Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
File:                     HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft (raw, json)
Hash identifier:          Y2ymBoY5JbKsfxJdO4j2xiSIAH7GQKKMP+ras6D/1SU=
Subject key identifier:   52:35:59:E2:5B:1D:C7:3B:A4:F0:13:D3:4F:55:57:AD:06:84:97:3F
Authority key identifier: 1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50
Certificate issuer:       /CN=1c5353a86abd33b1a236e407ce469261d0636150
Certificate serial:       0199FAD7DFC4FF01CB98A49E932F8C372887
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
Manifest number:          0966
Signing time:             Sun 19 Oct 2025 05:01:15 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:15 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:15 +0000
Files and hashes:         1: HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl (hash: p3PjlhyiDoFyfE6W3M5VxCjBSFkwv/8G3O16t91fQVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:df:c4:ff:01:cb:98:a4:9e:93:2f:8c:37:28:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5353a86abd33b1a236e407ce469261d0636150
        Validity
            Not Before: Oct 19 05:01:15 2025 GMT
            Not After : Oct 20 05:01:15 2025 GMT
        Subject: CN=523559e25b1dc73ba4f013d34f5557ad0684973f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:99:c1:98:18:53:ec:36:f9:cf:62:d4:db:83:
                    95:98:c6:86:0c:c4:68:61:ae:3e:ce:1f:54:64:71:
                    16:2b:1a:e1:07:a5:87:17:f1:29:db:4c:c5:52:76:
                    ab:f9:04:cb:1e:7c:34:6f:72:e9:58:cd:92:95:27:
                    1f:47:3e:f3:e0:65:b3:b0:1e:93:f5:6e:b6:98:97:
                    56:c6:c5:c1:6a:16:7a:22:01:b7:87:fb:15:0a:c4:
                    b5:ce:99:ab:2c:10:85:3d:24:55:be:7d:8c:ef:54:
                    17:b9:ce:f6:61:c3:b4:97:ea:44:2f:44:dc:72:90:
                    60:9a:88:f1:2f:38:0f:12:2b:c8:5c:d8:d9:ea:1e:
                    f3:cc:e7:bc:09:88:b2:20:7f:cf:ee:a0:e2:19:93:
                    e3:df:f1:31:b4:c0:e7:49:80:e6:e5:69:4f:78:27:
                    fa:a9:b5:e5:76:0d:fc:67:e4:82:0f:3a:a4:b7:08:
                    ea:9e:f8:49:d3:44:27:ec:6a:e1:14:f0:f3:63:7b:
                    f6:b9:36:32:a8:11:39:08:e5:54:e2:3c:89:c6:5a:
                    b9:69:cf:f5:fe:35:5a:41:85:17:77:9e:b4:70:1f:
                    ae:e2:02:6a:94:93:f2:7d:92:dd:9f:72:56:f8:43:
                    4e:1b:40:af:5a:33:32:9b:4c:d2:5d:34:f7:e9:42:
                    8a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:35:59:E2:5B:1D:C7:3B:A4:F0:13:D3:4F:55:57:AD:06:84:97:3F
            X509v3 Authority Key Identifier:
                keyid:1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:ac:44:e7:08:e9:ef:82:21:38:d1:24:13:85:64:9b:bd:c7:
         36:b9:17:76:9f:ec:36:93:a2:ff:49:d2:0a:2c:9a:2c:5b:d9:
         be:f9:0f:d1:d2:43:fc:06:30:15:6e:18:5c:f6:35:44:d2:bd:
         7e:fd:02:02:48:aa:0b:5b:ed:61:77:31:cc:5b:ab:d9:b3:d3:
         99:9d:e9:c5:f3:0e:3d:c7:8b:a8:8f:5a:ec:0a:76:c4:1a:3a:
         a0:1b:87:c9:7a:5e:93:e8:87:4d:0f:4e:25:5e:51:de:87:1f:
         fd:88:d0:c9:75:ce:de:11:82:89:a0:97:5c:d9:b2:ee:9a:5b:
         ca:e3:af:38:c0:c1:6a:2c:bc:18:8f:c7:f0:6b:54:a2:27:4a:
         55:bb:f3:e4:36:30:6b:d1:b8:a6:d8:c9:14:d4:56:75:50:fa:
         a8:1b:ce:35:c1:d3:6c:6e:1d:54:41:8b:8b:db:29:73:03:ce:
         f0:60:1b:18:57:50:9a:f5:35:63:1d:a3:23:00:fa:11:03:d3:
         2b:1f:5f:0d:37:dc:fa:f3:4b:cd:e1:46:28:65:72:0d:be:a4:
         5f:e3:3c:bf:2e:79:fd:35:ba:f4:50:7e:9b:cd:eb:36:c3:1a:
         51:9a:69:c4:7b:61:c1:f3:f9:7b:32:57:12:17:3f:18:19:06:
         72:04:56:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn619/E/wHLmKSeky+MNyiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTM1M2E4NmFiZDMzYjFhMjM2ZTQwN2NlNDY5MjYxZDA2
MzYxNTAwHhcNMjUxMDE5MDUwMTE1WhcNMjUxMDIwMDUwMTE1WjAzMTEwLwYDVQQD
Eyg1MjM1NTllMjViMWRjNzNiYTRmMDEzZDM0ZjU1NTdhZDA2ODQ5NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5nBmBhT7Db5z2LU24OVmMaGDMRo
Ya4+zh9UZHEWKxrhB6WHF/Ep20zFUnar+QTLHnw0b3LpWM2SlScfRz7z4GWzsB6T
9W62mJdWxsXBahZ6IgG3h/sVCsS1zpmrLBCFPSRVvn2M71QXuc72YcO0l+pEL0Tc
cpBgmojxLzgPEivIXNjZ6h7zzOe8CYiyIH/P7qDiGZPj3/ExtMDnSYDm5WlPeCf6
qbXldg38Z+SCDzqktwjqnvhJ00Qn7GrhFPDzY3v2uTYyqBE5COVU4jyJxlq5ac/1
/jVaQYUXd560cB+u4gJqlJPyfZLdn3JW+ENOG0CvWjMym0zSXTT36UKKhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFI1WeJbHcc7pPAT009VV60GhJc/MB8GA1UdIwQY
MBaAFBxTU6hqvTOxojbkB85GkmHQY2FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMt
YzRlMThiOGJiMWNmLzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMtYzRlMThiOGJiMWNm
LzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARaxE5wjp
74IhONEkE4Vkm73HNrkXdp/sNpOi/0nSCiyaLFvZvvkP0dJD/AYwFW4YXPY1RNK9
fv0CAkiqC1vtYXcxzFur2bPTmZ3pxfMOPceLqI9a7Ap2xBo6oBuHyXpek+iHTQ9O
JV5R3ocf/YjQyXXO3hGCiaCXXNmy7ppbyuOvOMDBaiy8GI/H8GtUoidKVbvz5DYw
a9G4ptjJFNRWdVD6qBvONcHTbG4dVEGLi9spcwPO8GAbGFdQmvU1Yx2jIwD6EQPT
Kx9fDTfc+vNLzeFGKGVyDb6kX+M8vy55/TW69FB+m83rNsMaUZppxHthwfP5ezJX
Ehc/GBkGcgRWxg==
-----END CERTIFICATE-----