Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          wJ9DHpgCqRwQuwDUNd8lEq1ezTJ5zwGyScw43iV1+Ck=
Subject key identifier:   84:7F:5A:77:70:38:F4:24:D0:B5:16:56:AC:05:EC:A0:7A:00:0E:04
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       0199228C917A42CAF1CC074A242D0A1A589B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          06B1
Signing time:             Sun 07 Sep 2025 05:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:01 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: KYJCIIHSFl5P51VjvCFzGCOFozX1z8rpCVKVXjUnADg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:91:7a:42:ca:f1:cc:07:4a:24:2d:0a:1a:58:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: Sep  7 05:01:01 2025 GMT
            Not After : Sep  8 05:01:01 2025 GMT
        Subject: CN=847f5a777038f424d0b51656ac05eca07a000e04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:99:81:4a:ff:80:aa:b8:55:c7:b6:b6:a7:86:
                    b2:96:15:c4:8f:f7:da:81:79:00:68:cf:f4:de:52:
                    8f:2c:92:04:71:a0:eb:2d:e1:76:43:96:ff:1f:9d:
                    b8:6e:05:5a:99:de:6d:2b:e1:90:bb:86:c4:23:52:
                    ef:c6:95:71:09:91:b8:b7:44:8b:d4:9a:07:e6:3f:
                    61:de:8d:7b:cd:5a:c3:3e:a1:84:bf:b0:c4:b2:27:
                    55:43:f1:47:4e:d8:dc:7e:81:dd:60:4f:e3:f1:44:
                    c0:88:66:ba:a0:e1:5b:6c:62:d7:ee:57:7f:f0:f3:
                    bd:2f:1e:8a:06:27:1d:29:cf:7e:4f:d2:50:13:38:
                    7e:3f:74:de:2d:27:7f:4d:65:b3:49:1e:7a:92:6e:
                    66:1e:57:94:50:2b:af:2b:d8:98:f4:d1:79:c0:58:
                    e4:28:0b:f1:f7:ce:ec:8d:95:6f:86:c0:fe:90:25:
                    51:80:d4:1d:e0:14:e2:89:ee:71:ca:5f:76:f3:92:
                    1a:4b:36:d8:83:34:ab:27:de:20:3b:50:c1:ac:82:
                    14:b1:fc:3e:c9:88:2e:f1:97:ad:43:a2:49:36:1e:
                    45:0e:5d:fe:6c:a9:79:7a:f8:18:ff:e9:05:36:5e:
                    75:61:02:96:7c:1b:b8:37:d0:5b:b0:74:25:54:98:
                    6c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:7F:5A:77:70:38:F4:24:D0:B5:16:56:AC:05:EC:A0:7A:00:0E:04
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:8a:68:ec:45:be:46:39:02:32:25:81:b2:a1:34:96:6d:3e:
         60:2a:89:7e:08:13:8f:5c:d7:6a:fd:3d:56:1a:a1:2d:06:b3:
         4c:15:a8:c5:0d:7c:15:ad:e9:42:7e:c3:81:cb:84:a0:43:24:
         12:c1:6b:32:a2:9e:6c:d3:9d:f8:4d:77:d7:ed:5e:cc:ad:c8:
         5a:d0:6b:17:50:69:c9:9c:6b:e1:bc:b8:db:76:58:67:3e:1c:
         7b:63:56:4e:e0:53:52:7a:45:5f:08:fa:a8:27:c9:18:6b:fb:
         63:a8:c7:7d:f1:64:b3:f0:09:c7:56:fc:91:c7:50:5b:4b:32:
         c1:e8:7b:fd:8f:cc:be:ba:20:c2:7d:50:4e:6d:34:bb:a3:a5:
         80:3e:33:9d:da:5f:bd:91:bb:63:c3:ee:74:d8:26:f2:87:0c:
         4e:e5:36:bf:6c:14:b6:cd:c2:c3:0f:78:37:6f:19:d7:17:d0:
         1a:2f:26:1f:27:3b:57:7f:d4:97:b8:6f:b3:31:60:3a:3f:2f:
         dc:6f:81:cd:ff:00:96:f4:b7:1a:36:6f:b7:e3:d3:1c:ef:67:
         c7:b0:07:b0:a1:47:e9:9f:d4:60:df:f0:f0:7c:de:2e:40:8b:
         4f:ca:1f:9a:e5:a1:bc:3a:6d:e1:d9:59:73:8d:4b:2c:b8:03:
         fc:fa:0a:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijJF6QsrxzAdKJC0KGlibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjUwOTA3MDUwMTAxWhcNMjUwOTA4MDUwMTAxWjAzMTEwLwYDVQQD
Eyg4NDdmNWE3NzcwMzhmNDI0ZDBiNTE2NTZhYzA1ZWNhMDdhMDAwZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZmBSv+AqrhVx7a2p4aylhXEj/fa
gXkAaM/03lKPLJIEcaDrLeF2Q5b/H524bgVamd5tK+GQu4bEI1LvxpVxCZG4t0SL
1JoH5j9h3o17zVrDPqGEv7DEsidVQ/FHTtjcfoHdYE/j8UTAiGa6oOFbbGLX7ld/
8PO9Lx6KBicdKc9+T9JQEzh+P3TeLSd/TWWzSR56km5mHleUUCuvK9iY9NF5wFjk
KAvx987sjZVvhsD+kCVRgNQd4BTiie5xyl9285IaSzbYgzSrJ94gO1DBrIIUsfw+
yYgu8ZetQ6JJNh5FDl3+bKl5evgY/+kFNl51YQKWfBu4N9BbsHQlVJhsPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIR/WndwOPQk0LUWVqwF7KB6AA4EMB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiIpo7EW+
RjkCMiWBsqE0lm0+YCqJfggTj1zXav09VhqhLQazTBWoxQ18Fa3pQn7DgcuEoEMk
EsFrMqKebNOd+E131+1ezK3IWtBrF1BpyZxr4by423ZYZz4ce2NWTuBTUnpFXwj6
qCfJGGv7Y6jHffFks/AJx1b8kcdQW0syweh7/Y/Mvrogwn1QTm00u6OlgD4zndpf
vZG7Y8PudNgm8ocMTuU2v2wUts3Cww94N28Z1xfQGi8mHyc7V3/Ul7hvszFgOj8v
3G+Bzf8AlvS3GjZvt+PTHO9nx7AHsKFH6Z/UYN/w8HzeLkCLT8ofmuWhvDpt4dlZ
c41LLLgD/PoKqQ==
-----END CERTIFICATE-----