Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          ntWl/8s52kO8nYuEAP6Zk0rkp8QrwP5s3D3RmWT/AnQ=
Subject key identifier:   1E:0B:B5:C5:64:0B:AC:80:2C:CB:5B:39:CC:16:F5:BC:43:80:4F:1D
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       0198D5BC1CC7F6E7CB3B6575A98E920C8BE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          047F
Signing time:             Sat 23 Aug 2025 07:02:11 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:11 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:11 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: BUGwnSUGNgVawrSAkFK+PZaHLaiK0h1Qmav1fxMz0cg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:1c:c7:f6:e7:cb:3b:65:75:a9:8e:92:0c:8b:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Aug 23 07:02:11 2025 GMT
            Not After : Aug 24 07:02:11 2025 GMT
        Subject: CN=1e0bb5c5640bac802ccb5b39cc16f5bc43804f1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:b7:b0:1e:7d:ee:c9:9a:cd:d1:05:25:21:b2:
                    45:68:16:90:9c:57:87:46:7c:f5:f5:ec:8d:81:ff:
                    50:d2:d7:d9:8a:7f:6e:cf:fb:a2:5f:02:dd:45:14:
                    03:6b:36:7a:a9:67:12:b5:24:75:85:41:e2:e4:84:
                    08:11:2e:dc:e3:3c:df:5c:7e:24:0a:d4:f4:af:fc:
                    c6:89:07:a1:11:36:8e:a5:a1:d3:c9:be:09:f5:2b:
                    c3:8d:01:32:3f:63:1b:fd:6b:62:0b:93:ae:b7:38:
                    2a:0f:01:45:21:da:9e:a6:5f:71:40:a0:a5:c7:9d:
                    4f:bc:83:1a:5c:be:57:92:51:d1:fa:21:41:92:72:
                    e5:28:82:84:ce:9d:40:ca:97:bd:4e:6f:c2:53:75:
                    b8:71:a6:8f:a1:bc:50:0f:10:94:c4:11:98:1f:4a:
                    24:a9:b8:21:82:8c:0e:b3:77:30:89:5b:5d:23:dd:
                    d2:a0:c3:f7:a0:de:f9:d7:c6:f2:f9:3e:6a:a6:1b:
                    ed:f5:c0:c3:5f:8a:ef:47:71:7e:41:22:ea:c2:67:
                    ef:fe:ca:9e:a5:c0:93:6c:f7:3b:af:f6:40:ff:2c:
                    ed:d8:97:b1:97:47:38:e5:71:dd:3d:a0:81:14:f9:
                    ba:4c:a1:93:54:c4:06:cb:f7:f5:ef:88:3f:2e:fb:
                    92:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:0B:B5:C5:64:0B:AC:80:2C:CB:5B:39:CC:16:F5:BC:43:80:4F:1D
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:e8:25:7c:68:d2:8e:c8:c2:49:a2:7c:eb:dc:25:08:20:43:
         46:93:30:6d:08:67:9e:8e:b0:c3:41:ee:97:c9:15:a9:d8:b5:
         aa:bd:a2:17:04:83:c9:d1:16:06:e9:f5:67:6f:82:10:a9:c9:
         d0:e2:ad:27:d9:6a:fa:71:de:ba:ef:8e:cb:eb:90:93:9f:75:
         91:f6:db:20:db:af:aa:62:f0:83:73:ea:13:d7:05:43:d6:f4:
         20:64:8f:85:87:c8:55:47:d9:8e:90:7a:6e:5b:7d:ce:22:00:
         fd:25:9e:06:d7:a7:58:a2:8f:42:b6:bd:02:42:06:b5:fb:78:
         fe:9a:bf:2f:ef:32:3c:71:f0:cb:44:ea:52:e4:43:5a:c1:f4:
         2a:f4:4c:b5:99:45:7b:d2:01:2a:a4:34:5e:80:a2:7f:62:82:
         ea:a4:cf:cc:99:6e:0f:3b:98:c5:67:1c:c4:66:a5:f8:dc:e8:
         54:bc:8b:6c:9c:2a:63:16:48:aa:d6:17:a1:25:71:19:f0:d3:
         29:f6:21:7a:95:2f:80:e0:f1:ba:09:22:ab:cb:f3:6a:96:11:
         19:56:ab:97:0d:6a:4e:4b:b5:bc:cd:97:47:e4:30:ec:af:4b:
         fa:30:8d:ed:91:78:6a:d6:39:25:bf:ca:0a:89:25:5b:14:86:
         b0:b0:29:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvBzH9ufLO2V1qY6SDIvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjUwODIzMDcwMjExWhcNMjUwODI0MDcwMjExWjAzMTEwLwYDVQQD
EygxZTBiYjVjNTY0MGJhYzgwMmNjYjViMzljYzE2ZjViYzQzODA0ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rewHn3uyZrN0QUlIbJFaBaQnFeH
Rnz19eyNgf9Q0tfZin9uz/uiXwLdRRQDazZ6qWcStSR1hUHi5IQIES7c4zzfXH4k
CtT0r/zGiQehETaOpaHTyb4J9SvDjQEyP2Mb/WtiC5OutzgqDwFFIdqepl9xQKCl
x51PvIMaXL5XklHR+iFBknLlKIKEzp1Aype9Tm/CU3W4caaPobxQDxCUxBGYH0ok
qbghgowOs3cwiVtdI93SoMP3oN7518by+T5qphvt9cDDX4rvR3F+QSLqwmfv/sqe
pcCTbPc7r/ZA/yzt2Jexl0c45XHdPaCBFPm6TKGTVMQGy/f174g/LvuSpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4LtcVkC6yALMtbOcwW9bxDgE8dMB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFOglfGjS
jsjCSaJ869wlCCBDRpMwbQhnno6ww0Hul8kVqdi1qr2iFwSDydEWBun1Z2+CEKnJ
0OKtJ9lq+nHeuu+Oy+uQk591kfbbINuvqmLwg3PqE9cFQ9b0IGSPhYfIVUfZjpB6
blt9ziIA/SWeBtenWKKPQra9AkIGtft4/pq/L+8yPHHwy0TqUuRDWsH0KvRMtZlF
e9IBKqQ0XoCif2KC6qTPzJluDzuYxWccxGal+NzoVLyLbJwqYxZIqtYXoSVxGfDT
KfYhepUvgODxugkiq8vzapYRGVarlw1qTku1vM2XR+Qw7K9L+jCN7ZF4atY5Jb/K
CoklWxSGsLAptQ==
-----END CERTIFICATE-----