Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
File:                     rHI58-_bN5H1vlVSmbXYFpfz0BI.mft (raw, json)
Hash identifier:          lD0HgZNh3oMNErdB9GwHIxjjNNwtEoJSfq68O/4MGEY=
Subject key identifier:   75:74:12:D6:47:4B:10:75:F3:18:C7:7B:8A:D5:A6:94:C1:74:CF:62
Authority key identifier: AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12
Certificate issuer:       /CN=ac7239f3efdb3791f5be555299b5d81697f3d012
Certificate serial:       0198D4E0B7422CC6142089E9BCF6F671E474
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
Manifest number:          1205
Signing time:             Sat 23 Aug 2025 03:02:33 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:33 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:33 +0000
Files and hashes:         1: rHI58-_bN5H1vlVSmbXYFpfz0BI.crl (hash: itvPa5DFkdHai9aOKglPfJ2a/LxPAE2AoFEq4Xk+Ztw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:b7:42:2c:c6:14:20:89:e9:bc:f6:f6:71:e4:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac7239f3efdb3791f5be555299b5d81697f3d012
        Validity
            Not Before: Aug 23 03:02:33 2025 GMT
            Not After : Aug 24 03:02:33 2025 GMT
        Subject: CN=757412d6474b1075f318c77b8ad5a694c174cf62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ce:88:ec:97:92:1d:29:bd:8a:87:11:c7:77:
                    41:a1:a3:ee:78:91:28:60:ed:12:29:5f:a3:0e:04:
                    7f:65:bb:55:16:3a:f0:82:52:2b:14:fd:7e:9b:07:
                    03:1a:d7:4f:a0:26:6e:99:32:9b:84:b6:a6:a4:69:
                    cf:7f:13:ec:d2:ee:7a:25:c0:07:27:4d:b7:d3:e2:
                    f6:df:0b:ae:65:06:f9:d5:3b:20:37:37:ff:c0:9a:
                    46:57:fe:c9:2a:91:c4:24:dc:bd:d0:45:c4:20:06:
                    57:93:53:1f:56:32:c9:b4:c3:7c:4a:b0:e2:80:be:
                    a1:9a:bd:d9:06:ff:31:4f:25:e0:4e:a8:44:67:de:
                    45:27:69:78:9f:46:99:74:1f:63:c0:c4:ad:ad:ad:
                    97:63:dd:c0:6a:08:72:b1:93:0c:60:0a:58:c7:45:
                    d4:e4:76:59:93:b4:f5:b0:39:ff:c5:eb:47:08:e4:
                    b4:94:e6:1e:c5:ce:75:44:77:b9:94:5c:51:d5:12:
                    bf:30:53:40:ac:4c:a6:62:00:5a:48:4e:18:62:6c:
                    2c:96:2f:49:90:53:64:cb:7b:23:ca:c6:f8:a7:d5:
                    f5:10:61:c5:18:c8:43:e6:ce:69:0f:71:76:1c:5b:
                    1b:9b:dc:f4:56:55:6a:29:f0:7c:02:f7:79:6f:c1:
                    48:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:74:12:D6:47:4B:10:75:F3:18:C7:7B:8A:D5:A6:94:C1:74:CF:62
            X509v3 Authority Key Identifier:
                keyid:AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:4a:96:80:fd:c9:5c:da:55:22:a5:4d:04:98:4d:e7:3f:c9:
         d5:81:ba:d4:97:fe:62:e0:b6:4f:02:b5:af:f4:28:cd:48:fa:
         3e:cd:8e:fd:47:b6:29:1f:3a:c7:86:7e:04:e8:60:e4:c9:7b:
         d5:29:d7:ad:6b:92:25:79:c5:cd:e7:03:a7:61:d2:88:e6:78:
         89:8a:82:88:b9:f5:21:83:fa:fb:ee:82:96:90:a9:df:34:24:
         d1:75:aa:c8:99:83:6f:7f:a0:ad:56:9b:a7:44:c8:02:0d:0b:
         e7:54:c1:71:c4:dd:61:13:bf:e9:f0:aa:91:06:55:42:c0:d0:
         40:d4:7b:c0:1d:82:80:3f:67:fc:2f:fc:cb:5f:53:66:73:02:
         ab:0e:24:d4:f4:26:e5:67:71:81:93:4c:e5:c4:84:eb:4e:61:
         2a:d8:80:ab:49:a4:b9:d1:dc:c7:6d:fd:ca:b0:77:64:63:6f:
         4f:55:f9:0d:d8:1b:51:f9:59:59:41:8e:75:0d:da:fb:b3:99:
         cb:e3:8e:b4:9f:1a:c2:d8:39:56:09:c6:fb:11:b1:ab:2f:5a:
         32:87:14:63:6e:4f:3c:c3:b2:74:0a:a4:8c:28:ad:2c:62:3b:
         e1:6e:8f:d2:97:ad:2e:12:05:b8:7a:a9:b8:c7:5e:87:78:8b:
         67:c0:40:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4LdCLMYUIInpvPb2ceR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNzIzOWYzZWZkYjM3OTFmNWJlNTU1Mjk5YjVkODE2OTdm
M2QwMTIwHhcNMjUwODIzMDMwMjMzWhcNMjUwODI0MDMwMjMzWjAzMTEwLwYDVQQD
Eyg3NTc0MTJkNjQ3NGIxMDc1ZjMxOGM3N2I4YWQ1YTY5NGMxNzRjZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAus6I7JeSHSm9iocRx3dBoaPueJEo
YO0SKV+jDgR/ZbtVFjrwglIrFP1+mwcDGtdPoCZumTKbhLampGnPfxPs0u56JcAH
J0230+L23wuuZQb51TsgNzf/wJpGV/7JKpHEJNy90EXEIAZXk1MfVjLJtMN8SrDi
gL6hmr3ZBv8xTyXgTqhEZ95FJ2l4n0aZdB9jwMStra2XY93AaghysZMMYApYx0XU
5HZZk7T1sDn/xetHCOS0lOYexc51RHe5lFxR1RK/MFNArEymYgBaSE4YYmwsli9J
kFNky3sjysb4p9X1EGHFGMhD5s5pD3F2HFsbm9z0VlVqKfB8Avd5b8FI0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHV0EtZHSxB18xjHe4rVppTBdM9iMB8GA1UdIwQY
MBaAFKxyOfPv2zeR9b5VUpm12BaX89ASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQt
Y2NmYzdmMDdiOWNiLzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQtY2NmYzdmMDdiOWNi
LzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgEqWgP3J
XNpVIqVNBJhN5z/J1YG61Jf+YuC2TwK1r/QozUj6Ps2O/Ue2KR86x4Z+BOhg5Ml7
1SnXrWuSJXnFzecDp2HSiOZ4iYqCiLn1IYP6++6ClpCp3zQk0XWqyJmDb3+grVab
p0TIAg0L51TBccTdYRO/6fCqkQZVQsDQQNR7wB2CgD9n/C/8y19TZnMCqw4k1PQm
5WdxgZNM5cSE605hKtiAq0mkudHcx239yrB3ZGNvT1X5DdgbUflZWUGOdQ3a+7OZ
y+OOtJ8awtg5VgnG+xGxqy9aMocUY25PPMOydAqkjCitLGI74W6P0petLhIFuHqp
uMdeh3iLZ8BAPA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:00:56 2025 by rpki-client