Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
File:                     hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft (raw, json)
Hash identifier:          htul2FMyb8s4HnhOq1Mhnv7bD6Pf1qTDrrsqGXo6rt4=
Subject key identifier:   75:33:38:5B:56:D9:CE:83:2A:9A:1F:13:07:F2:E2:67:3A:2C:36:AE
Authority key identifier: 85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C
Certificate issuer:       /CN=856350305f11387500f03c5a06ff73aa13592f1c
Certificate serial:       019748FA14CE1AA6DA0C48DEABC2A50F76A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 06:00:38 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:38 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:38 +0000
Files and hashes:         1: hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl (hash: vsLElrb5mYkRq7VPErO1j32gzTNo41fqeyEzJOatvqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:14:ce:1a:a6:da:0c:48:de:ab:c2:a5:0f:76:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=856350305f11387500f03c5a06ff73aa13592f1c
        Validity
            Not Before: Jun  7 06:00:38 2025 GMT
            Not After : Jun  8 06:00:38 2025 GMT
        Subject: CN=7533385b56d9ce832a9a1f1307f2e2673a2c36ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:ce:b2:f9:9e:1f:85:0c:7a:c1:19:27:ea:52:
                    f6:6d:48:74:c3:af:38:1f:62:eb:1e:50:48:7a:b5:
                    60:d4:61:7e:23:ae:d9:a4:9d:b3:4e:c4:1a:16:58:
                    47:04:ce:e8:9f:a0:76:8b:75:d4:e8:c7:0e:c1:1c:
                    da:9e:d5:23:82:78:a7:a4:f6:31:1f:33:a7:30:6d:
                    d9:4f:1e:2b:31:a3:bb:5d:19:18:f0:07:b0:bf:57:
                    3c:cf:30:71:66:62:cd:07:c9:0d:70:73:b8:05:ed:
                    95:6e:eb:87:ed:f7:ce:2d:0c:12:c3:30:a9:db:78:
                    1d:0c:27:ba:7a:39:a8:d6:cc:51:e9:6f:dc:ea:65:
                    8a:7d:f9:d9:c8:80:20:44:c9:bb:93:85:fa:4f:8e:
                    22:45:36:c4:df:3e:55:7f:ae:2a:45:35:e7:52:19:
                    04:82:f5:53:86:62:8e:3d:55:a3:5a:a1:2d:ad:06:
                    67:14:9c:af:3b:f2:7f:38:23:d0:73:e0:92:81:23:
                    27:10:87:1f:e3:a8:b7:5d:a7:bd:e4:bb:ad:ae:07:
                    2b:cf:02:88:c3:3a:da:f9:04:75:18:70:c4:1d:50:
                    e8:d6:4b:d5:5d:a0:bf:7c:1f:90:e6:b6:38:97:43:
                    67:97:64:14:17:05:11:ff:01:30:2f:dc:66:70:58:
                    6a:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:33:38:5B:56:D9:CE:83:2A:9A:1F:13:07:F2:E2:67:3A:2C:36:AE
            X509v3 Authority Key Identifier:
                keyid:85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:89:b6:fa:7e:f6:7d:6b:71:3f:9d:4f:cc:30:b4:c6:aa:b5:
         80:25:80:a7:26:ba:37:89:81:91:a3:ee:6c:30:ed:97:00:4c:
         b0:46:ad:dd:d5:ee:ea:04:0a:86:55:c7:39:3b:ed:95:f8:15:
         04:ab:cf:24:d2:99:1a:0f:27:76:dd:7b:90:82:dd:20:0f:3e:
         91:91:86:4f:b3:43:35:ab:39:9e:a2:86:2e:88:c8:18:f7:f9:
         cc:ab:41:29:bd:a9:22:2c:32:a0:97:14:6b:fd:8c:2d:1c:d5:
         88:c0:60:ec:8c:c6:32:82:16:f9:54:26:5e:2d:bb:77:62:c0:
         ee:8e:1b:58:ee:f5:cc:67:31:c7:df:61:ef:ad:ce:d9:d1:38:
         58:3b:c5:b8:fd:64:97:20:f5:fb:56:cf:e4:b9:8b:a6:a2:80:
         26:b8:41:c8:c7:55:53:d9:86:bd:0b:d7:4b:34:aa:bd:cc:20:
         90:7d:08:34:a7:a3:da:f7:d4:bb:12:3b:72:04:69:f3:43:f0:
         65:17:da:70:c8:d8:bf:8a:fc:c4:3c:b6:00:38:67:eb:2d:f6:
         7d:18:57:e8:95:0a:a4:a9:76:97:1e:62:be:f6:56:73:88:f4:
         65:8f:e2:28:1e:13:25:8d:e9:05:7a:97:9c:fb:15:9a:2b:b9:
         71:86:38:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+hTOGqbaDEjeq8KlD3aiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjM1MDMwNWYxMTM4NzUwMGYwM2M1YTA2ZmY3M2FhMTM1
OTJmMWMwHhcNMjUwNjA3MDYwMDM4WhcNMjUwNjA4MDYwMDM4WjAzMTEwLwYDVQQD
Eyg3NTMzMzg1YjU2ZDljZTgzMmE5YTFmMTMwN2YyZTI2NzNhMmMzNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA386y+Z4fhQx6wRkn6lL2bUh0w684
H2LrHlBIerVg1GF+I67ZpJ2zTsQaFlhHBM7on6B2i3XU6McOwRzantUjgninpPYx
HzOnMG3ZTx4rMaO7XRkY8Aewv1c8zzBxZmLNB8kNcHO4Be2VbuuH7ffOLQwSwzCp
23gdDCe6ejmo1sxR6W/c6mWKffnZyIAgRMm7k4X6T44iRTbE3z5Vf64qRTXnUhkE
gvVThmKOPVWjWqEtrQZnFJyvO/J/OCPQc+CSgSMnEIcf46i3Xae95LutrgcrzwKI
wzra+QR1GHDEHVDo1kvVXaC/fB+Q5rY4l0Nnl2QUFwUR/wEwL9xmcFhqxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHUzOFtW2c6DKpofEwfy4mc6LDauMB8GA1UdIwQY
MBaAFIVjUDBfETh1APA8Wgb/c6oTWS8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTct
ZWNlYzFiMmVkYjU5LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTctZWNlYzFiMmVkYjU5
LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA4m2+n72
fWtxP51PzDC0xqq1gCWApya6N4mBkaPubDDtlwBMsEat3dXu6gQKhlXHOTvtlfgV
BKvPJNKZGg8ndt17kILdIA8+kZGGT7NDNas5nqKGLojIGPf5zKtBKb2pIiwyoJcU
a/2MLRzViMBg7IzGMoIW+VQmXi27d2LA7o4bWO71zGcxx99h763O2dE4WDvFuP1k
lyD1+1bP5LmLpqKAJrhByMdVU9mGvQvXSzSqvcwgkH0INKej2vfUuxI7cgRp80Pw
ZRfacMjYv4r8xDy2ADhn6y32fRhX6JUKpKl2lx5ivvZWc4j0ZY/iKB4TJY3pBXqX
nPsVmiu5cYY42g==
-----END CERTIFICATE-----