Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
File:                     hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft (raw, json)
Hash identifier:          FMLdwKtNqvuNMI2D2rpZ/S+p5E4xwjs23D4PlT0hCtc=
Subject key identifier:   9B:78:C4:9D:B3:88:D3:4B:1A:7A:EA:FC:B3:E5:D3:07:23:3F:7A:75
Authority key identifier: 84:D6:01:A8:B0:EA:5C:B2:4C:5E:C4:F8:5D:22:67:D8:21:93:1C:02
Certificate issuer:       /CN=84d601a8b0ea5cb24c5ec4f85d2267d821931c02
Certificate serial:       019758003767DC2E84F19B9C4BFF5BE5BE60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
Manifest number:          089C
Signing time:             Tue 10 Jun 2025 04:01:38 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:38 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:38 +0000
Files and hashes:         1: hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl (hash: BAIq71z6FgmVa1yARtvFGx2+j5XvUEiULH03fDEDnEU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:00:37:67:dc:2e:84:f1:9b:9c:4b:ff:5b:e5:be:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84d601a8b0ea5cb24c5ec4f85d2267d821931c02
        Validity
            Not Before: Jun 10 04:01:38 2025 GMT
            Not After : Jun 11 04:01:38 2025 GMT
        Subject: CN=9b78c49db388d34b1a7aeafcb3e5d307233f7a75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:39:17:05:3e:d8:f2:91:a0:33:dc:8f:c4:d9:
                    2a:98:42:88:eb:32:57:b2:6d:8e:13:03:54:96:24:
                    1c:cc:bb:0d:57:cc:01:bc:c7:45:6a:7e:5b:cc:5a:
                    63:da:b9:7e:27:e7:55:e0:89:5c:3f:30:9c:2c:1b:
                    e5:69:ec:c9:f8:1e:f1:20:ca:12:4e:45:30:ac:02:
                    28:3f:0e:f3:49:61:2e:b8:0e:c0:10:e4:4f:e4:8e:
                    f8:27:3e:32:8a:54:72:ce:c0:bd:8f:3a:05:08:39:
                    32:3a:49:a0:dc:31:57:4c:ed:e3:7e:79:3e:17:41:
                    44:32:67:0c:44:18:9e:1a:97:83:c5:96:61:84:b4:
                    5d:e4:35:09:81:b4:80:75:13:52:7a:49:f1:d1:b6:
                    db:bd:b9:71:de:e7:c4:44:88:de:a0:71:0b:12:78:
                    1a:61:c8:df:4e:b3:a9:ea:cd:5d:1d:ea:dd:6a:8a:
                    0a:56:46:49:12:07:18:85:39:f6:34:23:06:58:84:
                    bf:cc:ec:b8:de:02:f6:8c:88:8c:28:04:be:b6:08:
                    8e:99:82:3b:ec:13:b8:5b:1f:39:34:c9:49:55:49:
                    6d:47:70:b1:78:2d:e6:2d:e9:c3:5a:97:e1:f6:eb:
                    29:ef:ca:8b:7b:1a:43:b8:3a:2c:01:64:c1:05:25:
                    a0:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:78:C4:9D:B3:88:D3:4B:1A:7A:EA:FC:B3:E5:D3:07:23:3F:7A:75
            X509v3 Authority Key Identifier:
                keyid:84:D6:01:A8:B0:EA:5C:B2:4C:5E:C4:F8:5D:22:67:D8:21:93:1C:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:38:f1:62:47:24:b8:25:9c:fb:f3:f9:3d:39:1f:5e:42:92:
         56:61:d8:50:d0:ce:75:76:5c:0f:bd:07:1d:18:fc:12:f0:ed:
         e6:69:33:44:0a:e0:15:49:ec:df:f9:91:8d:56:e3:5f:0e:75:
         26:97:a9:d3:7e:3d:c1:12:ca:42:ea:42:8d:09:b7:3e:fe:5e:
         dd:11:ea:57:22:0e:c9:a5:b0:30:1e:56:03:17:cc:6a:21:a4:
         df:35:b8:a2:74:5e:65:0e:94:bd:dc:5a:5e:9b:94:70:da:f7:
         59:20:ce:7a:9c:ed:4a:9e:93:79:8f:84:c7:21:b3:58:2c:4d:
         0f:a1:41:cd:18:13:5d:c5:e4:46:cc:3d:fc:e4:8f:05:c2:a8:
         01:58:8c:ef:4f:03:b8:45:39:9a:0a:ba:d0:8c:f7:58:d0:12:
         20:a7:38:eb:1e:fa:48:45:a3:12:1f:1e:20:05:56:a8:f9:37:
         90:c5:c2:7f:fc:2c:28:76:b5:a5:20:e2:e5:44:82:5c:2f:d4:
         76:0d:f9:48:95:e0:51:82:a3:f7:5b:e3:d6:b3:f6:57:07:cd:
         56:d6:6b:a2:a8:9f:92:1a:bb:76:f9:09:17:6e:e7:f4:41:28:
         d2:87:e1:dd:91:50:20:2e:fa:1f:ca:cf:67:d4:97:08:20:55:
         73:ae:a9:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYADdn3C6E8ZucS/9b5b5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZDYwMWE4YjBlYTVjYjI0YzVlYzRmODVkMjI2N2Q4MjE5
MzFjMDIwHhcNMjUwNjEwMDQwMTM4WhcNMjUwNjExMDQwMTM4WjAzMTEwLwYDVQQD
Eyg5Yjc4YzQ5ZGIzODhkMzRiMWE3YWVhZmNiM2U1ZDMwNzIzM2Y3YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDkXBT7Y8pGgM9yPxNkqmEKI6zJX
sm2OEwNUliQczLsNV8wBvMdFan5bzFpj2rl+J+dV4IlcPzCcLBvlaezJ+B7xIMoS
TkUwrAIoPw7zSWEuuA7AEORP5I74Jz4yilRyzsC9jzoFCDkyOkmg3DFXTO3jfnk+
F0FEMmcMRBieGpeDxZZhhLRd5DUJgbSAdRNSeknx0bbbvblx3ufERIjeoHELEnga
YcjfTrOp6s1dHerdaooKVkZJEgcYhTn2NCMGWIS/zOy43gL2jIiMKAS+tgiOmYI7
7BO4Wx85NMlJVUltR3CxeC3mLenDWpfh9usp78qLexpDuDosAWTBBSWgNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJt4xJ2ziNNLGnrq/LPl0wcjP3p1MB8GA1UdIwQY
MBaAFITWAaiw6lyyTF7E+F0iZ9ghkxwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yNTA5NDYtZGE2Ni00YTk0LWJhZTYt
ZWU3N2Q3NWMzMjVlLzEvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yNTA5NDYtZGE2Ni00YTk0LWJhZTYtZWU3N2Q3NWMzMjVl
LzEvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMzjxYkck
uCWc+/P5PTkfXkKSVmHYUNDOdXZcD70HHRj8EvDt5mkzRArgFUns3/mRjVbjXw51
Jpep0349wRLKQupCjQm3Pv5e3RHqVyIOyaWwMB5WAxfMaiGk3zW4onReZQ6Uvdxa
XpuUcNr3WSDOepztSp6TeY+ExyGzWCxND6FBzRgTXcXkRsw9/OSPBcKoAViM708D
uEU5mgq60Iz3WNASIKc46x76SEWjEh8eIAVWqPk3kMXCf/wsKHa1pSDi5USCXC/U
dg35SJXgUYKj91vj1rP2VwfNVtZroqifkhq7dvkJF27n9EEo0ofh3ZFQIC76H8rP
Z9SXCCBVc66pSQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:03:51 2025 by rpki-client