Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
File:                     hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft (raw, json)
Hash identifier:          on0aRGpmQUVMqgvdjVLw0MGJd1EhTC4cfs1XzU5s87w=
Subject key identifier:   5B:76:23:8A:FB:CB:70:3D:4D:57:B7:0F:EC:FE:48:85:62:C9:4F:95
Authority key identifier: 84:D6:01:A8:B0:EA:5C:B2:4C:5E:C4:F8:5D:22:67:D8:21:93:1C:02
Certificate issuer:       /CN=84d601a8b0ea5cb24c5ec4f85d2267d821931c02
Certificate serial:       01976772D25FA6C1543BB641413AFE3FBCC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
Manifest number:          08A4
Signing time:             Fri 13 Jun 2025 04:01:07 +0000
Manifest this update:     Fri 13 Jun 2025 04:01:07 +0000
Manifest next update:     Sat 14 Jun 2025 04:01:07 +0000
Files and hashes:         1: hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl (hash: qWe0VnKaw3sIHjxo+udoKVz1tQtbBVmhzs9VDm7/78w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 04:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:72:d2:5f:a6:c1:54:3b:b6:41:41:3a:fe:3f:bc:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84d601a8b0ea5cb24c5ec4f85d2267d821931c02
        Validity
            Not Before: Jun 13 04:01:07 2025 GMT
            Not After : Jun 14 04:01:07 2025 GMT
        Subject: CN=5b76238afbcb703d4d57b70fecfe488562c94f95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e9:69:12:b8:79:d8:d4:f5:a9:1b:9e:03:5d:
                    db:a2:39:09:9e:4f:d4:ff:98:4d:bb:14:c4:b0:6e:
                    34:57:65:c7:10:27:0b:25:0c:0e:bb:c2:85:41:12:
                    a9:84:92:f9:1c:67:56:16:54:79:6c:e1:38:f3:c9:
                    36:c3:6e:b6:21:bd:b1:f2:81:8e:ed:ed:5a:7f:01:
                    71:92:54:01:00:71:68:87:a3:0a:b3:cd:d3:87:57:
                    f8:8e:cc:ed:ba:2f:2c:86:0c:94:09:35:f5:95:65:
                    31:f7:2d:f8:7a:ad:b7:4a:5f:1a:7c:20:3f:0d:85:
                    18:c8:d7:94:61:ab:f1:99:fd:0b:a3:f0:45:2d:68:
                    f5:c7:c0:57:c0:97:b0:16:9c:77:31:41:64:e2:a0:
                    97:1f:21:eb:aa:94:8d:34:8c:fb:05:de:c0:5d:2b:
                    9a:69:e2:4a:51:09:5d:53:6a:07:f3:75:fe:7a:d5:
                    db:11:e2:cd:b8:2c:ab:45:7e:26:7a:d6:0c:04:41:
                    0d:69:7e:fb:d4:fa:46:8f:b2:a3:f6:51:44:22:e4:
                    a7:16:51:ce:4a:18:a5:63:74:4e:9b:8d:03:fb:48:
                    a2:d7:df:77:42:41:97:1b:f3:61:c5:ce:fb:b2:1c:
                    00:23:47:c4:e1:28:60:d2:6d:fc:e3:f3:24:48:27:
                    3a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:76:23:8A:FB:CB:70:3D:4D:57:B7:0F:EC:FE:48:85:62:C9:4F:95
            X509v3 Authority Key Identifier:
                keyid:84:D6:01:A8:B0:EA:5C:B2:4C:5E:C4:F8:5D:22:67:D8:21:93:1C:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNYBqLDqXLJMXsT4XSJn2CGTHAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/250946-da66-4a94-bae6-ee77d75c325e/1/hNYBqLDqXLJMXsT4XSJn2CGTHAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:db:f6:b5:82:ef:5e:9e:38:34:fb:36:99:d1:cc:5d:4f:e7:
         9a:fc:bf:94:7a:21:a4:7a:e0:e0:d9:22:b3:5d:d7:b2:aa:d7:
         52:d4:33:f4:9b:e7:da:1c:02:6b:0a:c7:1c:50:03:69:db:b9:
         88:a7:d6:8b:61:96:7a:a9:ef:3c:82:09:75:42:ad:ca:07:7d:
         39:0c:db:77:f6:11:bd:a0:bd:dd:b8:ce:a3:e2:4d:44:c0:47:
         b1:da:d5:df:9a:bf:fb:a6:53:7c:a8:f8:d3:8f:72:45:f4:d6:
         1f:4a:58:c6:b2:09:e3:78:59:d1:52:cf:7d:60:b5:69:d9:ad:
         e7:11:3c:2e:4e:16:0c:bb:66:75:78:e9:6d:d2:20:91:bf:a5:
         9d:f8:fc:da:c4:66:fe:09:83:f7:8d:f8:03:44:3a:83:98:5e:
         61:5e:b7:82:bd:ce:19:c9:33:d8:66:4b:a9:68:e8:e3:b5:4d:
         17:14:be:63:42:0e:5e:03:41:38:8c:2b:4e:ab:16:fb:ec:0a:
         a0:06:ce:da:43:64:6c:cd:6c:10:36:4f:f4:15:22:75:1d:2a:
         59:54:38:a0:9a:72:8e:30:51:ea:82:b8:4a:71:02:61:b9:cf:
         36:74:54:00:6b:44:17:bc:8c:c3:19:db:9d:7f:43:75:e4:17:
         7e:87:47:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdnctJfpsFUO7ZBQTr+P7zAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZDYwMWE4YjBlYTVjYjI0YzVlYzRmODVkMjI2N2Q4MjE5
MzFjMDIwHhcNMjUwNjEzMDQwMTA3WhcNMjUwNjE0MDQwMTA3WjAzMTEwLwYDVQQD
Eyg1Yjc2MjM4YWZiY2I3MDNkNGQ1N2I3MGZlY2ZlNDg4NTYyYzk0Zjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtulpErh52NT1qRueA13bojkJnk/U
/5hNuxTEsG40V2XHECcLJQwOu8KFQRKphJL5HGdWFlR5bOE488k2w262Ib2x8oGO
7e1afwFxklQBAHFoh6MKs83Th1f4jsztui8shgyUCTX1lWUx9y34eq23Sl8afCA/
DYUYyNeUYavxmf0Lo/BFLWj1x8BXwJewFpx3MUFk4qCXHyHrqpSNNIz7Bd7AXSua
aeJKUQldU2oH83X+etXbEeLNuCyrRX4metYMBEENaX771PpGj7Kj9lFEIuSnFlHO
ShilY3ROm40D+0ii1993QkGXG/Nhxc77shwAI0fE4Shg0m384/MkSCc6nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFt2I4r7y3A9TVe3D+z+SIViyU+VMB8GA1UdIwQY
MBaAFITWAaiw6lyyTF7E+F0iZ9ghkxwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yNTA5NDYtZGE2Ni00YTk0LWJhZTYt
ZWU3N2Q3NWMzMjVlLzEvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yNTA5NDYtZGE2Ni00YTk0LWJhZTYtZWU3N2Q3NWMzMjVl
LzEvaE5ZQnFMRHFYTEpNWHNUNFhTSm4yQ0dUSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAldv2tYLv
Xp44NPs2mdHMXU/nmvy/lHohpHrg4Nkis13XsqrXUtQz9Jvn2hwCawrHHFADadu5
iKfWi2GWeqnvPIIJdUKtygd9OQzbd/YRvaC93bjOo+JNRMBHsdrV35q/+6ZTfKj4
049yRfTWH0pYxrIJ43hZ0VLPfWC1admt5xE8Lk4WDLtmdXjpbdIgkb+lnfj82sRm
/gmD9434A0Q6g5heYV63gr3OGckz2GZLqWjo47VNFxS+Y0IOXgNBOIwrTqsW++wK
oAbO2kNkbM1sEDZP9BUidR0qWVQ4oJpyjjBR6oK4SnECYbnPNnRUAGtEF7yMwxnb
nX9DdeQXfodHFw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 12:35:39 2025 by rpki-client