Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
File:                     hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft (raw, json)
Hash identifier:          oD6Xxq2Xvn7sReONr7d8S40ii0+k2ZPTPzbOjYPqa14=
Subject key identifier:   2A:07:21:83:3E:C3:19:1E:1C:EF:84:EA:8A:BB:5D:63:53:E1:C5:E1
Authority key identifier: 84:D6:01:A8:B0:EA:5C:B2:4C:5E:C4:F8:5D:22:67:D8:21:93:1C:02
Certificate issuer:       /CN=84d601a8b0ea5cb24c5ec4f85d2267d821931c02
Certificate serial:       019763960BE09EFF8F83494C4435687EC36F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
Manifest number:          08A2
Signing time:             Thu 12 Jun 2025 10:01:07 +0000
Manifest this update:     Thu 12 Jun 2025 10:01:07 +0000
Manifest next update:     Fri 13 Jun 2025 10:01:07 +0000
Files and hashes:         1: hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl (hash: LbTWxs0fG2wnMUMVA96VekdJVWrlV1bJPM0Kj4UVIOM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 10:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:96:0b:e0:9e:ff:8f:83:49:4c:44:35:68:7e:c3:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84d601a8b0ea5cb24c5ec4f85d2267d821931c02
        Validity
            Not Before: Jun 12 10:01:07 2025 GMT
            Not After : Jun 13 10:01:07 2025 GMT
        Subject: CN=2a0721833ec3191e1cef84ea8abb5d6353e1c5e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:86:63:f2:07:6a:6a:d3:13:5c:f2:af:6a:5d:
                    dd:75:62:27:19:83:1d:f7:f0:97:9f:87:79:bc:5b:
                    ed:55:2b:26:fd:3a:a1:5a:c9:62:d5:f2:58:4f:71:
                    f8:37:75:ae:80:5f:47:5c:9e:52:bf:04:65:df:4d:
                    18:1f:91:bd:79:91:a5:af:c2:c7:d1:69:95:74:a8:
                    81:ba:01:a2:70:65:d0:0f:38:d5:67:9e:84:eb:e8:
                    8a:6b:f3:0c:b8:55:da:bc:db:15:53:33:b1:31:f4:
                    f7:07:bd:51:c4:29:e8:71:8b:95:12:40:68:3a:9e:
                    da:f3:cd:ce:5f:75:be:84:6a:c1:04:11:8b:51:14:
                    aa:f1:dc:d0:33:a9:2a:0e:f2:3f:cc:a6:ea:fd:0e:
                    94:18:03:fb:52:ef:76:4b:35:36:23:fe:44:a1:99:
                    2d:b2:9c:c4:ba:3c:16:75:ea:08:c2:70:65:4e:e2:
                    0a:49:16:68:6d:f5:4f:10:e5:bc:3c:3c:3e:af:fb:
                    e5:5b:40:ef:9c:ca:2b:be:6c:1e:80:54:5f:74:df:
                    4c:8e:49:95:99:47:d1:c3:ae:9b:6b:14:27:88:7e:
                    79:06:91:b6:14:c4:61:f4:25:f9:b2:cf:e5:90:5b:
                    17:28:3c:18:ee:56:fb:b2:48:8c:d4:f9:56:61:82:
                    96:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:07:21:83:3E:C3:19:1E:1C:EF:84:EA:8A:BB:5D:63:53:E1:C5:E1
            X509v3 Authority Key Identifier:
                keyid:84:D6:01:A8:B0:EA:5C:B2:4C:5E:C4:F8:5D:22:67:D8:21:93:1C:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:89:8a:cf:a9:ac:a7:84:ec:46:a5:16:cc:f8:af:1a:6a:f4:
         79:5a:9d:41:e9:df:23:27:8e:80:b8:01:fb:f0:35:b5:5d:6d:
         85:38:8c:ad:cf:a6:5b:fb:45:ab:ad:62:1c:d0:24:0b:5e:10:
         e2:ae:82:ed:93:01:52:55:56:c3:1d:89:f1:34:ad:8d:71:7c:
         d3:40:d3:7f:c6:f3:5a:c0:17:98:21:a7:91:e8:c5:98:b2:6d:
         81:49:98:c2:a5:d6:e6:2b:b6:04:2b:4d:da:71:1f:e1:15:ec:
         46:64:97:76:f1:46:57:1d:14:e9:b0:4c:ad:6c:c0:87:ff:60:
         4b:72:b0:c2:87:5f:82:9e:29:5d:1f:07:53:2f:4e:96:ed:47:
         17:97:21:5e:1b:3c:9a:c7:d3:24:bb:6a:1c:85:b8:05:c0:fa:
         45:df:43:4f:ff:62:ee:ca:96:39:48:a0:d5:bd:15:94:9a:ba:
         d6:54:13:5b:3a:b5:0b:c7:6e:20:a9:41:03:8c:12:42:88:a0:
         b2:fc:95:a2:bd:5b:01:4e:7a:a7:75:60:81:e0:b4:57:39:05:
         63:b0:30:c8:cd:fc:4f:08:32:db:0a:c0:05:3a:08:4e:e2:fe:
         b3:2c:2c:ce:10:da:4c:26:55:f3:11:0b:96:94:5e:29:0e:e7:
         07:b8:d6:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjlgvgnv+Pg0lMRDVofsNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZDYwMWE4YjBlYTVjYjI0YzVlYzRmODVkMjI2N2Q4MjE5
MzFjMDIwHhcNMjUwNjEyMTAwMTA3WhcNMjUwNjEzMTAwMTA3WjAzMTEwLwYDVQQD
EygyYTA3MjE4MzNlYzMxOTFlMWNlZjg0ZWE4YWJiNWQ2MzUzZTFjNWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIZj8gdqatMTXPKval3ddWInGYMd
9/CXn4d5vFvtVSsm/TqhWsli1fJYT3H4N3WugF9HXJ5SvwRl300YH5G9eZGlr8LH
0WmVdKiBugGicGXQDzjVZ56E6+iKa/MMuFXavNsVUzOxMfT3B71RxCnocYuVEkBo
Op7a883OX3W+hGrBBBGLURSq8dzQM6kqDvI/zKbq/Q6UGAP7Uu92SzU2I/5EoZkt
spzEujwWdeoIwnBlTuIKSRZobfVPEOW8PDw+r/vlW0DvnMorvmwegFRfdN9MjkmV
mUfRw66baxQniH55BpG2FMRh9CX5ss/lkFsXKDwY7lb7skiM1PlWYYKWdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoHIYM+wxkeHO+E6oq7XWNT4cXhMB8GA1UdIwQY
MBaAFITWAaiw6lyyTF7E+F0iZ9ghkxwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yNTA5NDYtZGE2Ni00YTk0LWJhZTYt
ZWU3N2Q3NWMzMjVlLzEvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yNTA5NDYtZGE2Ni00YTk0LWJhZTYtZWU3N2Q3NWMzMjVl
LzEvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABImKz6ms
p4TsRqUWzPivGmr0eVqdQenfIyeOgLgB+/A1tV1thTiMrc+mW/tFq61iHNAkC14Q
4q6C7ZMBUlVWwx2J8TStjXF800DTf8bzWsAXmCGnkejFmLJtgUmYwqXW5iu2BCtN
2nEf4RXsRmSXdvFGVx0U6bBMrWzAh/9gS3Kwwodfgp4pXR8HUy9Olu1HF5chXhs8
msfTJLtqHIW4BcD6Rd9DT/9i7sqWOUig1b0VlJq61lQTWzq1C8duIKlBA4wSQoig
svyVor1bAU56p3VggeC0VzkFY7AwyM38Twgy2wrABToITuL+sywszhDaTCZV8xEL
lpReKQ7nB7jWLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:36:05 2025 by rpki-client