Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
File:                     hUYNJS18tlxJNM6stG-pbctrVws.mft (raw, json)
Hash identifier:          a0YJna6lQMzzlCqiJ6v+lwZUzdahAjRLpQG78ldJrWE=
Subject key identifier:   4A:9E:E2:80:41:DB:5C:5D:FC:38:52:41:7D:4B:08:94:5E:75:A1:A9
Authority key identifier: 85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B
Certificate issuer:       /CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
Certificate serial:       0196AB43449F1F7E39047AF1BCB486D8472B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
Manifest number:          0659
Signing time:             Wed 07 May 2025 15:00:34 +0000
Manifest this update:     Wed 07 May 2025 15:00:34 +0000
Manifest next update:     Thu 08 May 2025 15:00:34 +0000
Files and hashes:         1: hUYNJS18tlxJNM6stG-pbctrVws.crl (hash: tv2i7bKMHiPRHkwFT8CjXcaLK2umb1ULYa9K2kh2jXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 13:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ab:43:44:9f:1f:7e:39:04:7a:f1:bc:b4:86:d8:47:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
        Validity
            Not Before: May  7 15:00:34 2025 GMT
            Not After : May  8 15:00:34 2025 GMT
        Subject: CN=4a9ee28041db5c5dfc3852417d4b08945e75a1a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:38:d4:69:96:60:64:70:5a:4d:ff:10:58:46:
                    9d:b0:77:fe:5f:7f:9e:46:b2:96:05:4a:6e:b9:f6:
                    71:1b:a0:9b:8b:0e:7c:99:9c:04:7a:b5:37:fb:a7:
                    12:de:a4:a5:eb:fd:3c:fb:51:cb:bf:87:21:b5:24:
                    b2:0c:17:9e:e0:34:20:f3:b9:05:7d:7e:43:6a:6b:
                    99:a4:c1:82:c4:8e:f4:b6:ae:13:ae:41:d3:45:ec:
                    e5:d9:e0:43:e0:66:57:91:b4:3e:de:3c:ff:bc:70:
                    36:83:32:a6:9d:9e:47:be:c0:d9:84:8f:73:3d:a3:
                    20:60:ef:31:27:67:30:27:ae:d9:07:76:56:4e:65:
                    13:f7:1d:e6:75:37:c8:93:b1:a1:4f:e0:b7:c3:aa:
                    48:ea:65:eb:56:34:b2:d6:91:fc:59:9e:8c:e5:27:
                    28:4c:71:b6:7a:44:86:95:d9:ba:e1:0c:d3:3a:84:
                    1d:bc:4b:e3:b7:c7:20:7e:9f:8f:ac:b3:76:7e:f7:
                    83:e5:1d:24:e4:7a:bf:34:62:27:16:bc:b2:e1:bc:
                    5c:5d:29:c0:54:52:99:66:f5:d3:1b:21:57:73:2a:
                    5a:34:fe:ef:51:09:69:a1:dc:18:b8:d7:66:0b:d9:
                    d8:2a:60:84:1e:91:52:a9:c9:8c:f8:71:a2:83:e8:
                    08:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:9E:E2:80:41:DB:5C:5D:FC:38:52:41:7D:4B:08:94:5E:75:A1:A9
            X509v3 Authority Key Identifier:
                keyid:85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:44:3f:db:0b:0e:dc:4e:be:c6:7d:2d:7e:6b:f1:ba:f0:98:
         d4:91:01:ac:77:76:d5:5a:e6:3f:b8:03:0c:38:f0:30:58:d7:
         95:3d:c6:2e:2d:8c:fc:56:32:94:aa:dd:25:22:ca:c5:6d:ef:
         bb:26:6f:b1:b9:2f:09:eb:2b:27:47:ff:84:38:e2:ab:af:8d:
         2c:f6:2c:f2:74:99:98:29:0f:7c:f0:9d:fa:bf:0b:5b:2e:f9:
         8e:d5:6b:fe:45:1b:74:b2:88:81:e1:c2:c6:57:b5:50:43:19:
         b5:26:0f:88:3e:ba:1d:18:5d:c7:61:b5:aa:5e:ba:4e:ca:44:
         33:ea:70:2b:84:d4:3f:97:05:1e:6d:eb:ce:ec:2f:58:2a:bb:
         cf:8c:e7:c1:da:b5:43:99:5b:88:60:62:70:e7:05:0e:75:d5:
         34:17:0a:92:1b:36:17:39:83:6e:6b:78:50:d5:8b:31:bd:6e:
         c5:f5:fb:e3:f8:9a:29:55:cf:df:5a:45:53:2a:ae:85:f9:4c:
         6d:00:38:3f:92:fc:c6:45:a5:05:43:1a:fd:d4:3c:39:82:94:
         a8:ca:44:73:0b:bf:d9:d3:10:14:da:df:7f:79:05:2f:55:bc:
         ba:02:18:5a:a1:7f:f8:ea:32:e3:b0:c9:4f:35:55:bb:31:53:
         72:49:80:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZarQ0SfH345BHrxvLSG2EcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYwZDI1MmQ3Y2I2NWM0OTM0Y2VhY2I0NmZhOTZkY2I2
YjU3MGIwHhcNMjUwNTA3MTUwMDM0WhcNMjUwNTA4MTUwMDM0WjAzMTEwLwYDVQQD
Eyg0YTllZTI4MDQxZGI1YzVkZmMzODUyNDE3ZDRiMDg5NDVlNzVhMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TjUaZZgZHBaTf8QWEadsHf+X3+e
RrKWBUpuufZxG6Cbiw58mZwEerU3+6cS3qSl6/08+1HLv4chtSSyDBee4DQg87kF
fX5DamuZpMGCxI70tq4TrkHTRezl2eBD4GZXkbQ+3jz/vHA2gzKmnZ5HvsDZhI9z
PaMgYO8xJ2cwJ67ZB3ZWTmUT9x3mdTfIk7GhT+C3w6pI6mXrVjSy1pH8WZ6M5Sco
THG2ekSGldm64QzTOoQdvEvjt8cgfp+PrLN2fveD5R0k5Hq/NGInFryy4bxcXSnA
VFKZZvXTGyFXcypaNP7vUQlpodwYuNdmC9nYKmCEHpFSqcmM+HGig+gIYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqe4oBB21xd/DhSQX1LCJRedaGpMB8GA1UdIwQY
MBaAFIVGDSUtfLZcSTTOrLRvqW3La1cLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2Qt
OTI2YTBiMmQ1N2FkLzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2QtOTI2YTBiMmQ1N2Fk
LzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVkQ/2wsO
3E6+xn0tfmvxuvCY1JEBrHd21VrmP7gDDDjwMFjXlT3GLi2M/FYylKrdJSLKxW3v
uyZvsbkvCesrJ0f/hDjiq6+NLPYs8nSZmCkPfPCd+r8LWy75jtVr/kUbdLKIgeHC
xle1UEMZtSYPiD66HRhdx2G1ql66TspEM+pwK4TUP5cFHm3rzuwvWCq7z4znwdq1
Q5lbiGBicOcFDnXVNBcKkhs2FzmDbmt4UNWLMb1uxfX74/iaKVXP31pFUyquhflM
bQA4P5L8xkWlBUMa/dQ8OYKUqMpEcwu/2dMQFNrff3kFL1W8ugIYWqF/+Ooy47DJ
TzVVuzFTckmAwA==
-----END CERTIFICATE-----