Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
File:                     HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json)
Hash identifier:          efZFxUP7kQ7cdj89GnHQFt/tZAUyIKfYa5SJWlZ6sNA=
Subject key identifier:   A0:15:7A:CB:CB:E2:AD:95:82:2D:59:0C:D5:E8:D6:68:08:7E:64:F9
Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71
Certificate issuer:       /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
Certificate serial:       0199161C4B03C545CEBC0AD389DF2FADE057
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
Manifest number:          049F
Signing time:             Thu 04 Sep 2025 19:02:56 +0000
Manifest this update:     Thu 04 Sep 2025 19:02:56 +0000
Manifest next update:     Fri 05 Sep 2025 19:02:56 +0000
Files and hashes:         1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: mHWVg7PP3BZeba/b5GEYXD9iNaZYuwZwo0P4SZm6CDE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:02:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:1c:4b:03:c5:45:ce:bc:0a:d3:89:df:2f:ad:e0:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
        Validity
            Not Before: Sep  4 19:02:56 2025 GMT
            Not After : Sep  5 19:02:56 2025 GMT
        Subject: CN=a0157acbcbe2ad95822d590cd5e8d668087e64f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:78:7a:80:2c:48:39:69:cb:19:f3:88:8c:40:
                    de:ba:45:1c:ac:4e:0a:b4:60:ab:d2:a6:5b:19:f4:
                    1f:b8:94:7f:07:4d:60:e7:bd:e4:c3:03:a6:a0:6f:
                    f6:2a:66:08:b7:c3:ca:f3:26:07:36:b0:e5:b5:a7:
                    e8:e7:7e:10:c5:e3:7b:5a:96:cc:81:25:5c:87:01:
                    43:99:47:c5:33:70:e5:91:71:46:14:d2:0f:93:e9:
                    5b:b1:d6:67:7d:ee:6a:b5:06:37:96:7e:38:4d:ea:
                    79:20:21:86:32:70:e1:90:ea:ca:b5:99:03:a1:99:
                    76:e7:8a:67:54:02:11:64:04:2c:07:8b:7a:3f:a8:
                    4a:25:0a:eb:59:ae:e8:0a:e2:c1:7e:15:1c:41:cb:
                    5f:56:b9:35:64:3f:bd:0f:39:b6:ab:1b:fd:cb:92:
                    0a:b3:17:2c:44:af:b1:1b:c6:2b:27:7f:24:43:13:
                    8f:c1:90:92:c4:c5:a4:40:a8:d7:9b:94:7f:48:53:
                    c7:9f:94:84:59:38:c3:a5:59:be:7f:77:e5:c1:c6:
                    4c:81:7c:92:f4:2e:c1:63:80:ce:f8:17:b2:93:a0:
                    55:70:05:91:3c:d8:d8:6b:8b:f5:8e:4f:cd:71:4a:
                    09:27:5e:5c:ff:57:ad:a6:41:fd:e7:7a:43:1f:c3:
                    2f:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:15:7A:CB:CB:E2:AD:95:82:2D:59:0C:D5:E8:D6:68:08:7E:64:F9
            X509v3 Authority Key Identifier:
                keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:e0:0d:ae:ba:e6:db:4a:08:6e:d0:c1:7a:49:20:68:00:fe:
         90:24:2a:26:58:99:1e:e5:f8:c3:30:77:99:2c:44:2c:88:d9:
         16:3e:3a:e2:83:c2:92:14:f4:a9:59:dc:ca:67:6b:97:c8:d1:
         09:a6:1f:f7:29:5f:07:4a:bc:85:ee:40:2c:8c:b7:0d:56:f5:
         9a:44:19:7f:80:66:20:1b:44:6f:75:91:27:75:f9:c6:3a:22:
         d6:3c:1f:08:40:ac:23:d9:cc:fd:a8:6e:f4:bd:28:b2:8a:11:
         a6:76:31:1b:0f:37:5b:90:1b:dc:ce:04:6d:fe:2c:45:06:02:
         f7:5d:3e:8c:7f:fd:fc:49:0a:7e:04:f5:89:b7:93:7b:1b:06:
         bc:dc:b6:fe:fe:73:c6:00:a1:23:28:18:e6:a9:48:b1:0a:f5:
         fc:18:b9:91:23:da:fc:02:63:08:e8:3b:18:6b:6a:7e:02:43:
         d6:04:20:a9:6e:0a:95:43:c4:38:f7:8e:19:c1:38:56:6e:2e:
         0d:cf:b0:f3:b3:e7:aa:24:52:16:17:c0:09:20:99:88:a7:ab:
         9f:cd:5d:3a:03:cb:ed:f5:e4:6f:c8:40:2f:9f:24:e8:77:2a:
         5a:dc:a1:aa:e6:19:b0:40:5c:61:3a:b7:59:60:64:62:44:7a:
         b5:da:36:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWHEsDxUXOvArTid8vreBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx
MzI4NzEwHhcNMjUwOTA0MTkwMjU2WhcNMjUwOTA1MTkwMjU2WjAzMTEwLwYDVQQD
EyhhMDE1N2FjYmNiZTJhZDk1ODIyZDU5MGNkNWU4ZDY2ODA4N2U2NGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHh6gCxIOWnLGfOIjEDeukUcrE4K
tGCr0qZbGfQfuJR/B01g573kwwOmoG/2KmYIt8PK8yYHNrDltafo534QxeN7WpbM
gSVchwFDmUfFM3DlkXFGFNIPk+lbsdZnfe5qtQY3ln44Tep5ICGGMnDhkOrKtZkD
oZl254pnVAIRZAQsB4t6P6hKJQrrWa7oCuLBfhUcQctfVrk1ZD+9Dzm2qxv9y5IK
sxcsRK+xG8YrJ38kQxOPwZCSxMWkQKjXm5R/SFPHn5SEWTjDpVm+f3flwcZMgXyS
9C7BY4DO+Beyk6BVcAWRPNjYa4v1jk/NcUoJJ15c/1etpkH953pDH8MvYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAVesvL4q2Vgi1ZDNXo1mgIfmT5MB8GA1UdIwQY
MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt
NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl
LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI+ANrrrm
20oIbtDBekkgaAD+kCQqJliZHuX4wzB3mSxELIjZFj464oPCkhT0qVncymdrl8jR
CaYf9ylfB0q8he5ALIy3DVb1mkQZf4BmIBtEb3WRJ3X5xjoi1jwfCECsI9nM/ahu
9L0osooRpnYxGw83W5Ab3M4Ebf4sRQYC910+jH/9/EkKfgT1ibeTexsGvNy2/v5z
xgChIygY5qlIsQr1/Bi5kSPa/AJjCOg7GGtqfgJD1gQgqW4KlUPEOPeOGcE4Vm4u
Dc+w87PnqiRSFhfACSCZiKern81dOgPL7fXkb8hAL58k6HcqWtyhquYZsEBcYTq3
WWBkYkR6tdo2WA==
-----END CERTIFICATE-----