:b5:a3:54:fa:2f:44:78:65:1b:fa:
         90:45:6d:0f:62:40:e9:ed:46:2a:1a:1f:0b:1a:51:17:cf:ad:
         f5:d9:58:e4:da:2f:67:ff:6c:7c:1f:44:ae:84:06:b8:69:20:
         58:47:13:8f:dd:0c:4e:13:e0:0c:7e:13:e9:2c:4c:0e:8f:c7:
         bb:35:fc:17:b4:5f:b6:bf:7a:50:65:f7:82:75:68:ca:0b:80:
         3b:8b:88:a9:b2:22:6d:09:43:99:69:fd:78:61:6d:cb:b5:15:
         af:98:eb:13:24:c6:94:e2:4f:a0:ba:82:9d:86:1d:a2:d4:7a:
         46:75:4e:af:39:41:62:20:b6:a0:c3:24:37:00:bb:a7:21:cf:
         d1:73:b4:28:2a:0f:28:16:14:01:b7:b3:06:00:48:e8:08:c8:
         bc:5a:0a:e8:03:cc:b8:7c:6d:05:c7:31:5f:85:87:25:fb:ac:
         48:c9:30:ec:14:48:32:b0:aa:d2:de:39:7e:ee:22:1f:8b:8f:
         c7:b7:e9:07:7a:45:db:48:f6:8b:2d:ef:fa:7b:f0:3c:a9:82:
         72:bf:df:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhshaKcDRhWvB/UHRad1fUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMTYxOGUwNDM3MmQ5YjI3ZjQxN2QyMjlmODI2MTQwMjdi
YzNjNjAwHhcNMjUwOTA3MDEwMjIzWhcNMjUwOTA4MDEwMjIzWjAzMTEwLwYDVQQD
EygyOTU3Njk4MTA0MzE0NTNlNzdjZmFhMWRhMzdhMzQ2N2I4MzA3ZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyb2+dzm7a7VOA2gZI0l1IbsStQdQ
muBPW/Mo43qP11z0kElSMLQw2kzt0VfjbuEv5LLRmXVk9uAWIExz0XlGeL55llIg
BkWzBRYraxFLxIjZS2yjFxxGljnMLGKUuAEtmd/bH5b2cHk5goehx3/HnCu8kVHV
Dg3iHMbOiUPcgGXS7zep0Hf9QGPmMPg/Iwp5y38grvOKseUJbRXMN5iZ05ByfZ0g
OlnKdA+M/hZ0bWQVKFg2rhX7ApwgHv8FOsC93rc6FjjHFGO2DfSTZXEl2mDGYH82
Ne7omlMjUJlgw1QMAy8an7DEL2kNY5STKNzZvgNf3Er/mAozCima31jfEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClXaYEEMUU+d8+qHaN6NGe4MH/WMB8GA1UdIwQY
MBaAFBwWGOBDctmyf0F9Ip+CYUAnvDxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2Qt
YTM5NWFiMzVkOGVhLzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2QtYTM5NWFiMzVkOGVh
LzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApzisGMEm
mDoU5529wbfzIPo/SIDUyQhNoQhcV8M8yRKr7ro5XiQHgMCd8Zy1o1T6L0R4ZRv6
kEVtD2JA6e1GKhofCxpRF8+t9dlY5NovZ/9sfB9EroQGuGkgWEcTj90MThPgDH4T
6SxMDo/HuzX8F7Rftr96UGX3gnVoyguAO4uIqbIibQlDmWn9eGFty7UVr5jrEyTG
lOJPoLqCnYYdotR6RnVOrzlBYiC2oMMkNwC7pyHP0XO0KCoPKBYUAbezBgBI6AjI
vFoK6APMuHxtBccxX4WHJfusSMkw7BRIMrCq0t45fu4iH4uPx7fpB3pF20j2iy3v
+nvwPKmCcr/fvA==
-----END CERTIFICATE-----