Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
File:                     HNuFgmJdF7G8uuE_xt20OruV0v4.mft (raw, json)
Hash identifier:          9uzSCKy6Ba+aapfYomXcunDWgdESBJOrCeT4+fq6Y34=
Subject key identifier:   D7:1B:FF:D9:74:4E:86:46:49:92:E8:89:A9:80:53:94:23:6B:B9:81
Authority key identifier: 1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE
Certificate issuer:       /CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
Certificate serial:       01974F3384F8A4871A37D26E0D41FBEBFAF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
Manifest number:          013C
Signing time:             Sun 08 Jun 2025 11:01:05 +0000
Manifest this update:     Sun 08 Jun 2025 11:01:05 +0000
Manifest next update:     Mon 09 Jun 2025 11:01:05 +0000
Files and hashes:         1: HNuFgmJdF7G8uuE_xt20OruV0v4.crl (hash: Me+I9RjDeHdmI+88bil1BVGeJ2BAqtGzL7D6rOXMV34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 11:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:33:84:f8:a4:87:1a:37:d2:6e:0d:41:fb:eb:fa:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
        Validity
            Not Before: Jun  8 11:01:05 2025 GMT
            Not After : Jun  9 11:01:05 2025 GMT
        Subject: CN=d71bffd9744e86464992e889a9805394236bb981
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:55:53:d6:8d:0e:d6:58:bc:ec:8d:15:48:da:
                    4b:c4:45:7e:a0:75:4a:e2:cd:c6:d7:67:60:99:eb:
                    fd:b3:bf:e2:6b:ff:c7:e1:30:e1:19:39:60:c7:ac:
                    34:a5:84:c1:50:15:b1:c4:c6:23:0c:36:f0:ad:31:
                    76:24:ce:74:f5:b7:e3:7b:cc:6c:f5:7e:f2:76:a6:
                    a3:f9:d9:3f:43:3a:57:c5:69:28:63:09:06:5d:33:
                    36:74:76:3f:b9:6b:cb:6e:b8:d2:a4:2c:67:5a:1f:
                    9f:34:c0:03:86:d1:3b:ce:78:44:4b:bf:fb:84:12:
                    31:fe:09:59:da:1a:a8:8e:2c:05:77:15:63:f4:d1:
                    bb:36:5f:5a:6f:c0:f2:6d:a5:7f:46:f8:2b:b1:3c:
                    33:39:88:bc:cd:4e:f6:04:fc:28:21:2d:df:e0:dc:
                    a5:19:82:57:fe:3b:77:20:08:e8:51:5d:3a:f5:c3:
                    86:7f:af:71:a4:97:ec:1c:b6:f3:e8:0a:f1:7a:41:
                    9d:f3:4e:32:00:b6:dd:41:76:27:fc:a7:72:93:d6:
                    bc:74:90:77:32:31:76:a4:90:cd:83:95:a3:77:f6:
                    ac:30:4a:19:b7:5c:22:19:87:e9:f4:57:de:81:e8:
                    29:e6:61:58:03:31:63:bd:4e:38:da:91:32:d0:02:
                    b5:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:1B:FF:D9:74:4E:86:46:49:92:E8:89:A9:80:53:94:23:6B:B9:81
            X509v3 Authority Key Identifier:
                keyid:1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:ab:a9:34:ad:63:2e:36:d6:3d:44:4d:19:c2:d4:f5:4a:e4:
         cd:31:67:a6:de:84:fa:4e:85:fb:51:d7:22:89:42:04:12:b9:
         2a:a1:f5:62:d2:48:b4:cb:b7:f0:de:db:90:b1:fa:0e:8b:da:
         80:94:63:35:29:ce:e1:c1:38:3f:d1:22:b0:76:a5:fc:ae:d6:
         e8:0a:78:2f:bd:7a:3a:a9:9f:ea:94:1c:80:67:ad:3d:cb:6d:
         5f:78:29:4a:b4:42:2d:4a:6d:21:66:7b:9d:e1:ab:bf:2a:76:
         3d:a0:de:12:22:54:cd:de:c2:1e:78:67:a0:ae:f4:46:d3:62:
         31:39:2b:1c:17:d2:99:37:5b:e8:e3:9f:09:74:25:1e:21:0f:
         61:c9:9a:6d:09:00:3d:75:eb:c9:9b:91:a1:a1:4e:60:cd:9e:
         1f:bc:c0:20:14:58:27:25:7b:76:11:ff:6a:e9:c7:c2:55:f6:
         dc:a9:f9:2a:7b:d6:dc:52:a2:33:40:6b:8e:51:48:0f:3e:69:
         80:64:dd:18:7f:33:65:8d:2b:f2:c0:e3:c5:ea:11:19:d2:ac:
         54:55:a6:7d:02:4f:71:84:9e:cf:11:83:50:88:e3:31:a0:ba:
         ee:a0:73:f7:6d:00:27:ac:b4:f7:ad:e0:57:57:18:35:14:48:
         d3:f1:ce:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdPM4T4pIcaN9JuDUH76/r3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGI4NTgyNjI1ZDE3YjFiY2JhZTEzZmM2ZGRiNDNhYmI5
NWQyZmUwHhcNMjUwNjA4MTEwMTA1WhcNMjUwNjA5MTEwMTA1WjAzMTEwLwYDVQQD
EyhkNzFiZmZkOTc0NGU4NjQ2NDk5MmU4ODlhOTgwNTM5NDIzNmJiOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1VT1o0O1li87I0VSNpLxEV+oHVK
4s3G12dgmev9s7/ia//H4TDhGTlgx6w0pYTBUBWxxMYjDDbwrTF2JM509bfje8xs
9X7ydqaj+dk/QzpXxWkoYwkGXTM2dHY/uWvLbrjSpCxnWh+fNMADhtE7znhES7/7
hBIx/glZ2hqojiwFdxVj9NG7Nl9ab8DybaV/RvgrsTwzOYi8zU72BPwoIS3f4Nyl
GYJX/jt3IAjoUV069cOGf69xpJfsHLbz6ArxekGd804yALbdQXYn/Kdyk9a8dJB3
MjF2pJDNg5Wjd/asMEoZt1wiGYfp9Ffegegp5mFYAzFjvU442pEy0AK1kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcb/9l0ToZGSZLoiamAU5Qja7mBMB8GA1UdIwQY
MBaAFBzbhYJiXRexvLrhP8bdtDq7ldL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDct
NDVmYmE1Yzk3NTkzLzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDctNDVmYmE1Yzk3NTkz
LzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAaupNK1j
LjbWPURNGcLU9UrkzTFnpt6E+k6F+1HXIolCBBK5KqH1YtJItMu38N7bkLH6Dova
gJRjNSnO4cE4P9EisHal/K7W6Ap4L716Oqmf6pQcgGetPcttX3gpSrRCLUptIWZ7
neGrvyp2PaDeEiJUzd7CHnhnoK70RtNiMTkrHBfSmTdb6OOfCXQlHiEPYcmabQkA
PXXryZuRoaFOYM2eH7zAIBRYJyV7dhH/aunHwlX23Kn5KnvW3FKiM0BrjlFIDz5p
gGTdGH8zZY0r8sDjxeoRGdKsVFWmfQJPcYSezxGDUIjjMaC67qBz920AJ6y0963g
V1cYNRRI0/HOIg==
-----END CERTIFICATE-----