Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
File:                     hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft (raw, json)
Hash identifier:          UU8cKYmcrEKubSa+LzRoSnUQ8rD4O0LU26MMm3mqCL8=
Subject key identifier:   31:FB:A1:CE:CC:0A:86:74:E2:F7:EE:C4:5C:5E:A5:1E:58:B5:DC:2E
Authority key identifier: 84:F5:90:CA:62:C2:46:44:05:83:81:8C:31:F2:57:3A:0F:50:FF:D0
Certificate issuer:       /CN=84f590ca62c246440583818c31f2573a0f50ffd0
Certificate serial:       019752D909E3291B4669A25A313E114FBB3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
Manifest number:          0995
Signing time:             Mon 09 Jun 2025 04:00:44 +0000
Manifest this update:     Mon 09 Jun 2025 04:00:44 +0000
Manifest next update:     Tue 10 Jun 2025 04:00:44 +0000
Files and hashes:         1: hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl (hash: uA8z6j0gItQSk2ob8shVMGGREcRxSouTIKdye9bxTLE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:d9:09:e3:29:1b:46:69:a2:5a:31:3e:11:4f:bb:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f590ca62c246440583818c31f2573a0f50ffd0
        Validity
            Not Before: Jun  9 04:00:44 2025 GMT
            Not After : Jun 10 04:00:44 2025 GMT
        Subject: CN=31fba1cecc0a8674e2f7eec45c5ea51e58b5dc2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:4b:c9:95:5b:ef:8b:43:f0:7f:d4:47:7e:51:
                    37:b7:5e:b0:49:51:cf:38:db:b4:29:fb:9d:d0:b7:
                    d7:13:ea:a1:0c:47:1c:5f:32:08:ea:b9:8f:ef:94:
                    ce:22:6e:b9:87:4c:9e:d6:eb:74:89:de:5e:5c:fe:
                    b7:3e:56:31:47:ae:ab:89:d7:e5:92:d5:8b:93:02:
                    ea:d6:60:17:dd:ab:22:96:b9:0e:20:06:b2:a5:82:
                    ee:31:0b:ed:06:2b:2f:84:f3:76:92:4d:04:7a:9c:
                    7b:b3:ee:3c:04:67:53:07:0b:f5:b4:29:e4:14:f6:
                    54:f9:73:11:c4:b5:e3:bf:d2:0c:44:a9:4c:dc:ef:
                    e8:7c:86:d2:b4:9c:07:16:98:d7:b9:f7:dc:79:48:
                    a2:17:bd:7d:ca:b3:77:bf:8b:be:5d:94:d9:bc:4e:
                    e3:c5:f3:18:91:5c:4b:6e:5a:e8:db:8f:5c:1e:0a:
                    9e:05:68:5b:f7:18:9d:c1:7a:fc:61:21:34:57:e7:
                    45:c9:0f:71:e7:98:e4:62:62:3a:45:2e:6f:72:80:
                    70:41:21:4a:7e:42:66:91:63:f7:87:9f:91:37:0b:
                    e5:34:8a:bc:f8:71:76:75:fb:8a:e4:7b:07:d6:f3:
                    e2:34:74:d1:e8:a0:06:5f:45:cf:d9:0c:88:1f:12:
                    00:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:FB:A1:CE:CC:0A:86:74:E2:F7:EE:C4:5C:5E:A5:1E:58:B5:DC:2E
            X509v3 Authority Key Identifier:
                keyid:84:F5:90:CA:62:C2:46:44:05:83:81:8C:31:F2:57:3A:0F:50:FF:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:04:ee:e2:c8:c4:43:ec:8b:61:a7:63:77:2e:09:4b:e4:3a:
         34:b1:43:80:b3:eb:10:3f:6c:ce:f0:6f:1c:75:36:0f:88:ab:
         2c:e8:3b:77:f3:f6:d1:f4:5e:4b:bf:a7:da:41:56:c3:68:41:
         ba:11:9d:92:cb:50:c4:4c:35:34:aa:30:63:6f:29:cf:01:23:
         20:58:51:7f:32:2c:fa:29:9e:50:fb:d5:45:53:1f:ac:49:ec:
         19:ba:b8:a5:86:1e:fa:21:12:51:70:18:d9:e2:98:00:2e:e8:
         bd:df:1c:d7:47:bf:21:1d:17:b4:44:4b:dc:7d:ba:a3:3e:62:
         43:a4:13:49:b5:ad:c1:73:d6:fb:17:39:f6:f6:6a:e0:13:31:
         9f:6e:85:8a:1d:8b:2a:a1:6a:80:cc:ac:eb:32:c7:c3:6b:5b:
         66:58:42:b2:62:59:2c:91:61:f3:89:f5:7a:01:b7:61:f4:91:
         08:21:31:96:d4:f4:c7:1e:49:9d:bd:bc:fc:e6:75:2c:e7:2e:
         6c:46:4f:d8:ae:3a:37:13:ad:a3:d8:77:e2:c7:2e:19:d0:97:
         63:87:3e:f1:af:0e:fa:3a:b0:5a:ef:44:f4:14:ef:a2:62:07:
         39:82:5a:7e:69:49:de:46:3b:c0:c7:4a:cb:5c:28:41:ef:23:
         d1:2f:d9:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2QnjKRtGaaJaMT4RT7s9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjU5MGNhNjJjMjQ2NDQwNTgzODE4YzMxZjI1NzNhMGY1
MGZmZDAwHhcNMjUwNjA5MDQwMDQ0WhcNMjUwNjEwMDQwMDQ0WjAzMTEwLwYDVQQD
EygzMWZiYTFjZWNjMGE4Njc0ZTJmN2VlYzQ1YzVlYTUxZTU4YjVkYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkvJlVvvi0Pwf9RHflE3t16wSVHP
ONu0Kfud0LfXE+qhDEccXzII6rmP75TOIm65h0ye1ut0id5eXP63PlYxR66ridfl
ktWLkwLq1mAX3asilrkOIAaypYLuMQvtBisvhPN2kk0Eepx7s+48BGdTBwv1tCnk
FPZU+XMRxLXjv9IMRKlM3O/ofIbStJwHFpjXuffceUiiF719yrN3v4u+XZTZvE7j
xfMYkVxLblro249cHgqeBWhb9xidwXr8YSE0V+dFyQ9x55jkYmI6RS5vcoBwQSFK
fkJmkWP3h5+RNwvlNIq8+HF2dfuK5HsH1vPiNHTR6KAGX0XP2QyIHxIA/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDH7oc7MCoZ04vfuxFxepR5YtdwuMB8GA1UdIwQY
MBaAFIT1kMpiwkZEBYOBjDHyVzoPUP/QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny81YTk5ZTgtYmI0Ni00ZmNkLWFlYTEt
OGQ1NmE3YjA5OTUzLzEvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny81YTk5ZTgtYmI0Ni00ZmNkLWFlYTEtOGQ1NmE3YjA5OTUz
LzEvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqQTu4sjE
Q+yLYadjdy4JS+Q6NLFDgLPrED9szvBvHHU2D4irLOg7d/P20fReS7+n2kFWw2hB
uhGdkstQxEw1NKowY28pzwEjIFhRfzIs+imeUPvVRVMfrEnsGbq4pYYe+iESUXAY
2eKYAC7ovd8c10e/IR0XtERL3H26oz5iQ6QTSbWtwXPW+xc59vZq4BMxn26Fih2L
KqFqgMys6zLHw2tbZlhCsmJZLJFh84n1egG3YfSRCCExltT0xx5Jnb28/OZ1LOcu
bEZP2K46NxOto9h34scuGdCXY4c+8a8O+jqwWu9E9BTvomIHOYJafmlJ3kY7wMdK
y1woQe8j0S/ZRQ==
-----END CERTIFICATE-----