Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft
File:                     Hrq0DWCBM83fdsO1pvgV34H7x90.mft (raw, json)
Hash identifier:          +fRJjcIQVQGuUr6GCTkA67ff7bfzQ14BccQwC0etddM=
Subject key identifier:   12:1D:8B:9E:97:53:76:B1:C8:CB:78:66:4F:28:8E:91:A2:A4:C9:0A
Authority key identifier: 1E:BA:B4:0D:60:81:33:CD:DF:76:C3:B5:A6:F8:15:DF:81:FB:C7:DD
Certificate issuer:       /CN=1ebab40d608133cddf76c3b5a6f815df81fbc7dd
Certificate serial:       01976817258B95F5D243D8DB0D9250623DB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hrq0DWCBM83fdsO1pvgV34H7x90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft
Manifest number:          D7
Signing time:             Fri 13 Jun 2025 07:00:36 +0000
Manifest this update:     Fri 13 Jun 2025 07:00:36 +0000
Manifest next update:     Sat 14 Jun 2025 07:00:36 +0000
Files and hashes:         1: Hrq0DWCBM83fdsO1pvgV34H7x90.crl (hash: 78buD7jJdNY3WkjeFIkA3uyFEO1oti+981vfoME0Opk=)
                          2: dOirMHERf2S7XaVhDBj8pRwQyLU.roa (hash: RUHnPEXdDgz2x6FeuZ8yiEPV6rqAxw/OAxkwBlLK73U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hrq0DWCBM83fdsO1pvgV34H7x90.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:17:25:8b:95:f5:d2:43:d8:db:0d:92:50:62:3d:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebab40d608133cddf76c3b5a6f815df81fbc7dd
        Validity
            Not Before: Jun 13 07:00:36 2025 GMT
            Not After : Jun 14 07:00:36 2025 GMT
        Subject: CN=121d8b9e975376b1c8cb78664f288e91a2a4c90a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:5a:5e:13:ae:5d:06:a7:17:84:99:96:09:d8:
                    ee:f5:e9:c4:df:a2:d7:72:17:0a:37:43:da:17:17:
                    e1:61:f5:78:2a:df:04:51:27:c9:36:3f:a3:d7:1d:
                    6c:f8:4a:68:44:47:83:25:d7:e5:24:57:66:9c:b8:
                    29:2e:7d:0f:da:08:bb:01:8a:34:d0:3f:d2:3f:b9:
                    61:ee:3f:82:f8:ac:19:25:aa:31:12:34:9e:7c:3f:
                    bb:e6:fa:2a:15:21:a3:93:b5:25:2d:9b:6c:91:32:
                    cc:13:10:55:6e:08:cb:ea:73:b3:17:86:62:c8:a8:
                    f8:05:19:80:96:0a:09:24:ed:bc:9e:ed:af:4b:3c:
                    bf:f9:a8:7e:7b:5e:d6:d9:d6:26:da:9e:ea:08:98:
                    09:c3:b3:6d:ee:50:a3:22:7f:02:e3:4e:ce:fd:70:
                    81:8d:e6:f0:66:09:bc:fa:56:fe:2f:56:bb:41:86:
                    82:61:e9:7f:ea:e0:07:be:d7:64:eb:31:7e:a7:ef:
                    1e:38:ea:c9:c0:97:e8:dd:10:a8:ce:d5:da:ab:e1:
                    34:df:c7:ae:7e:de:0b:02:f0:b4:75:7d:6e:a3:af:
                    42:57:8e:7d:9c:97:09:bf:24:b6:62:c4:c3:04:3e:
                    b7:74:e3:14:9e:cc:ab:fc:84:b0:9f:57:f0:b3:41:
                    16:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:1D:8B:9E:97:53:76:B1:C8:CB:78:66:4F:28:8E:91:A2:A4:C9:0A
            X509v3 Authority Key Identifier:
                keyid:1E:BA:B4:0D:60:81:33:CD:DF:76:C3:B5:A6:F8:15:DF:81:FB:C7:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hrq0DWCBM83fdsO1pvgV34H7x90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:22:e5:af:c9:7e:d7:98:d1:a9:b8:52:a0:26:58:5a:48:1f:
         2a:ac:ae:bd:a9:d3:57:99:b1:38:88:c1:3a:c0:07:bb:31:a0:
         f2:de:6a:82:bb:c6:fe:2c:4c:24:a9:39:da:c6:df:7c:5d:66:
         1c:f9:71:dd:0f:9a:54:72:8f:2f:b0:50:cb:ee:6a:8c:12:de:
         0f:8a:cc:54:c9:04:75:b9:36:74:92:a6:b1:eb:40:96:d9:c5:
         48:96:73:d6:bb:6a:91:8e:96:1f:2e:a6:ca:38:43:f1:af:32:
         6e:35:7c:28:e5:93:85:46:44:fe:53:20:37:78:68:2a:8b:13:
         50:61:92:19:fc:b6:69:7a:20:3c:d0:ce:6f:73:ec:ae:ba:e4:
         2d:87:f4:43:ba:b8:e5:eb:0a:c5:f5:4d:6c:3c:30:f7:4b:f6:
         10:e6:f2:7b:c5:8f:63:09:d7:fe:ab:c9:2d:91:ad:a7:0f:37:
         a4:93:42:10:be:49:f5:bf:c9:f9:6d:ea:3e:85:ac:d9:1f:75:
         36:2e:dd:34:d4:76:fd:25:e2:c1:88:e4:d4:e1:ea:2f:16:76:
         11:42:ad:84:69:3d:49:10:90:af:64:d6:b7:19:d8:cf:fb:50:
         0b:d5:44:a5:64:0a:71:3a:df:bc:61:88:71:17:13:ec:5a:92:
         43:2c:0a:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoFyWLlfXSQ9jbDZJQYj25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmFiNDBkNjA4MTMzY2RkZjc2YzNiNWE2ZjgxNWRmODFm
YmM3ZGQwHhcNMjUwNjEzMDcwMDM2WhcNMjUwNjE0MDcwMDM2WjAzMTEwLwYDVQQD
EygxMjFkOGI5ZTk3NTM3NmIxYzhjYjc4NjY0ZjI4OGU5MWEyYTRjOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1peE65dBqcXhJmWCdju9enE36LX
chcKN0PaFxfhYfV4Kt8EUSfJNj+j1x1s+EpoREeDJdflJFdmnLgpLn0P2gi7AYo0
0D/SP7lh7j+C+KwZJaoxEjSefD+75voqFSGjk7UlLZtskTLMExBVbgjL6nOzF4Zi
yKj4BRmAlgoJJO28nu2vSzy/+ah+e17W2dYm2p7qCJgJw7Nt7lCjIn8C407O/XCB
jebwZgm8+lb+L1a7QYaCYel/6uAHvtdk6zF+p+8eOOrJwJfo3RCoztXaq+E038eu
ft4LAvC0dX1uo69CV459nJcJvyS2YsTDBD63dOMUnsyr/ISwn1fws0EW/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIdi56XU3axyMt4Zk8ojpGipMkKMB8GA1UdIwQY
MBaAFB66tA1ggTPN33bDtab4Fd+B+8fdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJxMERXQ0JNODNmZHNPMXB2Z1YzNEg3eDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yYjI2YWYtZTc1NC00MDgwLTllYzkt
NTlmMGYxMGIxZDI5LzEvSHJxMERXQ0JNODNmZHNPMXB2Z1YzNEg3eDkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yYjI2YWYtZTc1NC00MDgwLTllYzktNTlmMGYxMGIxZDI5
LzEvSHJxMERXQ0JNODNmZHNPMXB2Z1YzNEg3eDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPSLlr8l+
15jRqbhSoCZYWkgfKqyuvanTV5mxOIjBOsAHuzGg8t5qgrvG/ixMJKk52sbffF1m
HPlx3Q+aVHKPL7BQy+5qjBLeD4rMVMkEdbk2dJKmsetAltnFSJZz1rtqkY6WHy6m
yjhD8a8ybjV8KOWThUZE/lMgN3hoKosTUGGSGfy2aXogPNDOb3PsrrrkLYf0Q7q4
5esKxfVNbDww90v2EObye8WPYwnX/qvJLZGtpw83pJNCEL5J9b/J+W3qPoWs2R91
Ni7dNNR2/SXiwYjk1OHqLxZ2EUKthGk9SRCQr2TWtxnYz/tQC9VEpWQKcTrfvGGI
cRcT7FqSQywKMg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 17:00:34 2025 by rpki-client