Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          k3HGGJwQoEdJ/mltp5sn718T8rS2hOuqGal2MbdblI8=
Subject key identifier:   3A:50:73:70:78:B7:8B:A6:2E:10:1B:6A:EF:D7:BC:3C:3B:C3:47:A2
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       0199FBEBE139320FB4C20B6379EA6917374C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0BBF
Signing time:             Sun 19 Oct 2025 10:02:43 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:43 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:43 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: cCXh5SH+wvPwA7NNQXLrGwnSKFfcWobTetN9RPDfqBA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:e1:39:32:0f:b4:c2:0b:63:79:ea:69:17:37:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: Oct 19 10:02:43 2025 GMT
            Not After : Oct 20 10:02:43 2025 GMT
        Subject: CN=3a50737078b78ba62e101b6aefd7bc3c3bc347a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:ac:67:6e:a7:03:b8:ba:37:dd:74:62:e3:59:
                    52:89:ed:1f:ac:d5:87:38:ed:03:de:83:7a:7d:85:
                    86:75:f2:24:bc:78:a2:ca:7c:68:95:81:05:90:da:
                    2f:93:9e:e9:dd:29:aa:69:a1:d1:7a:50:f8:85:c2:
                    2d:bd:27:c4:48:35:1b:d5:b9:b6:27:3e:40:be:bf:
                    52:ea:04:21:4a:37:16:a2:77:03:b3:48:99:1b:b3:
                    56:25:b9:84:2b:07:2f:1e:ef:48:f2:6a:8f:e0:fe:
                    d2:c2:03:c3:07:cd:37:17:cc:78:2d:04:cb:f0:18:
                    20:21:cf:1a:a9:7a:61:56:93:8b:25:48:5d:83:ce:
                    8c:35:ee:cb:de:01:e3:ce:6c:11:28:54:3a:82:6b:
                    3b:69:aa:cb:1f:82:fb:00:1c:ab:5d:b2:76:40:af:
                    39:19:80:74:15:67:95:91:d5:d9:f5:92:52:d9:de:
                    57:0d:85:90:99:3a:ae:05:dd:89:3e:f3:75:50:23:
                    30:f8:ec:a8:0b:9c:ae:2b:44:d7:f4:db:2c:69:0c:
                    14:ba:85:af:ae:e7:03:7c:10:99:31:d3:be:b7:73:
                    8d:2a:18:69:80:98:8a:3e:b2:76:aa:a7:17:67:44:
                    f4:c2:89:d0:60:1f:dd:00:9d:21:04:88:be:75:a4:
                    28:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:50:73:70:78:B7:8B:A6:2E:10:1B:6A:EF:D7:BC:3C:3B:C3:47:A2
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:34:4d:6b:10:5f:33:63:e8:24:12:3c:65:33:5b:d0:74:5f:
         6a:8a:6b:19:1e:86:58:c9:12:ca:0b:65:e9:b7:d9:0e:92:97:
         6d:33:44:24:c5:7d:27:ea:5b:ea:d4:37:97:0f:86:10:58:ac:
         c2:df:50:7b:bc:30:78:af:c9:1e:40:1a:bf:ca:3d:8a:f4:9b:
         22:44:43:89:7d:a5:42:4e:a9:77:5e:a1:be:ac:de:ca:e6:07:
         a9:03:b8:47:52:3c:b8:1b:60:6f:e0:e6:2c:6a:10:cc:68:0b:
         67:f5:86:f4:6d:34:14:77:2f:6d:4a:92:16:c8:b4:fc:2e:fc:
         83:8e:d4:4f:71:d3:aa:49:1e:a7:ef:5c:68:48:c9:3c:04:4e:
         bc:b4:eb:2d:0a:79:7a:3c:ba:d9:68:98:06:f7:f9:1c:ac:12:
         c8:eb:7e:1e:8e:ab:a1:65:33:7d:36:66:7b:4e:8c:6f:12:4a:
         6b:5e:e8:af:c0:c3:69:ed:28:31:cb:e6:a8:02:61:e1:3d:bd:
         22:82:60:24:c3:9c:2a:23:65:79:5a:d9:0a:85:77:1b:b8:81:
         da:ea:f1:99:c6:b2:f9:ef:d9:ed:24:b0:3c:c7:6a:0f:0a:d5:
         c7:05:09:a9:6b:e6:64:b9:85:a9:25:6e:10:d9:45:47:c6:64:
         8f:dc:d1:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76+E5Mg+0wgtjeeppFzdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjUxMDE5MTAwMjQzWhcNMjUxMDIwMTAwMjQzWjAzMTEwLwYDVQQD
EygzYTUwNzM3MDc4Yjc4YmE2MmUxMDFiNmFlZmQ3YmMzYzNiYzM0N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3axnbqcDuLo33XRi41lSie0frNWH
OO0D3oN6fYWGdfIkvHiiynxolYEFkNovk57p3SmqaaHRelD4hcItvSfESDUb1bm2
Jz5Avr9S6gQhSjcWoncDs0iZG7NWJbmEKwcvHu9I8mqP4P7SwgPDB803F8x4LQTL
8BggIc8aqXphVpOLJUhdg86MNe7L3gHjzmwRKFQ6gms7aarLH4L7AByrXbJ2QK85
GYB0FWeVkdXZ9ZJS2d5XDYWQmTquBd2JPvN1UCMw+OyoC5yuK0TX9NssaQwUuoWv
rucDfBCZMdO+t3ONKhhpgJiKPrJ2qqcXZ0T0wonQYB/dAJ0hBIi+daQoCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpQc3B4t4umLhAbau/XvDw7w0eiMB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACjRNaxBf
M2PoJBI8ZTNb0HRfaoprGR6GWMkSygtl6bfZDpKXbTNEJMV9J+pb6tQ3lw+GEFis
wt9Qe7wweK/JHkAav8o9ivSbIkRDiX2lQk6pd16hvqzeyuYHqQO4R1I8uBtgb+Dm
LGoQzGgLZ/WG9G00FHcvbUqSFsi0/C78g47UT3HTqkkep+9caEjJPAROvLTrLQp5
ejy62WiYBvf5HKwSyOt+Ho6roWUzfTZme06MbxJKa17or8DDae0oMcvmqAJh4T29
IoJgJMOcKiNleVrZCoV3G7iB2urxmcay+e/Z7SSwPMdqDwrVxwUJqWvmZLmFqSVu
ENlFR8Zkj9zRtg==
-----END CERTIFICATE-----