Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
File:                     hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft (raw, json)
Hash identifier:          WudKoLHnuZRW9u3Ec3rtM+oywPt10/C3zI65cGbNif8=
Subject key identifier:   51:EF:97:1A:95:78:A1:2E:BC:67:70:4C:0C:46:69:E7:DA:55:B2:81
Authority key identifier: 86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE
Certificate issuer:       /CN=8649aa4b328735536d27c168cdbf4ea177701dce
Certificate serial:       0198D5BC412D8D745F27C4934299ABB91A71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 07:02:20 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:20 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:20 +0000
Files and hashes:         1: hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl (hash: 94JODiU9ef3S5VUyO62Qz9EnTAwi9hih+YV0Yez80L4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:41:2d:8d:74:5f:27:c4:93:42:99:ab:b9:1a:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8649aa4b328735536d27c168cdbf4ea177701dce
        Validity
            Not Before: Aug 23 07:02:20 2025 GMT
            Not After : Aug 24 07:02:20 2025 GMT
        Subject: CN=51ef971a9578a12ebc67704c0c4669e7da55b281
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:7e:ec:65:b1:cd:64:8c:8d:02:7b:17:1d:eb:
                    ec:b3:27:7f:37:3e:5f:e9:af:cb:21:28:48:00:73:
                    2e:4f:6e:5e:69:3e:29:bf:79:53:ab:34:f9:11:6c:
                    82:e9:c7:4d:66:f1:f4:a3:69:12:f2:c1:42:f5:7d:
                    09:60:b7:d7:18:cb:a7:ce:6e:54:16:ca:25:8d:33:
                    be:14:5d:60:fc:b1:15:b9:82:a8:40:f0:95:b7:03:
                    f8:86:ed:64:8d:b2:b9:41:11:8c:61:a2:60:d4:b6:
                    3e:6f:61:95:05:fd:b1:62:44:1b:aa:50:ed:3b:9c:
                    80:af:33:29:9e:85:21:51:bc:7f:a6:61:5c:d4:06:
                    66:2b:f8:4b:e6:18:9b:a3:bb:fd:a9:dd:ff:17:80:
                    a3:01:84:05:52:38:30:99:2c:73:27:8c:42:94:49:
                    4e:2f:44:a9:9f:c9:15:06:dd:53:fa:5d:d6:50:17:
                    61:56:c5:e9:14:70:3e:ac:3f:58:fe:35:30:99:b6:
                    90:4e:87:7f:94:5a:91:b9:f1:f2:ec:7c:a1:24:d5:
                    0f:93:57:10:b6:9a:fc:1c:8a:b7:94:b0:3d:e7:15:
                    e6:d7:ef:fb:44:6b:c6:72:cb:9f:a7:02:89:1f:52:
                    82:c0:70:78:ce:8f:2c:4e:20:7f:28:7d:68:e4:ca:
                    82:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:EF:97:1A:95:78:A1:2E:BC:67:70:4C:0C:46:69:E7:DA:55:B2:81
            X509v3 Authority Key Identifier:
                keyid:86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:71:11:73:2b:f9:e6:56:11:30:b8:50:dd:a5:9e:7f:1b:68:
         98:41:6f:f3:ed:a9:6f:20:63:f7:36:76:07:80:75:3b:a3:16:
         c3:25:00:40:fc:dc:b7:62:d4:7c:6b:ee:1b:06:4f:6c:c5:05:
         78:55:66:27:63:eb:b1:76:50:d7:6d:2b:a7:7a:c5:31:d9:5d:
         ec:5c:8e:c4:dc:1b:27:06:b7:c5:ef:ed:91:b2:b2:7a:0f:a4:
         56:e1:d7:c5:76:21:1e:bc:27:75:78:ef:6e:fa:5b:b3:de:d5:
         5e:f4:cd:f3:60:c2:a7:e6:31:d9:bf:0a:f2:82:70:a8:fc:bd:
         74:e2:4e:47:83:a1:08:00:5d:f7:3f:8d:88:1c:63:40:d5:c5:
         7d:7d:67:a1:84:91:ec:68:23:d2:de:c1:61:a6:17:fe:49:b0:
         08:68:b6:9f:05:d6:fe:62:b3:49:cf:05:57:4d:55:c2:a3:b9:
         92:d3:b7:b2:37:90:34:8a:0a:6d:a5:b5:6a:ad:09:27:a5:18:
         28:e0:0f:94:64:57:bf:3b:d8:90:3d:ee:0c:7b:bf:8f:25:aa:
         f2:08:d5:bd:a8:50:05:22:17:75:4f:35:26:a7:dd:8d:6d:3e:
         c2:fc:b6:50:fe:a1:81:d4:0c:cb:ed:ea:95:92:ca:36:1f:78:
         32:a9:77:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvEEtjXRfJ8STQpmruRpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDlhYTRiMzI4NzM1NTM2ZDI3YzE2OGNkYmY0ZWExNzc3
MDFkY2UwHhcNMjUwODIzMDcwMjIwWhcNMjUwODI0MDcwMjIwWjAzMTEwLwYDVQQD
Eyg1MWVmOTcxYTk1NzhhMTJlYmM2NzcwNGMwYzQ2NjllN2RhNTViMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX7sZbHNZIyNAnsXHevssyd/Nz5f
6a/LIShIAHMuT25eaT4pv3lTqzT5EWyC6cdNZvH0o2kS8sFC9X0JYLfXGMunzm5U
FsoljTO+FF1g/LEVuYKoQPCVtwP4hu1kjbK5QRGMYaJg1LY+b2GVBf2xYkQbqlDt
O5yArzMpnoUhUbx/pmFc1AZmK/hL5hibo7v9qd3/F4CjAYQFUjgwmSxzJ4xClElO
L0Spn8kVBt1T+l3WUBdhVsXpFHA+rD9Y/jUwmbaQTod/lFqRufHy7HyhJNUPk1cQ
tpr8HIq3lLA95xXm1+/7RGvGcsufpwKJH1KCwHB4zo8sTiB/KH1o5MqCMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHvlxqVeKEuvGdwTAxGaefaVbKBMB8GA1UdIwQY
MBaAFIZJqksyhzVTbSfBaM2/TqF3cB3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMt
MTlmMWRhYjJkMWI0LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMtMTlmMWRhYjJkMWI0
LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHHERcyv5
5lYRMLhQ3aWefxtomEFv8+2pbyBj9zZ2B4B1O6MWwyUAQPzct2LUfGvuGwZPbMUF
eFVmJ2PrsXZQ120rp3rFMdld7FyOxNwbJwa3xe/tkbKyeg+kVuHXxXYhHrwndXjv
bvpbs97VXvTN82DCp+Yx2b8K8oJwqPy9dOJOR4OhCABd9z+NiBxjQNXFfX1noYSR
7Ggj0t7BYaYX/kmwCGi2nwXW/mKzSc8FV01VwqO5ktO3sjeQNIoKbaW1aq0JJ6UY
KOAPlGRXvzvYkD3uDHu/jyWq8gjVvahQBSIXdU81JqfdjW0+wvy2UP6hgdQMy+3q
lZLKNh94Mql3xg==
-----END CERTIFICATE-----