Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/cc2039-2451-405e-b06d-ac183a9adeb1/1/uwKqn6RfyXvbLm3I_Ap_A3HITek.mft
File:                     uwKqn6RfyXvbLm3I_Ap_A3HITek.mft (raw, json)
Hash identifier:          xUZQ/QAoAr5aOx7TsK/m4wcwOjDVXynYBqKW43JwVXM=
Subject key identifier:   25:40:6F:A4:BC:93:85:98:55:66:A9:98:64:97:BE:48:A3:3C:7C:2F
Authority key identifier: BB:02:AA:9F:A4:5F:C9:7B:DB:2E:6D:C8:FC:0A:7F:03:71:C8:4D:E9
Certificate issuer:       /CN=bb02aa9fa45fc97bdb2e6dc8fc0a7f0371c84de9
Certificate serial:       019F19B0DBB2BF361E9DC578DB7ADD4CF77E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uwKqn6RfyXvbLm3I_Ap_A3HITek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/cc2039-2451-405e-b06d-ac183a9adeb1/1/uwKqn6RfyXvbLm3I_Ap_A3HITek.mft
Manifest number:          0534
Signing time:             Tue 30 Jun 2026 18:00:48 +0000
Manifest this update:     Tue 30 Jun 2026 18:00:48 +0000
Manifest next update:     Wed 01 Jul 2026 18:00:48 +0000
Files and hashes:         1: FStRWITrx7mXYLP1GLGN2-na9w0.roa (hash: 9Kguvpi0MkdObkp26nsq/5tht75+Q0yDWXnyUXnDBmI=)
                          2: uwKqn6RfyXvbLm3I_Ap_A3HITek.crl (hash: xToVVZ8oxpkUd/hSHag2QG2QJixlPotvz99pLGsBnZc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/cc2039-2451-405e-b06d-ac183a9adeb1/1/uwKqn6RfyXvbLm3I_Ap_A3HITek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/cc2039-2451-405e-b06d-ac183a9adeb1/1/uwKqn6RfyXvbLm3I_Ap_A3HITek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uwKqn6RfyXvbLm3I_Ap_A3HITek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 18:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:b0:db:b2:bf:36:1e:9d:c5:78:db:7a:dd:4c:f7:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb02aa9fa45fc97bdb2e6dc8fc0a7f0371c84de9
        Validity
            Not Before: Jun 30 18:00:48 2026 GMT
            Not After : Jul  1 18:00:48 2026 GMT
        Subject: CN=25406fa4bc9385985566a9986497be48a33c7c2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:02:0f:64:ff:40:c7:41:1d:8d:f0:c8:d2:1e:
                    2f:62:3f:db:c9:4c:e6:1d:be:90:a5:bc:d1:64:d5:
                    a1:94:9c:89:46:79:dc:e4:a7:ea:b1:eb:12:a0:a0:
                    9b:f9:91:ab:f2:ba:5d:20:d9:62:46:bd:c7:0e:52:
                    fd:cf:23:bf:5a:3a:48:5e:29:7e:e2:19:3c:05:7f:
                    0d:60:d3:7b:89:b9:11:24:2b:69:6e:a3:7e:fa:82:
                    ec:80:26:c1:84:7c:09:70:0f:03:ae:0d:f2:e3:3f:
                    45:75:e1:6b:35:7c:0f:ef:19:24:c7:ec:62:02:0c:
                    d6:68:da:d4:6e:58:16:2f:2b:2d:9e:f8:86:21:4c:
                    de:39:05:48:2c:be:7c:f2:e4:97:38:51:e8:67:d1:
                    98:6c:c9:2e:db:6d:79:58:bd:85:ae:76:6d:1e:45:
                    4b:3a:d6:16:f2:33:e4:b5:46:5b:d5:4b:71:05:79:
                    5d:58:79:ba:e5:29:4f:17:1d:37:78:bc:39:53:15:
                    88:16:49:8d:b6:ea:53:65:db:a4:27:9c:0b:74:1f:
                    0f:d2:e0:9e:60:05:19:9e:ce:f7:27:5c:04:71:cc:
                    32:0c:aa:c0:9c:cf:eb:00:3e:1e:ec:fa:1e:5d:5e:
                    c7:b6:2b:a6:80:0f:20:04:a2:4a:2b:29:09:96:94:
                    7a:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:40:6F:A4:BC:93:85:98:55:66:A9:98:64:97:BE:48:A3:3C:7C:2F
            X509v3 Authority Key Identifier:
                keyid:BB:02:AA:9F:A4:5F:C9:7B:DB:2E:6D:C8:FC:0A:7F:03:71:C8:4D:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uwKqn6RfyXvbLm3I_Ap_A3HITek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/cc2039-2451-405e-b06d-ac183a9adeb1/1/uwKqn6RfyXvbLm3I_Ap_A3HITek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/cc2039-2451-405e-b06d-ac183a9adeb1/1/uwKqn6RfyXvbLm3I_Ap_A3HITek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:2e:92:3e:66:ad:16:53:b2:07:bb:b9:3d:72:53:ac:92:3c:
         fc:e5:2e:3e:ce:d0:ed:eb:ff:1d:20:d9:e0:be:4f:ae:0f:a3:
         9a:47:c9:ab:ba:9b:ee:d9:d6:c4:2b:66:1e:3b:b5:61:05:68:
         36:b2:06:b5:0a:2d:ba:3c:b9:19:91:c7:17:ed:8e:bc:68:26:
         45:99:09:7e:68:7b:68:18:ed:0d:44:0d:33:14:9e:a3:db:9c:
         c3:cd:a3:6a:59:b9:04:ef:d4:89:de:0d:89:d1:9c:fb:c3:21:
         82:7b:97:9c:d9:0f:93:5e:12:23:79:74:c2:85:69:90:3c:3b:
         89:52:ba:97:69:9a:52:0f:2c:84:e0:0d:a8:0a:45:fa:36:85:
         74:5c:ac:61:1f:97:34:e4:57:1f:56:2d:7a:f8:e9:08:5a:48:
         24:06:79:db:4e:48:96:be:51:1d:9e:2c:d1:0b:59:61:c2:41:
         e7:65:0c:eb:49:65:33:64:4c:ee:ff:33:2f:5e:eb:e9:66:39:
         2a:13:6a:ca:7f:69:3c:57:61:82:85:7e:37:3a:07:01:ae:42:
         f1:4c:d4:e6:e0:12:72:1f:4e:2d:af:7a:fc:d0:b3:64:49:7a:
         4c:4e:b0:24:e5:86:be:04:42:b4:ea:9d:56:70:8a:8e:42:b0:
         4e:ff:45:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZsNuyvzYencV423rdTPd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMDJhYTlmYTQ1ZmM5N2JkYjJlNmRjOGZjMGE3ZjAzNzFj
ODRkZTkwHhcNMjYwNjMwMTgwMDQ4WhcNMjYwNzAxMTgwMDQ4WjAzMTEwLwYDVQQD
EygyNTQwNmZhNGJjOTM4NTk4NTU2NmE5OTg2NDk3YmU0OGEzM2M3YzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgIPZP9Ax0EdjfDI0h4vYj/byUzm
Hb6QpbzRZNWhlJyJRnnc5KfqsesSoKCb+ZGr8rpdINliRr3HDlL9zyO/WjpIXil+
4hk8BX8NYNN7ibkRJCtpbqN++oLsgCbBhHwJcA8Drg3y4z9FdeFrNXwP7xkkx+xi
AgzWaNrUblgWLystnviGIUzeOQVILL588uSXOFHoZ9GYbMku2215WL2FrnZtHkVL
OtYW8jPktUZb1UtxBXldWHm65SlPFx03eLw5UxWIFkmNtupTZdukJ5wLdB8P0uCe
YAUZns73J1wEccwyDKrAnM/rAD4e7PoeXV7HtiumgA8gBKJKKykJlpR6LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVAb6S8k4WYVWapmGSXvkijPHwvMB8GA1UdIwQY
MBaAFLsCqp+kX8l72y5tyPwKfwNxyE3pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXdLcW42UmZ5WHZiTG0zSV9BcF9BM0hJVGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jYzIwMzktMjQ1MS00MDVlLWIwNmQt
YWMxODNhOWFkZWIxLzEvdXdLcW42UmZ5WHZiTG0zSV9BcF9BM0hJVGVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jYzIwMzktMjQ1MS00MDVlLWIwNmQtYWMxODNhOWFkZWIx
LzEvdXdLcW42UmZ5WHZiTG0zSV9BcF9BM0hJVGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPC6SPmat
FlOyB7u5PXJTrJI8/OUuPs7Q7ev/HSDZ4L5Prg+jmkfJq7qb7tnWxCtmHju1YQVo
NrIGtQotujy5GZHHF+2OvGgmRZkJfmh7aBjtDUQNMxSeo9ucw82jalm5BO/Uid4N
idGc+8MhgnuXnNkPk14SI3l0woVpkDw7iVK6l2maUg8shOANqApF+jaFdFysYR+X
NORXH1YtevjpCFpIJAZ5205Ilr5RHZ4s0QtZYcJB52UM60llM2RM7v8zL17r6WY5
KhNqyn9pPFdhgoV+NzoHAa5C8UzU5uASch9OLa96/NCzZEl6TE6wJOWGvgRCtOqd
VnCKjkKwTv9FSg==
-----END CERTIFICATE-----
Generated at Wed Jul 1 03:19:24 2026 by rpki-client