Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
File:                     HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json)
Hash identifier:          5FToB1V7o5Mu7uUF3wBN0a+2c9Fy6Dh00+n56N4aXbw=
Subject key identifier:   10:34:5A:25:B0:45:B6:98:21:AE:E6:41:E9:72:30:DC:01:42:4F:80
Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
Certificate issuer:       /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Certificate serial:       0197654D22BA3F279CFB80E30F8787839231
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
Manifest number:          108A
Signing time:             Thu 12 Jun 2025 18:00:43 +0000
Manifest this update:     Thu 12 Jun 2025 18:00:43 +0000
Manifest next update:     Fri 13 Jun 2025 18:00:43 +0000
Files and hashes:         1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: lrsMKsR6vU8mn/xfi6TpC3kljvYbAOZOEQocAPUspfA=)
                          2: qlhTst1KI05-IXjT0Jjp1aMzFfc.roa (hash: AXRjUWRMdXCLNCZlSVsLAGGspUQ5o0C4cdNp8OmuROM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:4d:22:ba:3f:27:9c:fb:80:e3:0f:87:87:83:92:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
        Validity
            Not Before: Jun 12 18:00:43 2025 GMT
            Not After : Jun 13 18:00:43 2025 GMT
        Subject: CN=10345a25b045b69821aee641e97230dc01424f80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:da:77:87:12:32:a5:4e:4f:dc:f8:09:75:d0:
                    3f:ad:36:d2:86:77:74:bb:c5:dd:60:e4:97:1b:48:
                    26:7b:92:18:0f:7c:3d:c4:55:79:68:f7:f0:ad:b8:
                    f9:cd:6a:9f:d8:b8:4a:73:23:65:65:8c:64:08:20:
                    26:7a:ce:b0:04:a2:f6:42:47:b3:32:a0:ce:2b:9a:
                    67:df:81:a9:12:d3:37:53:f9:9f:1d:e2:bd:fe:ad:
                    fe:c5:95:c6:3a:09:0b:46:f1:8c:58:e9:1b:b8:44:
                    e1:d7:06:0c:71:17:f7:b5:69:5c:d4:76:b7:e3:08:
                    e7:64:1c:66:c6:4c:4d:0e:e2:36:38:33:5b:73:2b:
                    2a:f2:5c:e1:97:60:e8:1c:89:4c:5c:86:6b:b9:da:
                    12:1a:2a:2b:31:52:ba:62:d8:f6:19:e5:04:19:a4:
                    25:53:40:8e:d2:62:f3:f0:09:e0:1f:c7:d7:30:f2:
                    17:22:91:69:38:86:e6:7c:40:ac:7f:9c:aa:5f:e1:
                    85:6c:89:82:22:82:d0:4f:06:00:ee:9a:19:9a:e5:
                    f8:2b:8e:1c:5c:0e:36:f0:aa:96:8b:5a:e1:8c:30:
                    39:39:d8:bf:a6:9d:67:89:67:85:73:4c:0b:12:d8:
                    ca:5b:4f:38:0a:b5:6e:17:c2:9c:64:ba:40:27:8f:
                    d2:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:34:5A:25:B0:45:B6:98:21:AE:E6:41:E9:72:30:DC:01:42:4F:80
            X509v3 Authority Key Identifier:
                keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:78:31:83:5d:b4:0f:7c:43:3b:ae:81:55:91:38:bd:f8:e0:
         54:75:88:1e:5a:d0:da:94:5a:85:08:f3:e2:7b:4c:3b:cd:2a:
         3b:23:0b:69:ee:27:e9:3a:2f:78:f9:6d:13:a9:85:0c:7e:92:
         b1:69:fa:95:a5:e7:6d:38:6b:0d:91:83:f6:00:27:a4:64:04:
         2d:40:71:95:94:d2:94:08:43:bc:ef:9e:47:91:71:76:dc:61:
         4a:90:d9:59:5f:d1:e5:58:14:b4:cd:20:11:05:6c:1a:e3:3e:
         e7:62:7c:1c:53:9a:df:b9:44:c8:59:03:ac:4e:20:25:7b:32:
         2b:3f:19:da:e7:ab:e6:45:52:91:fe:89:7f:17:2a:42:d0:53:
         2b:b4:f3:b5:09:97:b3:ab:5f:26:bd:e3:bb:60:9d:c3:e9:3e:
         eb:c8:b8:6b:83:46:02:b7:2d:50:45:a9:b5:62:a5:66:db:d1:
         80:69:e8:d8:32:5f:c4:7b:7a:d7:8c:c9:f6:65:e6:fb:f6:94:
         34:65:a3:22:17:e1:c8:15:7f:bd:dd:b7:5e:a2:c5:b6:45:80:
         9d:1f:5c:90:4e:43:61:a5:67:fd:97:f8:b6:62:20:b7:84:b2:
         0d:9d:4d:9c:a2:74:a4:e8:c8:31:c8:0f:1b:ac:83:4f:55:61:
         77:10:48:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlTSK6Pyec+4DjD4eHg5IxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0
MTJmMmEwHhcNMjUwNjEyMTgwMDQzWhcNMjUwNjEzMTgwMDQzWjAzMTEwLwYDVQQD
EygxMDM0NWEyNWIwNDViNjk4MjFhZWU2NDFlOTcyMzBkYzAxNDI0ZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdp3hxIypU5P3PgJddA/rTbShnd0
u8XdYOSXG0gme5IYD3w9xFV5aPfwrbj5zWqf2LhKcyNlZYxkCCAmes6wBKL2Qkez
MqDOK5pn34GpEtM3U/mfHeK9/q3+xZXGOgkLRvGMWOkbuETh1wYMcRf3tWlc1Ha3
4wjnZBxmxkxNDuI2ODNbcysq8lzhl2DoHIlMXIZrudoSGiorMVK6Ytj2GeUEGaQl
U0CO0mLz8AngH8fXMPIXIpFpOIbmfECsf5yqX+GFbImCIoLQTwYA7poZmuX4K44c
XA428KqWi1rhjDA5Odi/pp1niWeFc0wLEtjKW084CrVuF8KcZLpAJ4/SJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBA0WiWwRbaYIa7mQelyMNwBQk+AMB8GA1UdIwQY
MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt
ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy
LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoXgxg120
D3xDO66BVZE4vfjgVHWIHlrQ2pRahQjz4ntMO80qOyMLae4n6TovePltE6mFDH6S
sWn6laXnbThrDZGD9gAnpGQELUBxlZTSlAhDvO+eR5FxdtxhSpDZWV/R5VgUtM0g
EQVsGuM+52J8HFOa37lEyFkDrE4gJXsyKz8Z2uer5kVSkf6JfxcqQtBTK7TztQmX
s6tfJr3ju2Cdw+k+68i4a4NGArctUEWptWKlZtvRgGno2DJfxHt614zJ9mXm+/aU
NGWjIhfhyBV/vd23XqLFtkWAnR9ckE5DYaVn/Zf4tmIgt4SyDZ1NnKJ0pOjIMcgP
G6yDT1VhdxBIJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 22:05:56 2025 by rpki-client