Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
File:                     H0qus-K3pD3wHzHVGiDvIlXOr-M.mft (raw, json)
Hash identifier:          w+0FEfW1OlZ3LnLCWOB8P9xmRpCjTmMzxag/sJRVkac=
Subject key identifier:   E2:7F:42:F2:A4:FE:43:56:68:FB:04:54:A6:FC:F8:56:18:8D:DA:03
Authority key identifier: 1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3
Certificate issuer:       /CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
Certificate serial:       0199FDD90A8EF071852A435F695BC581C118
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
Manifest number:          0584
Signing time:             Sun 19 Oct 2025 19:01:23 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:23 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:23 +0000
Files and hashes:         1: H0qus-K3pD3wHzHVGiDvIlXOr-M.crl (hash: Fl4ojI+YjHXB7J4pw40ZsFckypx3Y6krE7Xf5qJy898=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:0a:8e:f0:71:85:2a:43:5f:69:5b:c5:81:c1:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
        Validity
            Not Before: Oct 19 19:01:23 2025 GMT
            Not After : Oct 20 19:01:23 2025 GMT
        Subject: CN=e27f42f2a4fe435668fb0454a6fcf856188dda03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f3:c0:18:0a:d6:e7:04:b5:d7:fd:e1:b0:60:
                    bb:3d:dd:b2:b2:6e:cb:90:c4:6c:2e:cb:6b:71:1a:
                    e6:71:aa:dc:c6:61:d2:a1:0e:23:75:20:69:26:7e:
                    e9:eb:32:a8:11:de:01:ff:6f:5f:30:58:8c:85:88:
                    cf:24:01:9d:1b:d6:7c:0d:a2:3b:c6:c2:65:4b:5d:
                    22:28:3c:0c:1d:20:95:2e:24:14:c4:76:2a:6b:f3:
                    7b:2a:6f:4f:35:5a:61:aa:fc:52:7a:3c:84:b8:09:
                    fe:10:42:59:e7:ef:59:a2:71:84:a2:25:af:01:3e:
                    dd:5a:fa:e8:03:fb:59:ba:88:15:2e:b4:93:0c:55:
                    48:c8:34:60:ed:92:ad:22:dd:a8:86:cb:1a:da:85:
                    ab:1c:c2:76:34:e6:c1:1e:33:c6:d0:d8:bf:56:d7:
                    14:c7:4e:08:ef:98:3a:15:89:0c:d3:85:5c:67:96:
                    22:3b:b2:01:b5:3e:31:43:b7:43:3b:96:9f:9b:2e:
                    b4:7f:b5:3b:48:98:9d:b9:ce:61:93:21:e9:4c:83:
                    d4:de:66:80:87:b2:95:74:c4:b6:97:06:8e:91:91:
                    fb:50:e0:bf:6d:0e:c9:e7:22:59:ff:81:74:1d:b7:
                    15:c0:a0:7d:48:08:a6:fe:0a:90:e1:ee:49:a5:f3:
                    b3:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:7F:42:F2:A4:FE:43:56:68:FB:04:54:A6:FC:F8:56:18:8D:DA:03
            X509v3 Authority Key Identifier:
                keyid:1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:7f:72:da:d5:be:5e:ad:07:e7:a1:8d:12:97:f4:13:b4:86:
         8c:02:ba:0a:75:db:89:fc:c6:90:c1:3b:3b:6c:23:c5:6c:9b:
         72:de:46:3e:a6:e6:c1:89:e1:69:96:15:6b:90:05:88:c9:fc:
         eb:59:f9:60:7f:fa:05:b0:bf:2d:37:a1:1b:c5:51:2e:6a:db:
         5c:a3:eb:f9:41:9d:62:ea:c8:37:e4:81:a2:65:61:c8:4a:16:
         43:f6:c4:3d:23:0a:3b:57:ba:66:7d:66:2a:76:12:b6:96:a6:
         df:81:5e:35:c1:16:ed:89:87:32:b1:fb:a5:fe:e6:d7:78:6d:
         78:22:9d:5a:20:fc:bf:51:6a:20:b9:23:cc:4b:56:e1:fa:85:
         fa:16:30:d9:e2:ab:c5:ca:b1:19:d8:50:15:64:25:73:de:34:
         6b:e6:c9:b2:cb:81:26:41:78:70:04:9e:15:2c:5d:f6:d7:53:
         74:fe:fe:c6:95:66:e0:41:c4:09:0f:3e:24:15:e1:05:2a:85:
         b1:c0:dc:90:a1:ac:01:32:ed:7a:81:79:19:5d:78:8b:db:15:
         02:cd:c9:96:02:a1:fc:24:44:75:2d:6c:32:7f:44:2c:19:a6:
         b4:5c:71:24:33:bf:5d:66:d1:6e:3d:d8:f8:78:96:13:c6:1b:
         d4:55:3e:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92QqO8HGFKkNfaVvFgcEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNGFhZWIzZTJiN2E0M2RmMDFmMzFkNTFhMjBlZjIyNTVj
ZWFmZTMwHhcNMjUxMDE5MTkwMTIzWhcNMjUxMDIwMTkwMTIzWjAzMTEwLwYDVQQD
EyhlMjdmNDJmMmE0ZmU0MzU2NjhmYjA0NTRhNmZjZjg1NjE4OGRkYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfPAGArW5wS11/3hsGC7Pd2ysm7L
kMRsLstrcRrmcarcxmHSoQ4jdSBpJn7p6zKoEd4B/29fMFiMhYjPJAGdG9Z8DaI7
xsJlS10iKDwMHSCVLiQUxHYqa/N7Km9PNVphqvxSejyEuAn+EEJZ5+9ZonGEoiWv
AT7dWvroA/tZuogVLrSTDFVIyDRg7ZKtIt2ohssa2oWrHMJ2NObBHjPG0Ni/VtcU
x04I75g6FYkM04VcZ5YiO7IBtT4xQ7dDO5afmy60f7U7SJiduc5hkyHpTIPU3maA
h7KVdMS2lwaOkZH7UOC/bQ7J5yJZ/4F0HbcVwKB9SAim/gqQ4e5JpfOz+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJ/QvKk/kNWaPsEVKb8+FYYjdoDMB8GA1UdIwQY
MBaAFB9KrrPit6Q98B8x1Rog7yJVzq/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMt
ZTE4NDJiZTQxMmQxLzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMtZTE4NDJiZTQxMmQx
LzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACn9y2tW+
Xq0H56GNEpf0E7SGjAK6CnXbifzGkME7O2wjxWybct5GPqbmwYnhaZYVa5AFiMn8
61n5YH/6BbC/LTehG8VRLmrbXKPr+UGdYurIN+SBomVhyEoWQ/bEPSMKO1e6Zn1m
KnYStpam34FeNcEW7YmHMrH7pf7m13hteCKdWiD8v1FqILkjzEtW4fqF+hYw2eKr
xcqxGdhQFWQlc940a+bJssuBJkF4cASeFSxd9tdTdP7+xpVm4EHECQ8+JBXhBSqF
scDckKGsATLteoF5GV14i9sVAs3JlgKh/CREdS1sMn9ELBmmtFxxJDO/XWbRbj3Y
+HiWE8Yb1FU+ZA==
-----END CERTIFICATE-----