Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          QRLcMhajZJLDHreol6i3uYmnanvPz6sMUV4hiJRmlK8=
Subject key identifier:   A5:A0:61:95:80:8A:AE:F9:41:4D:29:67:0F:22:1F:91:88:14:79:0F
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       0199221EA4B1BE43AF5A6FF19CCEE24C751D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          166C
Signing time:             Sun 07 Sep 2025 03:00:57 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:57 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:57 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: 6spavRvYPnEkJ4nPLr5tyd+fi9+QRUxicdPQqzU7dFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:a4:b1:be:43:af:5a:6f:f1:9c:ce:e2:4c:75:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Sep  7 03:00:57 2025 GMT
            Not After : Sep  8 03:00:57 2025 GMT
        Subject: CN=a5a06195808aaef9414d29670f221f918814790f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a5:4f:4f:0a:88:31:05:de:e2:91:b2:6b:74:
                    2f:81:84:c7:50:b3:b8:a5:d1:0e:bd:15:fc:8c:51:
                    3e:86:9e:bc:26:24:a8:04:29:14:ab:82:2b:b1:72:
                    d9:e9:78:78:8d:ff:78:28:c9:af:31:51:30:2a:fc:
                    7e:49:ae:b2:10:a3:64:b4:05:5e:71:b4:32:ca:fa:
                    7d:cc:94:e8:f2:45:93:5b:f5:4b:b9:fb:39:44:83:
                    8c:22:4d:cd:6a:ff:d1:0d:2c:5f:7d:c5:61:fb:ae:
                    bd:b9:ac:05:e5:bf:9e:24:70:89:bf:71:37:9a:94:
                    2b:bb:0f:13:b6:db:bc:73:bf:83:af:0e:65:11:b5:
                    95:4a:f0:ce:f6:9a:21:66:a2:0b:da:78:75:a7:f8:
                    42:d9:90:e9:d7:ca:9f:aa:a5:fd:0e:6b:a1:3e:1f:
                    0a:38:8b:68:7c:6c:b5:83:4d:97:df:75:fe:16:79:
                    87:bd:36:1b:35:66:be:56:aa:ce:ed:ff:46:88:c8:
                    2b:88:df:6c:70:12:e2:72:2f:0d:11:2f:71:34:d9:
                    ed:83:86:7c:cd:fb:33:e6:00:68:7a:06:65:92:3b:
                    01:fd:5a:d7:97:0e:b1:9f:40:ee:1b:27:4d:61:81:
                    04:cc:89:7a:da:e3:57:c2:11:82:cd:9c:2a:8e:88:
                    89:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:A0:61:95:80:8A:AE:F9:41:4D:29:67:0F:22:1F:91:88:14:79:0F
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:0b:67:94:d6:fd:91:d9:4a:6d:89:42:4f:da:5b:42:30:f1:
         86:61:14:92:4e:3a:07:da:77:83:e4:b8:b7:04:97:96:51:e6:
         11:20:e2:c1:bf:04:73:8f:78:db:89:c8:3f:2d:8c:1b:2f:e8:
         dc:30:e5:d6:83:28:c3:14:24:97:07:44:d1:6d:37:9f:17:bf:
         82:aa:e6:ab:49:a7:af:9c:c8:d4:ad:52:df:e0:0e:c4:82:2c:
         bc:b9:cd:4b:1c:a8:b2:a3:41:35:14:83:af:f2:30:78:e1:9e:
         d0:94:98:5d:01:8a:36:20:1a:d0:09:58:dd:19:88:54:fc:78:
         a0:92:67:af:87:77:06:b3:0a:d6:31:3c:65:b0:16:f1:ad:29:
         bf:c8:8f:2f:2e:2b:52:b1:d7:41:52:e7:1e:6c:b9:38:04:a7:
         72:ef:ff:25:bd:3a:89:47:2a:3c:34:ad:8c:24:d9:58:60:6e:
         c6:3e:6b:0b:9f:2a:1a:b2:82:d1:fb:73:33:18:19:46:e8:76:
         91:21:c1:5a:5a:84:de:fa:ac:a3:13:a3:33:91:a8:04:74:5e:
         14:27:cc:04:b4:5d:64:13:78:9d:fe:84:26:d7:d3:7e:e2:01:
         61:c9:c9:3d:88:b4:19:40:d8:eb:e8:27:84:2f:ff:66:6f:cd:
         71:a6:b0:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHqSxvkOvWm/xnM7iTHUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjUwOTA3MDMwMDU3WhcNMjUwOTA4MDMwMDU3WjAzMTEwLwYDVQQD
EyhhNWEwNjE5NTgwOGFhZWY5NDE0ZDI5NjcwZjIyMWY5MTg4MTQ3OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKVPTwqIMQXe4pGya3QvgYTHULO4
pdEOvRX8jFE+hp68JiSoBCkUq4IrsXLZ6Xh4jf94KMmvMVEwKvx+Sa6yEKNktAVe
cbQyyvp9zJTo8kWTW/VLufs5RIOMIk3Nav/RDSxffcVh+669uawF5b+eJHCJv3E3
mpQruw8Tttu8c7+Drw5lEbWVSvDO9pohZqIL2nh1p/hC2ZDp18qfqqX9DmuhPh8K
OItofGy1g02X33X+FnmHvTYbNWa+VqrO7f9GiMgriN9scBLici8NES9xNNntg4Z8
zfsz5gBoegZlkjsB/VrXlw6xn0DuGydNYYEEzIl62uNXwhGCzZwqjoiJQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWgYZWAiq75QU0pZw8iH5GIFHkPMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPAtnlNb9
kdlKbYlCT9pbQjDxhmEUkk46B9p3g+S4twSXllHmESDiwb8Ec49424nIPy2MGy/o
3DDl1oMowxQklwdE0W03nxe/gqrmq0mnr5zI1K1S3+AOxIIsvLnNSxyosqNBNRSD
r/IweOGe0JSYXQGKNiAa0AlY3RmIVPx4oJJnr4d3BrMK1jE8ZbAW8a0pv8iPLy4r
UrHXQVLnHmy5OASncu//Jb06iUcqPDStjCTZWGBuxj5rC58qGrKC0ftzMxgZRuh2
kSHBWlqE3vqsoxOjM5GoBHReFCfMBLRdZBN4nf6EJtfTfuIBYcnJPYi0GUDY6+gn
hC//Zm/Ncaawcg==
-----END CERTIFICATE-----