Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          ZtjQHVeW4LdF6iY691bpt7Rpi2IKIwJQlLg6F/pxd0Y=
Subject key identifier:   92:E9:5D:9B:EC:1C:FF:11:05:FE:E5:C3:AD:43:C2:07:3D:D3:5C:0A
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       0199221E42E0EB197CF22A2C9DFD6FBE5EDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          166B
Signing time:             Sun 07 Sep 2025 03:00:32 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:32 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:32 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: DpSrSylns4VDjxk8kg3sz6gdvAVJY/QgGu3oIlAYaro=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:42:e0:eb:19:7c:f2:2a:2c:9d:fd:6f:be:5e:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: Sep  7 03:00:32 2025 GMT
            Not After : Sep  8 03:00:32 2025 GMT
        Subject: CN=92e95d9bec1cff1105fee5c3ad43c2073dd35c0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:8e:55:21:58:72:59:e5:4c:c1:05:17:4d:63:
                    39:e4:eb:eb:71:a0:2d:c4:8d:19:7f:7a:e6:c3:5c:
                    d2:1f:78:aa:1d:aa:29:da:0e:40:8a:0f:3c:9d:01:
                    fb:f3:66:95:76:a3:94:cd:d3:f1:85:ed:98:62:bf:
                    96:0b:64:ca:51:65:62:89:0e:48:52:26:b9:94:b3:
                    77:ff:57:22:b2:0b:6f:b2:9f:44:6b:f3:c1:df:cf:
                    54:ec:39:b3:d5:62:12:4a:57:a8:2c:84:6f:69:3a:
                    47:05:c3:67:d8:b1:6b:e1:16:aa:e2:69:ee:0d:ad:
                    e8:91:dd:41:3e:3e:97:53:c5:40:b5:f3:85:79:64:
                    e6:65:db:77:42:e6:18:4e:c4:68:49:d4:5a:43:ec:
                    09:1b:ee:6d:0f:aa:ef:9a:ef:9e:59:c6:f8:4d:a8:
                    13:1c:8a:b7:2d:98:1a:ab:dc:8f:a7:e8:5f:42:c1:
                    ae:ea:0f:46:8a:a4:37:a7:21:8f:c1:a8:3c:3b:07:
                    4a:8a:bf:40:82:36:53:4c:b7:41:cb:25:00:b0:9b:
                    fe:c6:10:fa:54:15:06:80:b3:9f:d7:e1:f9:bb:ba:
                    11:83:08:30:61:a0:97:60:f3:24:47:6b:d5:d7:24:
                    14:0c:59:da:50:bd:92:25:95:99:16:68:f1:4b:b9:
                    c6:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:E9:5D:9B:EC:1C:FF:11:05:FE:E5:C3:AD:43:C2:07:3D:D3:5C:0A
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:2d:a4:c0:66:35:22:4c:0e:fa:01:42:cd:6c:0b:70:cf:e7:
         16:26:47:ec:1d:09:7a:dc:83:7c:b7:e8:9a:e6:87:c7:f8:ac:
         a8:52:c1:8c:c6:ef:9e:c9:50:f9:11:9b:ed:59:c9:b1:f4:31:
         0b:bf:89:15:f1:98:2c:f3:1e:d1:93:59:c7:e7:fe:bb:bc:9f:
         a7:34:60:6e:9c:67:64:92:e0:0d:d9:3a:83:1d:a5:83:0e:c8:
         be:f6:ef:1b:6b:cc:93:ba:d0:67:31:5d:8a:ec:ea:2d:0c:56:
         50:6c:6a:e6:b7:16:76:6e:4a:24:29:17:95:a2:92:fe:50:1a:
         e2:8f:f6:0e:3c:18:64:f6:9f:a6:2b:e3:d7:c4:fd:b8:dd:e4:
         c1:85:e4:d9:76:db:be:76:29:f0:84:9d:73:1d:58:82:b3:51:
         d5:94:22:38:fa:6e:fa:97:f5:94:34:2a:fd:a4:ba:f6:9b:fc:
         15:73:b7:7f:a0:d2:db:72:5c:84:ae:d8:5a:53:3c:b4:29:65:
         54:44:c6:f4:e4:86:d0:6f:b4:31:f1:88:9f:56:86:ba:c6:39:
         3a:1b:1a:dd:d4:86:15:c3:3b:de:82:a7:78:47:d4:4a:f1:6f:
         f5:46:d8:da:4b:7c:43:e9:83:e5:92:68:12:24:5c:a7:cb:38:
         5b:ae:3b:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHkLg6xl88iosnf1vvl7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjUwOTA3MDMwMDMyWhcNMjUwOTA4MDMwMDMyWjAzMTEwLwYDVQQD
Eyg5MmU5NWQ5YmVjMWNmZjExMDVmZWU1YzNhZDQzYzIwNzNkZDM1YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Y5VIVhyWeVMwQUXTWM55OvrcaAt
xI0Zf3rmw1zSH3iqHaop2g5Aig88nQH782aVdqOUzdPxhe2YYr+WC2TKUWViiQ5I
Uia5lLN3/1cisgtvsp9Ea/PB389U7Dmz1WISSleoLIRvaTpHBcNn2LFr4Raq4mnu
Da3okd1BPj6XU8VAtfOFeWTmZdt3QuYYTsRoSdRaQ+wJG+5tD6rvmu+eWcb4TagT
HIq3LZgaq9yPp+hfQsGu6g9GiqQ3pyGPwag8OwdKir9AgjZTTLdByyUAsJv+xhD6
VBUGgLOf1+H5u7oRgwgwYaCXYPMkR2vV1yQUDFnaUL2SJZWZFmjxS7nGTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJLpXZvsHP8RBf7lw61Dwgc901wKMB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFS2kwGY1
IkwO+gFCzWwLcM/nFiZH7B0JetyDfLfomuaHx/isqFLBjMbvnslQ+RGb7VnJsfQx
C7+JFfGYLPMe0ZNZx+f+u7yfpzRgbpxnZJLgDdk6gx2lgw7IvvbvG2vMk7rQZzFd
iuzqLQxWUGxq5rcWdm5KJCkXlaKS/lAa4o/2DjwYZPafpivj18T9uN3kwYXk2Xbb
vnYp8ISdcx1YgrNR1ZQiOPpu+pf1lDQq/aS69pv8FXO3f6DS23JchK7YWlM8tCll
VETG9OSG0G+0MfGIn1aGusY5Ohsa3dSGFcM73oKneEfUSvFv9UbY2kt8Q+mD5ZJo
EiRcp8s4W647Lw==
-----END CERTIFICATE-----