Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
File:                     HhkRubtcij4eK4pRFl-KcaCSxo0.mft (raw, json)
Hash identifier:          ONJ7x4zfrkuUNgguxVD4WbqQAqWF5Bcm2Xo73rabNO0=
Subject key identifier:   7D:11:3C:A3:C0:19:D5:42:8D:39:CA:CC:31:FF:69:1C:88:3B:48:84
Authority key identifier: 1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D
Certificate issuer:       /CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
Certificate serial:       0199FF22F14EB71400935F44577ECC4193B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
Manifest number:          129C
Signing time:             Mon 20 Oct 2025 01:01:44 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:44 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:44 +0000
Files and hashes:         1: HhkRubtcij4eK4pRFl-KcaCSxo0.crl (hash: /GFe8u37xNeDwwjFgRW79ZAIQf6VugAwACt5R8nb9bo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:f1:4e:b7:14:00:93:5f:44:57:7e:cc:41:93:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
        Validity
            Not Before: Oct 20 01:01:44 2025 GMT
            Not After : Oct 21 01:01:44 2025 GMT
        Subject: CN=7d113ca3c019d5428d39cacc31ff691c883b4884
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:bf:66:26:3b:fc:43:24:9e:f9:38:bb:25:ea:
                    48:5a:42:6c:0b:30:7d:d6:bf:44:30:a1:eb:ad:a2:
                    68:eb:83:09:25:e0:4d:a1:cf:0a:47:5a:30:5b:46:
                    f5:1a:62:96:79:09:87:80:36:30:19:60:7d:5c:6c:
                    5b:2a:9a:f0:63:f6:7b:47:fb:d4:85:c0:70:91:97:
                    4f:6a:68:13:f5:93:7a:2c:39:41:39:bb:95:2c:3a:
                    d9:68:af:a7:65:25:25:71:82:cf:e9:e6:a6:5a:82:
                    4d:06:bf:3a:9c:05:f5:b9:1d:85:0b:0c:05:eb:90:
                    91:31:1b:45:be:e0:78:a6:fa:c2:b8:d5:f2:e8:60:
                    b1:fa:e5:23:c8:cf:e1:bf:0a:08:c7:5b:07:03:d1:
                    3e:38:03:52:e1:c3:6f:18:61:c7:e1:3f:36:66:80:
                    72:d2:5e:fb:b8:2a:ed:e1:29:2c:f7:77:89:91:0e:
                    87:6b:03:fb:0b:cb:1d:52:34:10:bf:dd:65:3d:c5:
                    59:13:50:80:bf:58:a1:d6:1f:2a:7b:1b:21:ba:da:
                    73:1a:58:fd:6b:3d:4a:f6:0b:c7:4d:43:f5:19:37:
                    4c:7f:a2:40:d2:72:c0:a1:1a:c3:04:28:6b:b5:1a:
                    ef:3b:88:19:51:bf:6c:37:ac:25:90:0e:2b:3e:39:
                    11:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:11:3C:A3:C0:19:D5:42:8D:39:CA:CC:31:FF:69:1C:88:3B:48:84
            X509v3 Authority Key Identifier:
                keyid:1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:bf:ac:4d:85:ca:fa:c0:9d:48:04:a6:5e:7c:90:65:4f:1b:
         77:38:ab:b5:08:15:2a:c3:fe:89:c2:21:cd:39:d3:13:b3:de:
         8a:46:1d:51:da:bc:1e:51:b9:63:d5:97:c7:ce:98:e3:98:30:
         7b:33:7f:16:03:c6:10:f7:6c:9a:f8:56:4f:da:fb:d3:da:98:
         29:8f:cc:22:9a:e9:6a:78:69:dc:88:d8:97:e4:a6:33:c0:0a:
         88:ab:04:c9:4a:8a:f0:a8:28:86:23:c2:56:f5:71:3d:0d:78:
         c5:5d:51:33:ad:89:26:ca:13:d2:01:9d:dc:25:35:77:eb:18:
         3a:0c:47:7c:e5:91:38:2f:47:55:87:b6:b7:2a:26:37:0e:70:
         c6:49:f7:45:88:79:e3:e1:7a:7b:a1:44:4a:27:c3:53:ee:a9:
         02:f8:40:8b:56:db:8e:ca:a1:c1:43:ca:1c:bf:cc:3f:6d:24:
         c8:1f:b3:f9:6b:3c:de:37:b6:13:34:90:14:eb:18:3e:80:c5:
         b5:59:86:be:e2:31:70:c3:1b:c8:fb:da:75:41:a5:51:2a:e3:
         eb:36:2f:a6:ee:e4:1b:aa:7d:62:ab:b0:09:8a:c9:b0:a1:fd:
         00:59:54:e5:86:8c:15:4f:06:a6:c3:4b:4c:90:66:78:7b:9b:
         e2:49:e7:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IvFOtxQAk19EV37MQZOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTkxMWI5YmI1YzhhM2UxZTJiOGE1MTE2NWY4YTcxYTA5
MmM2OGQwHhcNMjUxMDIwMDEwMTQ0WhcNMjUxMDIxMDEwMTQ0WjAzMTEwLwYDVQQD
Eyg3ZDExM2NhM2MwMTlkNTQyOGQzOWNhY2MzMWZmNjkxYzg4M2I0ODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzb9mJjv8QySe+Ti7JepIWkJsCzB9
1r9EMKHrraJo64MJJeBNoc8KR1owW0b1GmKWeQmHgDYwGWB9XGxbKprwY/Z7R/vU
hcBwkZdPamgT9ZN6LDlBObuVLDrZaK+nZSUlcYLP6eamWoJNBr86nAX1uR2FCwwF
65CRMRtFvuB4pvrCuNXy6GCx+uUjyM/hvwoIx1sHA9E+OANS4cNvGGHH4T82ZoBy
0l77uCrt4Sks93eJkQ6HawP7C8sdUjQQv91lPcVZE1CAv1ih1h8qexshutpzGlj9
az1K9gvHTUP1GTdMf6JA0nLAoRrDBChrtRrvO4gZUb9sN6wlkA4rPjkRRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0RPKPAGdVCjTnKzDH/aRyIO0iEMB8GA1UdIwQY
MBaAFB4ZEbm7XIo+HiuKURZfinGgksaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQt
Yjc2ODZiOTA2MWE1LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQtYjc2ODZiOTA2MWE1
LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZL+sTYXK
+sCdSASmXnyQZU8bdzirtQgVKsP+icIhzTnTE7PeikYdUdq8HlG5Y9WXx86Y45gw
ezN/FgPGEPdsmvhWT9r709qYKY/MIprpanhp3IjYl+SmM8AKiKsEyUqK8KgohiPC
VvVxPQ14xV1RM62JJsoT0gGd3CU1d+sYOgxHfOWROC9HVYe2tyomNw5wxkn3RYh5
4+F6e6FESifDU+6pAvhAi1bbjsqhwUPKHL/MP20kyB+z+Ws83je2EzSQFOsYPoDF
tVmGvuIxcMMbyPvadUGlUSrj6zYvpu7kG6p9YquwCYrJsKH9AFlU5YaMFU8GpsNL
TJBmeHub4knnkg==
-----END CERTIFICATE-----