Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
File:                     HY-s3UFcS7p4J3uj57D-I9Klobg.mft (raw, json)
Hash identifier:          wpHNtfHloChs2l5jsjQNkelmPtuIOyFY33qvYxYUn70=
Subject key identifier:   2F:5F:42:6B:93:5A:70:A8:8F:68:38:79:B8:53:01:80:9D:50:BB:3E
Authority key identifier: 1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8
Certificate issuer:       /CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
Certificate serial:       019916F5F90A3A9DA556353077BCD21A980C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
Manifest number:          020A
Signing time:             Thu 04 Sep 2025 23:00:42 +0000
Manifest this update:     Thu 04 Sep 2025 23:00:42 +0000
Manifest next update:     Fri 05 Sep 2025 23:00:42 +0000
Files and hashes:         1: HY-s3UFcS7p4J3uj57D-I9Klobg.crl (hash: BbaC//CLexOSy7ifIlCShtSDBQQz78leFvBK1+gNbfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:f5:f9:0a:3a:9d:a5:56:35:30:77:bc:d2:1a:98:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
        Validity
            Not Before: Sep  4 23:00:42 2025 GMT
            Not After : Sep  5 23:00:42 2025 GMT
        Subject: CN=2f5f426b935a70a88f683879b85301809d50bb3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:06:d5:15:13:f2:c3:7b:cc:6f:e3:5e:81:22:
                    a8:6a:48:04:d9:02:e7:73:8d:b9:9c:2c:a6:c1:8c:
                    14:08:e6:2a:91:8a:dd:20:ce:55:bf:24:5e:ac:87:
                    7a:6b:a3:5b:96:f9:0c:91:ea:f7:9f:f8:26:32:50:
                    81:89:dd:1b:c0:7a:fb:c6:90:76:9b:36:8c:d7:a4:
                    2e:0d:d9:a5:c7:d0:14:63:40:84:b1:f3:db:8a:cd:
                    af:7c:44:92:66:2b:c6:68:f9:f9:3c:25:fc:fd:3b:
                    79:8f:57:59:b4:34:e9:bd:11:c9:ed:9e:0b:9d:56:
                    b7:a7:7d:fe:7c:15:f6:48:69:d2:8a:a7:f1:2f:fc:
                    09:0a:78:da:4a:4e:1c:e4:c3:32:ee:f8:78:f5:83:
                    4e:5b:07:c1:7a:2d:e0:00:a6:98:d4:30:78:a2:fa:
                    0e:e1:de:09:57:88:ad:38:6c:3a:34:1a:3f:1e:79:
                    36:d7:4c:6c:4b:c5:23:ed:6f:40:88:5a:a4:e2:2b:
                    1c:7d:a2:b5:65:ed:48:bc:da:17:7c:42:9b:c8:80:
                    6a:2b:b7:c9:f3:e4:d7:9d:c7:c5:06:ea:87:89:7b:
                    86:16:a6:26:10:06:20:fb:b6:99:eb:89:e5:da:ed:
                    97:84:74:96:d6:8a:82:8b:2f:90:c2:ac:d8:31:ad:
                    90:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:5F:42:6B:93:5A:70:A8:8F:68:38:79:B8:53:01:80:9D:50:BB:3E
            X509v3 Authority Key Identifier:
                keyid:1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:c1:fc:f5:7a:35:89:c6:0b:3f:49:f6:c4:ab:9a:a1:96:42:
         c7:7e:ba:2c:01:d5:08:09:10:bf:04:ed:01:b2:8e:2c:11:ce:
         d1:54:bf:cc:73:9b:96:c8:fb:64:d3:eb:bc:28:b8:cf:00:97:
         17:84:e3:a8:89:82:8e:59:5f:6b:38:21:db:ab:9d:18:8e:c8:
         f2:85:3c:10:22:3d:e4:79:d9:09:35:0f:da:15:1a:c4:32:0a:
         82:64:7b:88:75:2f:cf:3d:19:b6:0b:4e:eb:84:80:e7:63:6e:
         0c:85:3c:5d:d0:79:11:a9:36:c9:c8:d2:53:94:33:c7:e6:59:
         18:a0:23:08:b7:37:a7:dc:b0:d2:61:83:0b:be:99:91:81:4e:
         d7:ba:08:15:23:0d:92:5c:2e:b4:3b:a4:cc:c8:29:a1:c4:0f:
         70:7f:8d:4d:03:61:b9:94:b8:69:6b:04:e1:3a:dd:38:e4:c2:
         71:4b:9a:f7:ff:5b:b1:73:1e:82:fc:04:ef:ad:05:e2:e6:93:
         73:84:e1:c3:66:95:cc:e7:65:f5:83:d6:18:a9:08:c5:c3:47:
         46:9c:4b:e0:94:92:2b:7b:21:bd:7a:5c:17:7b:2f:17:25:21:
         b9:0e:6f:a2:af:cf:9f:22:f0:e6:df:d2:19:8d:79:bf:02:40:
         7e:2b:0c:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkW9fkKOp2lVjUwd7zSGpgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOGZhY2RkNDE1YzRiYmE3ODI3N2JhM2U3YjBmZTIzZDJh
NWExYjgwHhcNMjUwOTA0MjMwMDQyWhcNMjUwOTA1MjMwMDQyWjAzMTEwLwYDVQQD
EygyZjVmNDI2YjkzNWE3MGE4OGY2ODM4NzliODUzMDE4MDlkNTBiYjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQbVFRPyw3vMb+NegSKoakgE2QLn
c425nCymwYwUCOYqkYrdIM5VvyRerId6a6NblvkMker3n/gmMlCBid0bwHr7xpB2
mzaM16QuDdmlx9AUY0CEsfPbis2vfESSZivGaPn5PCX8/Tt5j1dZtDTpvRHJ7Z4L
nVa3p33+fBX2SGnSiqfxL/wJCnjaSk4c5MMy7vh49YNOWwfBei3gAKaY1DB4ovoO
4d4JV4itOGw6NBo/Hnk210xsS8Uj7W9AiFqk4iscfaK1Ze1IvNoXfEKbyIBqK7fJ
8+TXncfFBuqHiXuGFqYmEAYg+7aZ64nl2u2XhHSW1oqCiy+QwqzYMa2QtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9fQmuTWnCoj2g4ebhTAYCdULs+MB8GA1UdIwQY
MBaAFB2PrN1BXEu6eCd7o+ew/iPSpaG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUt
MjFjZmM4M2FlZWM2LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUtMjFjZmM4M2FlZWM2
LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk8H89Xo1
icYLP0n2xKuaoZZCx366LAHVCAkQvwTtAbKOLBHO0VS/zHOblsj7ZNPrvCi4zwCX
F4TjqImCjllfazgh26udGI7I8oU8ECI95HnZCTUP2hUaxDIKgmR7iHUvzz0ZtgtO
64SA52NuDIU8XdB5Eak2ycjSU5Qzx+ZZGKAjCLc3p9yw0mGDC76ZkYFO17oIFSMN
klwutDukzMgpocQPcH+NTQNhuZS4aWsE4TrdOOTCcUua9/9bsXMegvwE760F4uaT
c4Thw2aVzOdl9YPWGKkIxcNHRpxL4JSSK3shvXpcF3svFyUhuQ5voq/PnyLw5t/S
GY15vwJAfisMDg==
-----END CERTIFICATE-----