Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
File:                     hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft (raw, json)
Hash identifier:          PUP2Sih1jjW2JIRPsEE1tV7TJawT5tgxcDqnzr1Xo7Y=
Subject key identifier:   8A:83:A8:70:44:23:80:1A:CA:E9:45:E5:C6:10:AA:40:5E:51:36:6D
Authority key identifier: 84:D6:01:A8:B0:EA:5C:B2:4C:5E:C4:F8:5D:22:67:D8:21:93:1C:02
Certificate issuer:       /CN=84d601a8b0ea5cb24c5ec4f85d2267d821931c02
Certificate serial:       019754226B5FAABB6AD71CFBDDB6FA153A9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
Manifest number:          089A
Signing time:             Mon 09 Jun 2025 10:00:31 +0000
Manifest this update:     Mon 09 Jun 2025 10:00:31 +0000
Manifest next update:     Tue 10 Jun 2025 10:00:31 +0000
Files and hashes:         1: hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl (hash: ZosftX2l1GwKQQHYQegsl7RioiOFPdnpEgNl9ZL3wJc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:6b:5f:aa:bb:6a:d7:1c:fb:dd:b6:fa:15:3a:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84d601a8b0ea5cb24c5ec4f85d2267d821931c02
        Validity
            Not Before: Jun  9 10:00:31 2025 GMT
            Not After : Jun 10 10:00:31 2025 GMT
        Subject: CN=8a83a8704423801acae945e5c610aa405e51366d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7d:ab:31:2e:fe:59:bd:a0:be:26:e9:76:6a:
                    78:4e:2c:16:ac:c2:e1:93:36:75:9c:67:f5:0c:29:
                    10:da:b4:02:8b:f5:72:fc:cc:50:a2:9e:bd:97:1c:
                    ff:c8:bf:70:be:b9:4e:10:ed:8d:63:80:94:0a:4d:
                    89:4f:7a:11:ef:a6:39:e0:1d:8a:b5:d0:d2:52:4c:
                    5a:a6:48:3a:84:ea:90:62:ad:97:e4:87:12:1b:fd:
                    32:f2:13:6c:af:59:85:88:81:41:b3:8e:6d:56:15:
                    92:9b:5f:9a:c6:60:22:c5:46:01:f9:34:e9:14:bc:
                    30:32:76:63:f7:42:4d:2e:86:56:cf:11:98:a7:a4:
                    ec:84:99:f6:5e:5e:8a:7e:14:df:d9:29:9f:e3:7e:
                    dc:cf:f2:df:18:ff:0b:72:31:18:1c:ae:23:0c:24:
                    22:7e:70:39:a2:52:06:e1:4e:6c:62:f1:24:fa:08:
                    b1:91:6d:cd:33:84:a6:2e:48:1a:f6:e6:3d:96:86:
                    a2:fe:37:26:12:26:ee:16:bb:52:7d:3b:9a:9e:19:
                    60:87:e0:ae:24:c5:2e:3a:8e:ca:32:64:67:30:ba:
                    f2:bd:66:92:db:37:7c:20:2e:40:64:0d:b2:3a:b4:
                    8e:23:c0:38:5e:53:72:67:5d:00:75:fc:bb:0a:95:
                    8f:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:83:A8:70:44:23:80:1A:CA:E9:45:E5:C6:10:AA:40:5E:51:36:6D
            X509v3 Authority Key Identifier:
                keyid:84:D6:01:A8:B0:EA:5C:B2:4C:5E:C4:F8:5D:22:67:D8:21:93:1C:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:f8:ab:4e:6c:f5:65:a6:83:14:e3:10:a7:4f:35:15:c6:c6:
         ae:da:77:28:fb:eb:37:ea:81:35:b8:70:0c:98:40:0c:9a:ce:
         e1:92:06:42:e1:35:d7:32:b2:8d:db:4b:e7:56:dd:2a:c9:ed:
         75:8e:da:7e:69:61:f8:11:66:10:07:4d:bc:b6:9d:57:cf:ee:
         92:22:61:75:b9:c9:05:ce:c4:69:67:8c:bd:af:e8:e0:03:d9:
         2d:7e:81:c3:33:41:89:69:49:ac:51:d7:68:8c:bc:cd:3e:c2:
         da:d4:4d:ca:50:cf:bd:cc:45:3a:da:b3:ba:ab:45:71:6d:05:
         47:5e:ff:ba:fb:49:ed:56:4d:f8:e7:25:a8:62:56:87:ef:17:
         c4:c0:01:03:c6:5a:c8:8d:c9:be:49:9b:5a:c9:11:68:b0:20:
         0e:4e:82:d8:e1:22:ba:59:2c:b5:fb:b4:2e:24:a9:07:45:8c:
         51:39:6d:9d:50:45:99:2c:44:73:1b:7a:57:2d:f2:29:73:5a:
         fd:22:88:7a:5f:12:83:e1:24:9e:3b:4c:e7:e9:94:47:fe:dc:
         09:8e:60:ac:f8:b7:6a:1e:9b:39:82:8d:ef:97:fe:d1:cc:93:
         fe:56:b8:38:e4:a0:d5:f8:ca:44:78:02:ec:4d:d6:44:dd:7c:
         a2:84:0f:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUImtfqrtq1xz73bb6FTqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZDYwMWE4YjBlYTVjYjI0YzVlYzRmODVkMjI2N2Q4MjE5
MzFjMDIwHhcNMjUwNjA5MTAwMDMxWhcNMjUwNjEwMTAwMDMxWjAzMTEwLwYDVQQD
Eyg4YTgzYTg3MDQ0MjM4MDFhY2FlOTQ1ZTVjNjEwYWE0MDVlNTEzNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH2rMS7+Wb2gvibpdmp4TiwWrMLh
kzZ1nGf1DCkQ2rQCi/Vy/MxQop69lxz/yL9wvrlOEO2NY4CUCk2JT3oR76Y54B2K
tdDSUkxapkg6hOqQYq2X5IcSG/0y8hNsr1mFiIFBs45tVhWSm1+axmAixUYB+TTp
FLwwMnZj90JNLoZWzxGYp6TshJn2Xl6KfhTf2Smf437cz/LfGP8LcjEYHK4jDCQi
fnA5olIG4U5sYvEk+gixkW3NM4SmLkga9uY9loai/jcmEibuFrtSfTuanhlgh+Cu
JMUuOo7KMmRnMLryvWaS2zd8IC5AZA2yOrSOI8A4XlNyZ10Adfy7CpWPVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqDqHBEI4AayulF5cYQqkBeUTZtMB8GA1UdIwQY
MBaAFITWAaiw6lyyTF7E+F0iZ9ghkxwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yNTA5NDYtZGE2Ni00YTk0LWJhZTYt
ZWU3N2Q3NWMzMjVlLzEvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yNTA5NDYtZGE2Ni00YTk0LWJhZTYtZWU3N2Q3NWMzMjVl
LzEvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/irTmz1
ZaaDFOMQp081FcbGrtp3KPvrN+qBNbhwDJhADJrO4ZIGQuE11zKyjdtL51bdKsnt
dY7afmlh+BFmEAdNvLadV8/ukiJhdbnJBc7EaWeMva/o4APZLX6BwzNBiWlJrFHX
aIy8zT7C2tRNylDPvcxFOtqzuqtFcW0FR17/uvtJ7VZN+OclqGJWh+8XxMABA8Za
yI3JvkmbWskRaLAgDk6C2OEiulkstfu0LiSpB0WMUTltnVBFmSxEcxt6Vy3yKXNa
/SKIel8Sg+EknjtM5+mUR/7cCY5grPi3ah6bOYKN75f+0cyT/la4OOSg1fjKRHgC
7E3WRN18ooQPjg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:39:37 2025 by rpki-client