Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          PgR/4uxKs2bW8Ez/QS5O3d7b2Yl5H79KCsFxSUFsy5o=
Subject key identifier:   F7:ED:00:38:EB:9E:71:C6:87:D0:D6:77:42:DA:38:DD:0D:2A:3D:79
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       019A00352DF27C252E458198D2BFA3A49BFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          16DE
Signing time:             Mon 20 Oct 2025 06:01:16 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:16 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:16 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: hWPWbEScau5KVynCKwm3aHOWpeO+3Rbp28jzoL53FNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 06:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:2d:f2:7c:25:2e:45:81:98:d2:bf:a3:a4:9b:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: Oct 20 06:01:16 2025 GMT
            Not After : Oct 21 06:01:16 2025 GMT
        Subject: CN=f7ed0038eb9e71c687d0d67742da38dd0d2a3d79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:07:5c:47:e8:c2:8f:dd:cf:bf:fe:36:8b:82:
                    2d:82:5d:53:45:74:b8:60:25:23:54:d1:4f:59:02:
                    58:dd:30:bd:1a:44:e4:41:62:3f:c1:31:93:6d:b0:
                    88:9e:e4:16:e2:2c:0d:27:23:78:85:f1:58:4b:6a:
                    0f:46:f2:5e:94:f6:15:c0:2a:7d:1f:b1:85:99:03:
                    0a:65:62:33:f3:35:84:a5:2f:54:df:27:20:d6:b2:
                    cd:a6:6e:a1:12:e7:19:3e:02:f6:0e:39:c1:c4:aa:
                    e5:7b:f0:0f:02:99:72:86:06:d7:11:ea:1b:fd:95:
                    23:ef:6a:76:02:98:9f:f9:e4:a3:3a:37:ba:4a:4c:
                    45:c6:0f:a3:7e:37:51:46:bf:5b:4c:ed:88:4f:a2:
                    c7:b9:55:70:f3:b1:15:a4:b2:b2:e3:97:1e:79:ce:
                    f3:0f:3f:c6:a7:5a:d1:51:e5:a3:44:ee:50:34:e9:
                    d7:03:68:39:e1:ba:b1:ef:e4:06:67:93:25:ae:da:
                    c3:4f:98:57:62:33:0e:5b:fc:0e:2f:0b:52:7b:77:
                    e3:aa:a6:bd:63:f1:14:a5:11:43:5b:a6:5a:5d:d8:
                    ee:08:98:01:19:a7:f1:29:0b:3c:55:16:95:ca:0e:
                    dd:a4:81:d2:01:68:9b:83:65:a5:e3:2e:33:0d:1a:
                    e7:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:ED:00:38:EB:9E:71:C6:87:D0:D6:77:42:DA:38:DD:0D:2A:3D:79
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:5b:d7:5b:b9:81:db:8c:de:a0:9b:63:55:4b:4d:06:55:4c:
         79:bf:06:97:0a:90:fb:84:da:fe:75:c1:91:bc:ee:5a:72:60:
         aa:0b:4c:c5:95:fc:fc:be:db:62:c8:98:7e:7d:77:75:a0:3f:
         68:4e:f5:1c:c0:25:04:40:bb:7e:91:e8:9c:a7:b7:9a:9a:c5:
         ab:79:c9:a9:13:1d:f3:02:48:3b:9f:13:d9:4c:48:81:40:50:
         ab:ad:53:39:a0:48:8d:43:f2:92:81:8a:aa:cb:0d:d6:a5:21:
         bc:d1:52:8c:bf:e1:9f:8a:e7:18:62:00:1a:17:df:93:c1:76:
         32:2d:4f:b2:5c:82:ed:3c:99:0b:26:45:54:ff:9f:8b:36:a3:
         d5:d2:31:55:09:02:b8:be:86:dd:f3:4e:85:90:00:63:38:6d:
         16:28:90:72:5d:1c:ab:39:7d:d9:4c:08:82:ee:06:2e:8f:29:
         a6:98:0e:5e:3b:36:9b:f7:49:66:d8:ca:66:39:4b:de:27:71:
         b5:12:a1:b6:fb:2d:0a:90:fd:55:4c:9e:e4:2a:42:ad:ac:2a:
         59:29:fc:96:b0:96:dd:3f:91:8d:e3:b2:d8:45:05:3c:ba:1c:
         e3:e8:29:28:55:43:cb:0d:03:09:cf:32:3c:33:3e:17:1b:5b:
         bc:ac:76:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANS3yfCUuRYGY0r+jpJv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjUxMDIwMDYwMTE2WhcNMjUxMDIxMDYwMTE2WjAzMTEwLwYDVQQD
EyhmN2VkMDAzOGViOWU3MWM2ODdkMGQ2Nzc0MmRhMzhkZDBkMmEzZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwdcR+jCj93Pv/42i4Itgl1TRXS4
YCUjVNFPWQJY3TC9GkTkQWI/wTGTbbCInuQW4iwNJyN4hfFYS2oPRvJelPYVwCp9
H7GFmQMKZWIz8zWEpS9U3ycg1rLNpm6hEucZPgL2DjnBxKrle/APAplyhgbXEeob
/ZUj72p2Apif+eSjOje6SkxFxg+jfjdRRr9bTO2IT6LHuVVw87EVpLKy45ceec7z
Dz/Gp1rRUeWjRO5QNOnXA2g54bqx7+QGZ5MlrtrDT5hXYjMOW/wOLwtSe3fjqqa9
Y/EUpRFDW6ZaXdjuCJgBGafxKQs8VRaVyg7dpIHSAWibg2Wl4y4zDRrnTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPftADjrnnHGh9DWd0LaON0NKj15MB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdlvXW7mB
24zeoJtjVUtNBlVMeb8GlwqQ+4Ta/nXBkbzuWnJgqgtMxZX8/L7bYsiYfn13daA/
aE71HMAlBEC7fpHonKe3mprFq3nJqRMd8wJIO58T2UxIgUBQq61TOaBIjUPykoGK
qssN1qUhvNFSjL/hn4rnGGIAGhffk8F2Mi1PslyC7TyZCyZFVP+fizaj1dIxVQkC
uL6G3fNOhZAAYzhtFiiQcl0cqzl92UwIgu4GLo8pppgOXjs2m/dJZtjKZjlL3idx
tRKhtvstCpD9VUye5CpCrawqWSn8lrCW3T+RjeOy2EUFPLoc4+gpKFVDyw0DCc8y
PDM+FxtbvKx2Tg==
-----END CERTIFICATE-----