Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
File:                     HNuFgmJdF7G8uuE_xt20OruV0v4.mft (raw, json)
Hash identifier:          zXPoShce1ibR+k2XzJDppB1waQA21MSQOtbERviUrSA=
Subject key identifier:   86:11:25:F1:CC:F3:31:CC:51:F4:57:87:A4:92:22:13:7D:0E:80:A8
Authority key identifier: 1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE
Certificate issuer:       /CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
Certificate serial:       0198D54E0F6BB7C2B55C3E5D48B6AE5639C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
Manifest number:          0206
Signing time:             Sat 23 Aug 2025 05:01:59 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:59 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:59 +0000
Files and hashes:         1: HNuFgmJdF7G8uuE_xt20OruV0v4.crl (hash: oJlwOtzmb0ONkTtWLs20safSGdyWunGyIEGBk7SYRpo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:0f:6b:b7:c2:b5:5c:3e:5d:48:b6:ae:56:39:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
        Validity
            Not Before: Aug 23 05:01:59 2025 GMT
            Not After : Aug 24 05:01:59 2025 GMT
        Subject: CN=861125f1ccf331cc51f45787a49222137d0e80a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:bb:be:e7:3f:49:b7:36:ab:9e:8a:35:6a:a1:
                    3a:8a:54:ca:80:ac:6c:5b:c0:4b:6b:03:a7:d8:f0:
                    03:72:8a:20:56:33:12:2f:a5:04:ca:0d:a3:dd:04:
                    ba:70:85:04:95:27:97:95:1d:75:2a:19:1d:1e:cd:
                    32:af:d1:14:17:44:b8:59:0a:8b:01:36:38:fb:ea:
                    8e:28:4b:54:22:b5:2a:c1:38:31:8a:91:c5:e1:32:
                    ee:56:71:d7:54:44:f6:78:7e:8e:f3:b3:29:aa:57:
                    37:c7:cd:14:d2:ce:c4:b2:d9:ed:e2:e4:20:d6:ce:
                    94:52:3f:b1:1b:99:9e:29:4f:f9:b0:eb:31:76:f5:
                    05:6f:06:06:77:32:87:53:51:ad:b2:9f:b7:36:1c:
                    79:60:b1:86:09:7c:68:55:69:be:b9:18:e3:d0:37:
                    fe:08:51:2e:4e:a9:f7:d7:3f:b6:a4:62:ce:57:69:
                    1a:51:14:5b:d7:fb:f2:6a:a3:52:02:ce:60:d6:44:
                    5d:3c:d3:83:10:a3:76:7d:95:d2:8e:e2:af:7f:97:
                    32:1f:d2:57:a7:06:49:4b:80:dc:d3:50:e0:5f:ae:
                    04:25:57:95:e5:d1:70:69:42:bc:84:ef:66:b1:35:
                    28:c8:8d:05:6d:01:f9:bc:e3:99:34:4b:b2:17:ff:
                    4b:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:11:25:F1:CC:F3:31:CC:51:F4:57:87:A4:92:22:13:7D:0E:80:A8
            X509v3 Authority Key Identifier:
                keyid:1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:67:02:7c:8c:72:95:57:44:d6:a0:36:89:e5:9f:b4:21:6a:
         76:06:b6:09:fa:3c:30:97:09:20:b9:39:d2:9c:13:fa:2b:17:
         7d:5a:04:72:7a:9d:b6:02:e2:54:16:1b:b8:ad:51:c0:42:4d:
         54:d7:19:97:75:c6:61:6a:75:87:eb:c4:bd:4a:8b:e7:3e:f9:
         6c:0c:6e:a6:b4:de:8f:1e:0f:c9:f2:46:a1:fa:a1:7a:af:14:
         46:a6:46:c4:30:e4:be:c0:00:c5:8c:ea:34:24:61:52:06:b5:
         a3:ff:92:30:a0:bf:40:db:3b:37:d1:89:66:0d:3d:35:4b:b7:
         aa:4c:59:cc:9c:b7:77:a9:5a:a3:25:9c:b2:97:bd:8e:6f:1d:
         bb:22:ee:89:a5:48:29:44:0a:b5:ed:4c:4f:ed:fd:f2:59:84:
         33:4a:be:f1:9a:48:0a:34:f0:d9:9a:cf:2f:53:35:54:28:ed:
         dd:9e:e3:36:65:7b:ab:11:c4:88:17:b4:36:a4:64:48:0d:a7:
         14:56:b4:d9:88:7d:55:54:82:8d:5b:3b:79:6c:b8:5b:ad:ab:
         58:55:4e:56:32:0c:e0:82:aa:3f:80:68:24:b4:56:21:8c:f9:
         c2:41:98:54:8f:60:84:40:22:84:59:24:8e:09:72:42:36:ac:
         81:ea:95:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTg9rt8K1XD5dSLauVjnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGI4NTgyNjI1ZDE3YjFiY2JhZTEzZmM2ZGRiNDNhYmI5
NWQyZmUwHhcNMjUwODIzMDUwMTU5WhcNMjUwODI0MDUwMTU5WjAzMTEwLwYDVQQD
Eyg4NjExMjVmMWNjZjMzMWNjNTFmNDU3ODdhNDkyMjIxMzdkMGU4MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoru+5z9Jtzarnoo1aqE6ilTKgKxs
W8BLawOn2PADcoogVjMSL6UEyg2j3QS6cIUElSeXlR11KhkdHs0yr9EUF0S4WQqL
ATY4++qOKEtUIrUqwTgxipHF4TLuVnHXVET2eH6O87Mpqlc3x80U0s7Estnt4uQg
1s6UUj+xG5meKU/5sOsxdvUFbwYGdzKHU1Gtsp+3Nhx5YLGGCXxoVWm+uRjj0Df+
CFEuTqn31z+2pGLOV2kaURRb1/vyaqNSAs5g1kRdPNODEKN2fZXSjuKvf5cyH9JX
pwZJS4Dc01DgX64EJVeV5dFwaUK8hO9msTUoyI0FbQH5vOOZNEuyF/9LYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYRJfHM8zHMUfRXh6SSIhN9DoCoMB8GA1UdIwQY
MBaAFBzbhYJiXRexvLrhP8bdtDq7ldL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDct
NDVmYmE1Yzk3NTkzLzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDctNDVmYmE1Yzk3NTkz
LzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoGcCfIxy
lVdE1qA2ieWftCFqdga2Cfo8MJcJILk50pwT+isXfVoEcnqdtgLiVBYbuK1RwEJN
VNcZl3XGYWp1h+vEvUqL5z75bAxuprTejx4PyfJGofqheq8URqZGxDDkvsAAxYzq
NCRhUga1o/+SMKC/QNs7N9GJZg09NUu3qkxZzJy3d6laoyWcspe9jm8duyLuiaVI
KUQKte1MT+398lmEM0q+8ZpICjTw2ZrPL1M1VCjt3Z7jNmV7qxHEiBe0NqRkSA2n
FFa02Yh9VVSCjVs7eWy4W62rWFVOVjIM4IKqP4BoJLRWIYz5wkGYVI9ghEAihFkk
jglyQjasgeqVnw==
-----END CERTIFICATE-----