Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
File:                     HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json)
Hash identifier:          rr1ILpDU7S/X9rA2lTOKE75R+90zQ8vdegChf6GHebs=
Subject key identifier:   DB:13:E3:43:53:1D:76:5E:C4:27:0F:EE:4F:49:4D:C5:6E:E1:DE:D0
Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
Certificate issuer:       /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Certificate serial:       01975BA5649C76D4DA3DCEDB0F5BFFC48793
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
Manifest number:          1085
Signing time:             Tue 10 Jun 2025 21:00:55 +0000
Manifest this update:     Tue 10 Jun 2025 21:00:55 +0000
Manifest next update:     Wed 11 Jun 2025 21:00:55 +0000
Files and hashes:         1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: Sg8+wPMwCd5icj373JwoUor3ATY1sTXX6JuLhqYWeI8=)
                          2: qlhTst1KI05-IXjT0Jjp1aMzFfc.roa (hash: AXRjUWRMdXCLNCZlSVsLAGGspUQ5o0C4cdNp8OmuROM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:a5:64:9c:76:d4:da:3d:ce:db:0f:5b:ff:c4:87:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
        Validity
            Not Before: Jun 10 21:00:55 2025 GMT
            Not After : Jun 11 21:00:55 2025 GMT
        Subject: CN=db13e343531d765ec4270fee4f494dc56ee1ded0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:67:51:c0:e6:8a:db:89:75:35:34:7e:79:dc:
                    06:f3:34:34:6c:ff:6d:e1:32:31:7f:55:25:be:27:
                    da:6f:94:a6:84:66:c5:5c:15:bf:0a:f4:c6:7a:8d:
                    8d:96:28:3c:f2:94:6f:3a:04:41:3f:49:3b:95:d3:
                    0a:71:cd:84:56:2d:f2:42:18:5b:cf:23:67:12:2b:
                    09:f5:86:70:f9:c3:d8:42:3c:63:76:d2:23:26:f4:
                    cf:8a:48:78:d7:3a:52:01:04:a2:41:ff:40:0e:51:
                    7f:cf:cd:46:d3:20:39:0e:c7:39:5a:37:a7:f9:a6:
                    37:33:af:af:5d:58:7f:1f:1b:27:a9:d5:d5:24:25:
                    29:09:c8:e6:9d:fc:51:05:1e:f5:f3:41:20:48:44:
                    3f:1e:31:31:40:75:c2:32:56:23:8d:6c:52:4f:d8:
                    45:d6:29:09:fe:a0:66:eb:60:e4:17:0c:99:18:c5:
                    a7:8c:ef:30:dc:49:d2:02:c6:f7:80:f7:45:68:b4:
                    32:3b:91:39:c8:b1:f9:d9:45:96:01:d0:2d:5e:19:
                    c6:73:19:4d:34:3b:8f:b4:a3:fc:bd:63:75:14:f8:
                    06:c7:f4:b9:24:e8:83:af:70:92:40:9a:1e:fc:cb:
                    1e:3e:e5:59:15:28:2e:8a:30:e5:cf:45:f1:9c:2f:
                    a2:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:13:E3:43:53:1D:76:5E:C4:27:0F:EE:4F:49:4D:C5:6E:E1:DE:D0
            X509v3 Authority Key Identifier:
                keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:4d:40:f2:bb:00:92:8e:e8:8d:39:af:02:7b:5c:8f:2c:cd:
         8f:a1:2b:08:55:b5:f4:27:7b:31:c3:e3:b1:ff:5e:f2:69:f2:
         40:ce:c4:1a:39:1b:02:ba:3d:39:be:2c:2a:d6:6c:33:fa:90:
         64:54:71:7f:e5:6c:d3:b5:0f:29:46:7e:84:9d:e2:18:00:48:
         a0:5c:55:bc:6b:92:f9:52:54:49:94:2c:78:0f:dd:12:58:a7:
         b6:45:65:9d:23:ce:fa:b7:bc:c3:42:7b:f5:b1:20:ab:84:45:
         aa:ef:74:c6:4c:e0:b3:d3:47:6d:a3:7b:22:14:72:41:8c:35:
         8d:f3:70:aa:10:02:ff:71:f0:f0:7c:8e:d7:a1:c4:43:8e:7f:
         a6:de:44:ad:32:45:3a:c4:62:37:57:a9:10:d4:a4:fe:12:ec:
         18:66:42:cd:85:12:29:8d:9b:16:b0:2a:40:db:c2:7b:df:57:
         eb:86:7b:da:dc:d6:e9:90:bc:42:94:74:8a:a7:a1:1e:b7:95:
         0c:df:84:d9:17:78:05:5b:22:b2:6a:cc:09:16:63:69:72:a4:
         7a:6d:26:3b:54:05:ef:54:72:3d:e4:9f:fd:84:ef:06:e0:db:
         6a:85:4f:4c:cb:c8:dc:60:7e:42:29:60:27:4b:e6:1b:03:41:
         5a:70:72:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbpWScdtTaPc7bD1v/xIeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0
MTJmMmEwHhcNMjUwNjEwMjEwMDU1WhcNMjUwNjExMjEwMDU1WjAzMTEwLwYDVQQD
EyhkYjEzZTM0MzUzMWQ3NjVlYzQyNzBmZWU0ZjQ5NGRjNTZlZTFkZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWdRwOaK24l1NTR+edwG8zQ0bP9t
4TIxf1Ulvifab5SmhGbFXBW/CvTGeo2Nlig88pRvOgRBP0k7ldMKcc2EVi3yQhhb
zyNnEisJ9YZw+cPYQjxjdtIjJvTPikh41zpSAQSiQf9ADlF/z81G0yA5Dsc5Wjen
+aY3M6+vXVh/HxsnqdXVJCUpCcjmnfxRBR7180EgSEQ/HjExQHXCMlYjjWxST9hF
1ikJ/qBm62DkFwyZGMWnjO8w3EnSAsb3gPdFaLQyO5E5yLH52UWWAdAtXhnGcxlN
NDuPtKP8vWN1FPgGx/S5JOiDr3CSQJoe/MsePuVZFSguijDlz0XxnC+iSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsT40NTHXZexCcP7k9JTcVu4d7QMB8GA1UdIwQY
MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt
ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy
LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaU1A8rsA
ko7ojTmvAntcjyzNj6ErCFW19Cd7McPjsf9e8mnyQM7EGjkbAro9Ob4sKtZsM/qQ
ZFRxf+Vs07UPKUZ+hJ3iGABIoFxVvGuS+VJUSZQseA/dElintkVlnSPO+re8w0J7
9bEgq4RFqu90xkzgs9NHbaN7IhRyQYw1jfNwqhAC/3Hw8HyO16HEQ45/pt5ErTJF
OsRiN1epENSk/hLsGGZCzYUSKY2bFrAqQNvCe99X64Z72tzW6ZC8QpR0iqehHreV
DN+E2Rd4BVsismrMCRZjaXKkem0mO1QF71RyPeSf/YTvBuDbaoVPTMvI3GB+Qilg
J0vmGwNBWnByOg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:37:17 2025 by rpki-client