Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft
File:                     HwGmewzRspUViU7OlrUurL4EG9Q.mft (raw, json)
Hash identifier:          eT9Hdn7iDX9Fh5F9cczYXSPLFUKQuZYHXYeuoEqCQTU=
Subject key identifier:   A4:04:4A:A6:C1:AA:CB:DE:22:5E:5D:69:F7:0A:0C:26:03:79:78:02
Authority key identifier: 1F:01:A6:7B:0C:D1:B2:95:15:89:4E:CE:96:B5:2E:AC:BE:04:1B:D4
Certificate issuer:       /CN=1f01a67b0cd1b29515894ece96b52eacbe041bd4
Certificate serial:       0199FBB36A3A469A9DFAD4F160E615C27FA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HwGmewzRspUViU7OlrUurL4EG9Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft
Manifest number:          0A14
Signing time:             Sun 19 Oct 2025 09:01:03 +0000
Manifest this update:     Sun 19 Oct 2025 09:01:03 +0000
Manifest next update:     Mon 20 Oct 2025 09:01:03 +0000
Files and hashes:         1: HwGmewzRspUViU7OlrUurL4EG9Q.crl (hash: fLUwOTkW6OSynrfgiVI4XZNXpZBPXP4802NPtz+s/4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HwGmewzRspUViU7OlrUurL4EG9Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:b3:6a:3a:46:9a:9d:fa:d4:f1:60:e6:15:c2:7f:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f01a67b0cd1b29515894ece96b52eacbe041bd4
        Validity
            Not Before: Oct 19 09:01:03 2025 GMT
            Not After : Oct 20 09:01:03 2025 GMT
        Subject: CN=a4044aa6c1aacbde225e5d69f70a0c2603797802
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:c1:df:50:94:01:b7:8a:a8:49:69:31:9c:bd:
                    da:50:0e:a0:9c:38:7b:0f:ee:c5:df:db:85:a6:c2:
                    ea:63:ea:42:fd:b7:66:28:2b:73:71:07:44:0e:7a:
                    54:1d:b2:1e:83:23:5c:1e:fb:a0:44:d9:19:67:e6:
                    1b:06:3a:c3:d3:f3:a4:be:72:39:99:9a:02:0e:51:
                    94:73:e8:07:d9:a5:33:5c:48:82:49:e0:36:36:af:
                    14:d2:a8:a8:de:92:ea:38:90:72:3d:36:eb:ab:16:
                    69:01:93:0e:1c:8b:4f:5e:f4:95:d4:6a:d3:b6:cb:
                    87:b9:67:c7:c4:b4:e6:5d:58:50:d7:a9:bc:93:36:
                    e0:36:a8:7f:c2:89:0a:d5:7f:66:32:bd:52:d6:cd:
                    2c:ab:6d:e4:ac:63:82:3b:a8:69:34:c0:2b:71:8f:
                    03:60:dc:83:25:ac:7a:43:ce:96:b4:fc:92:43:a5:
                    4f:da:fc:2b:52:f5:ce:27:2c:a4:66:c9:60:b6:ae:
                    1d:41:e9:8c:a7:a4:42:02:41:23:49:60:59:1a:f4:
                    ee:59:33:d0:70:49:8e:53:58:d5:f0:74:f7:75:51:
                    db:16:60:47:af:79:58:03:86:30:6b:32:94:d5:6a:
                    12:62:94:d7:05:3c:71:cc:59:aa:40:07:34:17:cd:
                    32:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:04:4A:A6:C1:AA:CB:DE:22:5E:5D:69:F7:0A:0C:26:03:79:78:02
            X509v3 Authority Key Identifier:
                keyid:1F:01:A6:7B:0C:D1:B2:95:15:89:4E:CE:96:B5:2E:AC:BE:04:1B:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwGmewzRspUViU7OlrUurL4EG9Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:1e:73:f5:97:0e:e7:79:ee:83:d1:19:8b:4e:e5:7f:6c:cf:
         b3:d6:67:d3:47:24:17:16:82:c0:f7:c2:ba:7b:37:1e:b6:31:
         87:43:33:16:4a:d7:8d:da:7a:2e:87:41:dd:80:b4:a6:be:10:
         ca:22:1b:aa:ee:26:2d:e0:9c:b6:f2:05:4a:c8:ed:00:26:f8:
         bd:2e:f5:16:2b:5e:4c:b8:80:19:af:9a:e0:e0:6c:fd:5a:fa:
         44:2b:dd:e4:2a:1e:11:38:19:11:a1:d1:18:59:aa:46:fa:37:
         c7:41:f6:e7:48:8a:fc:0d:f1:8f:6c:a5:60:bf:31:73:18:09:
         51:a3:2c:e3:23:ce:ae:97:d6:f8:d6:c7:ad:ec:64:87:ea:97:
         91:ab:82:4c:79:47:24:b2:ed:25:76:32:1d:22:6f:0f:2f:1d:
         4d:b0:f4:12:65:3a:8c:3c:59:07:11:be:82:82:a5:c0:d2:0b:
         ed:55:fa:41:84:66:c6:03:86:3c:da:ed:a1:32:28:50:44:c3:
         72:17:ba:20:ef:4c:83:8a:e9:56:c8:44:ae:03:a2:56:46:7f:
         c3:42:99:6e:61:e2:22:1a:3f:bc:d8:5c:d2:fa:1d:4c:5a:93:
         87:2c:b7:c5:2c:75:22:d3:f8:18:17:f9:1b:b5:2e:0b:70:0e:
         47:81:c4:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7s2o6Rpqd+tTxYOYVwn+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDFhNjdiMGNkMWIyOTUxNTg5NGVjZTk2YjUyZWFjYmUw
NDFiZDQwHhcNMjUxMDE5MDkwMTAzWhcNMjUxMDIwMDkwMTAzWjAzMTEwLwYDVQQD
EyhhNDA0NGFhNmMxYWFjYmRlMjI1ZTVkNjlmNzBhMGMyNjAzNzk3ODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8HfUJQBt4qoSWkxnL3aUA6gnDh7
D+7F39uFpsLqY+pC/bdmKCtzcQdEDnpUHbIegyNcHvugRNkZZ+YbBjrD0/OkvnI5
mZoCDlGUc+gH2aUzXEiCSeA2Nq8U0qio3pLqOJByPTbrqxZpAZMOHItPXvSV1GrT
tsuHuWfHxLTmXVhQ16m8kzbgNqh/wokK1X9mMr1S1s0sq23krGOCO6hpNMArcY8D
YNyDJax6Q86WtPySQ6VP2vwrUvXOJyykZslgtq4dQemMp6RCAkEjSWBZGvTuWTPQ
cEmOU1jV8HT3dVHbFmBHr3lYA4YwazKU1WoSYpTXBTxxzFmqQAc0F80yAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQESqbBqsveIl5dafcKDCYDeXgCMB8GA1UdIwQY
MBaAFB8BpnsM0bKVFYlOzpa1Lqy+BBvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdHbWV3elJzcFVWaVU3T2xyVXVyTDRFRzlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lYTJlOTMtMzFkMC00OGFkLTg3ZWMt
YmRjMTE3MTIyZWZiLzEvSHdHbWV3elJzcFVWaVU3T2xyVXVyTDRFRzlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lYTJlOTMtMzFkMC00OGFkLTg3ZWMtYmRjMTE3MTIyZWZi
LzEvSHdHbWV3elJzcFVWaVU3T2xyVXVyTDRFRzlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZR5z9ZcO
53nug9EZi07lf2zPs9Zn00ckFxaCwPfCuns3HrYxh0MzFkrXjdp6LodB3YC0pr4Q
yiIbqu4mLeCctvIFSsjtACb4vS71FiteTLiAGa+a4OBs/Vr6RCvd5CoeETgZEaHR
GFmqRvo3x0H250iK/A3xj2ylYL8xcxgJUaMs4yPOrpfW+NbHrexkh+qXkauCTHlH
JLLtJXYyHSJvDy8dTbD0EmU6jDxZBxG+goKlwNIL7VX6QYRmxgOGPNrtoTIoUETD
che6IO9Mg4rpVshErgOiVkZ/w0KZbmHiIho/vNhc0vodTFqThyy3xSx1ItP4GBf5
G7UuC3AOR4HEsw==
-----END CERTIFICATE-----