Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
File:                     hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft (raw, json)
Hash identifier:          y46dpi05wq1Oq300NtoWFAVZzYheztfj3v3S0EYY3cw=
Subject key identifier:   89:15:10:7A:AE:E4:B9:54:D4:46:7C:6D:0C:2C:35:A3:B9:D8:FF:71
Authority key identifier: 86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE
Certificate issuer:       /CN=8649aa4b328735536d27c168cdbf4ea177701dce
Certificate serial:       0196CA60423B0273BF4509248FFF199BFBA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
Manifest number:          1538
Signing time:             Tue 13 May 2025 16:00:28 +0000
Manifest this update:     Tue 13 May 2025 16:00:28 +0000
Manifest next update:     Wed 14 May 2025 16:00:28 +0000
Files and hashes:         1: hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl (hash: z2cfQjVI+OiDsYRaodd4PELXFi/0i526YVjmZL4dN+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ca:60:42:3b:02:73:bf:45:09:24:8f:ff:19:9b:fb:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8649aa4b328735536d27c168cdbf4ea177701dce
        Validity
            Not Before: May 13 16:00:28 2025 GMT
            Not After : May 14 16:00:28 2025 GMT
        Subject: CN=8915107aaee4b954d4467c6d0c2c35a3b9d8ff71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:80:89:08:28:8b:88:3e:da:a5:08:ef:1c:0f:
                    32:a4:d0:cb:15:80:18:d1:5c:8c:66:98:67:2d:67:
                    cd:de:ab:95:19:87:bd:d7:09:ee:5f:29:40:99:91:
                    7e:b5:62:8a:f0:6d:65:7b:a6:26:f3:0b:00:06:50:
                    d3:c9:44:d7:f3:6b:51:fa:21:61:14:cc:82:42:b9:
                    55:6f:e9:39:87:de:d3:3a:72:67:5d:f4:0e:17:b5:
                    e7:ca:86:96:f5:d3:8f:90:d5:26:d0:9c:7c:6e:7f:
                    de:06:6f:e9:bf:dc:8f:41:8d:a1:81:96:7e:c0:30:
                    9f:24:bf:1f:22:93:57:ba:3a:dd:ef:79:18:5e:27:
                    e2:bb:7a:fa:b8:df:4e:c0:54:d4:dd:1f:41:a5:29:
                    4a:04:bd:16:49:0d:08:e6:fd:26:1d:21:e7:45:87:
                    92:39:be:b0:d5:e1:11:e5:15:ef:b6:73:e8:be:e9:
                    3b:33:e1:63:c7:6b:21:b7:15:49:60:54:9f:06:c7:
                    71:db:64:e2:36:2a:af:04:33:b1:0e:90:bc:98:25:
                    57:16:30:70:80:3f:d0:62:38:63:91:c6:86:85:4d:
                    22:63:fe:9c:b8:95:93:12:ad:46:74:1c:8b:86:04:
                    bc:18:25:7e:33:ca:bb:fc:0d:5e:b4:c0:86:02:21:
                    d1:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:15:10:7A:AE:E4:B9:54:D4:46:7C:6D:0C:2C:35:A3:B9:D8:FF:71
            X509v3 Authority Key Identifier:
                keyid:86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:34:ce:a6:4e:c2:be:18:70:05:2b:f1:20:7a:ad:63:03:f2:
         a1:0b:de:b2:5b:41:cd:f8:91:e2:b3:bc:d5:d9:a8:35:6f:b6:
         66:18:ad:f0:7a:0b:b2:2e:bc:31:6c:6c:a7:a2:35:48:e4:7f:
         60:6a:09:94:07:b1:50:7b:fc:da:ef:b7:0d:a3:3f:da:b1:d9:
         34:c7:cd:ee:ce:31:27:02:a5:b0:46:79:ed:92:07:c8:f0:5f:
         51:8f:fe:80:c0:09:a2:76:ff:da:7a:d5:fa:ee:fd:6e:f7:50:
         d7:8d:31:a0:7c:43:38:24:f1:dc:98:1d:a6:cf:0e:17:ea:0f:
         8e:44:3d:2f:eb:90:9d:bf:5a:69:cf:fc:c7:84:01:09:ae:48:
         2f:43:0c:d5:5f:14:e3:60:1b:44:44:fc:40:a4:af:da:72:fe:
         a1:e8:51:7a:59:d4:21:1e:fb:5d:f5:8b:74:27:0d:1d:eb:b4:
         a9:f6:94:6c:0d:6b:00:93:76:0b:10:22:72:26:5a:95:48:f8:
         93:6b:67:26:ab:c7:dc:cd:ff:b4:42:f5:3b:a1:e4:7b:07:26:
         e1:bb:be:f2:a1:0c:05:15:2a:2a:bc:ce:8d:ac:70:58:87:40:
         c1:fc:16:cb:6b:20:93:0f:8a:53:ce:32:3f:ab:96:80:56:4b:
         3a:90:70:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbKYEI7AnO/RQkkj/8Zm/uhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDlhYTRiMzI4NzM1NTM2ZDI3YzE2OGNkYmY0ZWExNzc3
MDFkY2UwHhcNMjUwNTEzMTYwMDI4WhcNMjUwNTE0MTYwMDI4WjAzMTEwLwYDVQQD
Eyg4OTE1MTA3YWFlZTRiOTU0ZDQ0NjdjNmQwYzJjMzVhM2I5ZDhmZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoCJCCiLiD7apQjvHA8ypNDLFYAY
0VyMZphnLWfN3quVGYe91wnuXylAmZF+tWKK8G1le6Ym8wsABlDTyUTX82tR+iFh
FMyCQrlVb+k5h97TOnJnXfQOF7XnyoaW9dOPkNUm0Jx8bn/eBm/pv9yPQY2hgZZ+
wDCfJL8fIpNXujrd73kYXifiu3r6uN9OwFTU3R9BpSlKBL0WSQ0I5v0mHSHnRYeS
Ob6w1eER5RXvtnPovuk7M+Fjx2shtxVJYFSfBsdx22TiNiqvBDOxDpC8mCVXFjBw
gD/QYjhjkcaGhU0iY/6cuJWTEq1GdByLhgS8GCV+M8q7/A1etMCGAiHRlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIkVEHqu5LlU1EZ8bQwsNaO52P9xMB8GA1UdIwQY
MBaAFIZJqksyhzVTbSfBaM2/TqF3cB3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMt
MTlmMWRhYjJkMWI0LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMtMTlmMWRhYjJkMWI0
LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABDTOpk7C
vhhwBSvxIHqtYwPyoQvesltBzfiR4rO81dmoNW+2Zhit8HoLsi68MWxsp6I1SOR/
YGoJlAexUHv82u+3DaM/2rHZNMfN7s4xJwKlsEZ57ZIHyPBfUY/+gMAJonb/2nrV
+u79bvdQ140xoHxDOCTx3Jgdps8OF+oPjkQ9L+uQnb9aac/8x4QBCa5IL0MM1V8U
42AbRET8QKSv2nL+oehRelnUIR77XfWLdCcNHeu0qfaUbA1rAJN2CxAiciZalUj4
k2tnJqvH3M3/tEL1O6Hkewcm4bu+8qEMBRUqKrzOjaxwWIdAwfwWy2sgkw+KU84y
P6uWgFZLOpBwMw==
-----END CERTIFICATE-----