Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
File:                     hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft (raw, json)
Hash identifier:          vcenw6MLwxVYBbBcviaaROTRGii5jA2mwmIoKx7HxjQ=
Subject key identifier:   EF:98:10:70:04:D7:AF:18:E8:48:88:39:EB:E9:01:EF:09:D1:74:8D
Authority key identifier: 84:D6:01:A8:B0:EA:5C:B2:4C:5E:C4:F8:5D:22:67:D8:21:93:1C:02
Certificate issuer:       /CN=84d601a8b0ea5cb24c5ec4f85d2267d821931c02
Certificate serial:       01975DCB04F33AD470D129C1A020DCE9604A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
Manifest number:          089F
Signing time:             Wed 11 Jun 2025 07:01:15 +0000
Manifest this update:     Wed 11 Jun 2025 07:01:15 +0000
Manifest next update:     Thu 12 Jun 2025 07:01:15 +0000
Files and hashes:         1: hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl (hash: 26ItqAxvM6NckEQVNmCTTbiu/0v/CMkYIPovxFAyr4k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 07:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:cb:04:f3:3a:d4:70:d1:29:c1:a0:20:dc:e9:60:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84d601a8b0ea5cb24c5ec4f85d2267d821931c02
        Validity
            Not Before: Jun 11 07:01:15 2025 GMT
            Not After : Jun 12 07:01:15 2025 GMT
        Subject: CN=ef98107004d7af18e8488839ebe901ef09d1748d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:97:90:4d:e7:46:84:e1:95:72:fb:77:7c:28:
                    28:3e:a3:58:9f:56:cf:e0:3c:a4:2f:2a:f0:44:06:
                    37:37:44:19:53:3c:76:45:34:1d:72:79:4d:bf:76:
                    c2:df:40:29:7e:fa:ca:4b:d6:67:85:79:57:e1:49:
                    3c:ee:40:ec:6d:a8:61:00:1e:82:e3:24:4c:36:91:
                    47:36:9a:7f:93:f1:19:84:cf:4c:d1:80:7c:28:11:
                    1a:06:83:48:27:be:a5:b0:ff:72:c4:31:a5:02:dc:
                    b0:a8:a1:8b:f8:78:92:23:77:50:72:3c:1b:fa:67:
                    f7:63:1f:b6:30:ac:62:67:04:e8:35:5d:74:1b:fc:
                    83:f9:a3:b4:e4:ba:44:5a:cb:d8:f5:ae:f4:c0:76:
                    dc:5d:9d:cd:e0:79:e8:e5:3d:3e:0f:05:94:b1:b4:
                    7e:4d:4b:2d:63:ba:56:39:64:fa:5c:54:99:81:46:
                    1b:5c:5f:d7:34:af:8a:b0:5c:a7:fe:21:17:f9:14:
                    be:97:6e:a8:42:3a:72:65:d9:91:04:20:e5:c4:27:
                    1f:53:b1:c5:6a:a2:e8:65:06:5d:da:bb:44:97:ba:
                    8e:94:6b:8a:36:93:da:63:7a:09:c1:a1:11:26:f7:
                    a4:df:c1:30:80:4c:9a:b7:9a:9e:bb:c8:9b:63:0c:
                    f9:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:98:10:70:04:D7:AF:18:E8:48:88:39:EB:E9:01:EF:09:D1:74:8D
            X509v3 Authority Key Identifier:
                keyid:84:D6:01:A8:B0:EA:5C:B2:4C:5E:C4:F8:5D:22:67:D8:21:93:1C:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:c9:e6:f4:40:20:97:fd:4c:79:74:ae:4d:c9:10:09:2d:ad:
         a5:f0:90:e0:de:af:1b:27:31:33:53:be:ec:55:af:58:8a:6b:
         d7:c4:7a:c1:31:6c:e6:a1:87:c5:bc:e0:93:88:42:7f:90:cb:
         7c:ef:ab:74:cf:40:0d:6a:3d:90:f1:bb:26:49:bd:d2:cc:b1:
         a1:de:19:85:60:8b:83:03:95:f2:e6:f1:f7:7d:da:ea:5e:f4:
         bf:5d:d9:91:fd:5e:59:3f:64:5e:3a:2f:36:c4:b8:64:d7:42:
         12:5f:d2:93:6f:c3:34:72:b1:30:de:94:73:7e:b2:6a:2c:af:
         5c:b4:ab:a4:37:e0:d8:6c:8d:98:fe:70:5c:57:0c:96:11:82:
         01:db:dc:f2:6e:a9:18:f5:05:54:df:61:94:bb:9e:97:1c:51:
         c7:d6:fe:96:98:2c:6a:a2:d9:c1:05:a2:0a:e8:aa:35:f3:70:
         54:16:82:38:bc:72:ed:28:19:53:88:64:dd:8a:f2:8e:07:ff:
         4e:52:99:5b:81:83:19:c7:08:16:e2:df:f1:23:2c:5f:8c:16:
         ef:f5:64:8f:c7:ec:3d:90:d6:b3:94:b3:b7:a3:9e:ff:fd:76:
         6a:14:ee:9e:e3:19:a1:94:e8:a5:0f:7d:2c:95:59:e1:d0:26:
         89:fc:d2:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddywTzOtRw0SnBoCDc6WBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZDYwMWE4YjBlYTVjYjI0YzVlYzRmODVkMjI2N2Q4MjE5
MzFjMDIwHhcNMjUwNjExMDcwMTE1WhcNMjUwNjEyMDcwMTE1WjAzMTEwLwYDVQQD
EyhlZjk4MTA3MDA0ZDdhZjE4ZTg0ODg4MzllYmU5MDFlZjA5ZDE3NDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZeQTedGhOGVcvt3fCgoPqNYn1bP
4DykLyrwRAY3N0QZUzx2RTQdcnlNv3bC30ApfvrKS9ZnhXlX4Uk87kDsbahhAB6C
4yRMNpFHNpp/k/EZhM9M0YB8KBEaBoNIJ76lsP9yxDGlAtywqKGL+HiSI3dQcjwb
+mf3Yx+2MKxiZwToNV10G/yD+aO05LpEWsvY9a70wHbcXZ3N4Hno5T0+DwWUsbR+
TUstY7pWOWT6XFSZgUYbXF/XNK+KsFyn/iEX+RS+l26oQjpyZdmRBCDlxCcfU7HF
aqLoZQZd2rtEl7qOlGuKNpPaY3oJwaERJvek38EwgEyat5qeu8ibYwz5dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+YEHAE168Y6EiIOevpAe8J0XSNMB8GA1UdIwQY
MBaAFITWAaiw6lyyTF7E+F0iZ9ghkxwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yNTA5NDYtZGE2Ni00YTk0LWJhZTYt
ZWU3N2Q3NWMzMjVlLzEvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yNTA5NDYtZGE2Ni00YTk0LWJhZTYtZWU3N2Q3NWMzMjVl
LzEvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk8nm9EAg
l/1MeXSuTckQCS2tpfCQ4N6vGycxM1O+7FWvWIpr18R6wTFs5qGHxbzgk4hCf5DL
fO+rdM9ADWo9kPG7Jkm90syxod4ZhWCLgwOV8ubx933a6l70v13Zkf1eWT9kXjov
NsS4ZNdCEl/Sk2/DNHKxMN6Uc36yaiyvXLSrpDfg2GyNmP5wXFcMlhGCAdvc8m6p
GPUFVN9hlLuelxxRx9b+lpgsaqLZwQWiCuiqNfNwVBaCOLxy7SgZU4hk3Yryjgf/
TlKZW4GDGccIFuLf8SMsX4wW7/Vkj8fsPZDWs5Szt6Oe//12ahTunuMZoZTopQ99
LJVZ4dAmifzSMw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:10:25 2025 by rpki-client