Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File:                     HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier:          APlnj5q5EZkzWd9XCOU43MbyJZl8PTW6DFWj9yFCrn0=
Subject key identifier:   DB:CF:F1:90:E4:55:E7:52:5B:67:3C:0E:13:3E:B7:88:91:58:33:9E
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer:       /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial:       019760CBC49FEDEF84502FBBFBD276CB7057
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number:          158C
Signing time:             Wed 11 Jun 2025 21:00:56 +0000
Manifest this update:     Wed 11 Jun 2025 21:00:56 +0000
Manifest next update:     Thu 12 Jun 2025 21:00:56 +0000
Files and hashes:         1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=)
                          2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: somcG5iantFnFnH4wOIMBS0Q87pOkmZdgPRcJDtZoB4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:cb:c4:9f:ed:ef:84:50:2f:bb:fb:d2:76:cb:70:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
        Validity
            Not Before: Jun 11 21:00:56 2025 GMT
            Not After : Jun 12 21:00:56 2025 GMT
        Subject: CN=dbcff190e455e7525b673c0e133eb7889158339e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:89:98:9e:90:7d:1a:17:6f:74:6e:ce:9f:4f:
                    0c:53:08:f9:72:1b:38:3d:52:18:71:80:4f:07:bc:
                    c2:61:8b:2c:26:56:bc:0f:d6:68:a5:c1:9a:76:93:
                    b1:0b:81:63:c8:41:6e:4f:87:4e:94:f5:de:7d:8a:
                    68:7a:d7:b6:84:e1:fe:e3:51:cf:dc:6f:d0:4d:de:
                    2e:a3:2c:25:81:ca:42:ec:a8:fe:2c:60:bc:05:19:
                    7d:70:8a:90:6b:c7:b4:e0:9f:42:7b:42:16:d9:d3:
                    1f:82:f0:4f:a4:a3:48:03:04:b7:df:1e:5c:db:2f:
                    79:28:25:c1:ec:89:96:72:0b:2a:36:b4:1c:73:a2:
                    3d:57:06:84:18:4f:bd:bd:bf:69:c3:aa:47:a2:34:
                    5e:8f:6f:05:45:ae:00:03:67:53:bd:50:80:f7:dc:
                    85:f8:f8:36:68:f1:29:8d:5a:65:5a:09:aa:9f:b5:
                    b6:38:ea:07:b0:03:80:35:fe:65:a0:17:57:fe:33:
                    85:91:75:a2:bc:b3:81:74:a3:bb:5e:c9:1d:c7:be:
                    2c:b8:93:5d:06:f4:2c:10:f4:b7:7a:1f:4b:23:d4:
                    07:e0:1e:95:c0:fc:5a:22:be:ab:ea:96:3e:f4:b2:
                    a2:31:30:80:d2:c5:f5:c9:b0:d5:23:cf:46:28:7a:
                    82:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:CF:F1:90:E4:55:E7:52:5B:67:3C:0E:13:3E:B7:88:91:58:33:9E
            X509v3 Authority Key Identifier:
                keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:b7:25:b3:2d:d6:ca:84:5a:fb:78:e2:ca:0f:6e:22:24:db:
         63:ae:b8:34:8d:f4:0f:60:63:fd:f0:92:b5:8e:c4:4a:30:de:
         0f:97:8a:cf:d7:dd:46:d5:13:45:ec:41:1f:32:ad:6b:24:cc:
         a3:52:83:3e:06:14:50:29:45:a6:8c:6c:9e:b9:8b:2a:54:a9:
         b7:a0:e0:13:5d:82:bf:94:4d:df:d8:b0:78:18:dd:a1:e0:b6:
         57:0e:c5:ac:2f:91:29:c3:1f:60:f3:cd:75:b8:83:fd:54:4f:
         54:14:6a:69:e7:40:cc:9a:0d:af:42:cb:83:d7:0e:24:7e:c0:
         40:5b:52:9b:09:da:ce:43:0d:55:89:db:ce:41:62:92:3e:0b:
         29:87:c4:0b:8f:7e:29:e7:8d:57:61:15:8d:03:59:67:7d:95:
         c1:69:1e:d1:c0:dc:86:63:c6:db:3d:5d:e2:45:50:c6:06:3e:
         10:bb:fe:6f:6b:af:f6:77:cf:19:b5:20:a7:5d:31:eb:9d:cb:
         5f:fc:88:c0:70:27:b2:3f:0d:bf:94:5f:5a:1e:ab:b0:2b:01:
         f8:ef:28:bd:a3:83:dd:9c:0d:e6:d9:f1:02:c3:92:64:2f:ac:
         9d:fe:06:39:a2:2b:62:fa:60:aa:e9:24:4c:f4:8e:88:7c:4a:
         f4:7c:11:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgy8Sf7e+EUC+7+9J2y3BXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjUwNjExMjEwMDU2WhcNMjUwNjEyMjEwMDU2WjAzMTEwLwYDVQQD
EyhkYmNmZjE5MGU0NTVlNzUyNWI2NzNjMGUxMzNlYjc4ODkxNTgzMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ImYnpB9GhdvdG7On08MUwj5chs4
PVIYcYBPB7zCYYssJla8D9ZopcGadpOxC4FjyEFuT4dOlPXefYpoete2hOH+41HP
3G/QTd4uoywlgcpC7Kj+LGC8BRl9cIqQa8e04J9Ce0IW2dMfgvBPpKNIAwS33x5c
2y95KCXB7ImWcgsqNrQcc6I9VwaEGE+9vb9pw6pHojRej28FRa4AA2dTvVCA99yF
+Pg2aPEpjVplWgmqn7W2OOoHsAOANf5loBdX/jOFkXWivLOBdKO7Xskdx74suJNd
BvQsEPS3eh9LI9QH4B6VwPxaIr6r6pY+9LKiMTCA0sX1ybDVI89GKHqCgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvP8ZDkVedSW2c8DhM+t4iRWDOeMB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLclsy3W
yoRa+3jiyg9uIiTbY664NI30D2Bj/fCStY7ESjDeD5eKz9fdRtUTRexBHzKtayTM
o1KDPgYUUClFpoxsnrmLKlSpt6DgE12Cv5RN39iweBjdoeC2Vw7FrC+RKcMfYPPN
dbiD/VRPVBRqaedAzJoNr0LLg9cOJH7AQFtSmwnazkMNVYnbzkFikj4LKYfEC49+
KeeNV2EVjQNZZ32VwWke0cDchmPG2z1d4kVQxgY+ELv+b2uv9nfPGbUgp10x653L
X/yIwHAnsj8Nv5RfWh6rsCsB+O8ovaOD3ZwN5tnxAsOSZC+snf4GOaIrYvpgqukk
TPSOiHxK9HwRrw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 23:50:58 2025 by rpki-client