Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.mft
File:                     hbc7mIsBRCjrr2ehj30Zmbojxk0.mft (raw, json)
Hash identifier:          BVh/2RDmVEDPZK2QCu1/WRHY9nhlcIjNUTcszxO8P6Y=
Subject key identifier:   20:C2:14:A8:40:1A:EE:81:E7:AA:6D:E5:8C:E3:AE:AA:39:47:03:30
Authority key identifier: 85:B7:3B:98:8B:01:44:28:EB:AF:67:A1:8F:7D:19:99:BA:23:C6:4D
Certificate issuer:       /CN=85b73b988b014428ebaf67a18f7d1999ba23c64d
Certificate serial:       0197B6A1BB6A62A5C346BB967E465B7807CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hbc7mIsBRCjrr2ehj30Zmbojxk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.mft
Manifest number:          11D2
Signing time:             Sat 28 Jun 2025 13:02:21 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:21 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:21 +0000
Files and hashes:         1: hbc7mIsBRCjrr2ehj30Zmbojxk0.crl (hash: tcc728mTQYBRESsdj+cuqpnHgkZIMEIVUnA79ulTfs0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hbc7mIsBRCjrr2ehj30Zmbojxk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:bb:6a:62:a5:c3:46:bb:96:7e:46:5b:78:07:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85b73b988b014428ebaf67a18f7d1999ba23c64d
        Validity
            Not Before: Jun 28 13:02:21 2025 GMT
            Not After : Jun 29 13:02:21 2025 GMT
        Subject: CN=20c214a8401aee81e7aa6de58ce3aeaa39470330
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:be:89:43:0a:7a:98:86:4a:0a:eb:c6:20:c6:
                    d6:05:68:ae:80:f5:62:d5:dd:6e:b8:de:7b:82:83:
                    88:59:32:b8:78:eb:c1:50:40:8b:68:63:32:99:04:
                    c4:6e:3c:d3:3f:5f:01:c3:09:8f:ae:2f:d6:71:fd:
                    2c:8f:a6:52:3b:25:da:d6:8d:a4:19:c2:b0:1d:51:
                    38:92:4e:d2:91:a0:65:b4:d4:3a:8f:b1:03:a4:62:
                    cb:8e:15:e8:e1:50:20:d5:6c:2b:6f:2b:7b:52:28:
                    6d:82:70:77:68:46:22:81:37:27:e3:61:2b:3b:df:
                    c3:7e:fd:21:77:02:33:22:ea:ee:1c:92:11:70:7a:
                    1a:dd:90:64:37:42:78:2d:e0:21:8b:2c:c3:3d:10:
                    65:b9:56:e1:90:08:c6:76:be:bf:f0:b9:39:ab:86:
                    c6:8d:e5:0a:f5:7a:0d:67:9a:09:4f:32:68:a2:cc:
                    6a:62:22:ff:7b:8d:4e:8f:98:01:08:32:46:6a:fa:
                    a6:72:2d:37:3a:bf:4c:d9:0e:5a:d6:a5:11:d9:95:
                    d0:d4:d2:16:3c:71:43:c9:69:2b:12:a3:f8:b1:34:
                    a7:a1:99:6f:5d:55:e2:79:ca:d3:44:2e:c0:24:8f:
                    e0:41:ed:0e:87:57:81:c3:75:eb:66:12:96:76:6d:
                    5c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:C2:14:A8:40:1A:EE:81:E7:AA:6D:E5:8C:E3:AE:AA:39:47:03:30
            X509v3 Authority Key Identifier:
                keyid:85:B7:3B:98:8B:01:44:28:EB:AF:67:A1:8F:7D:19:99:BA:23:C6:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbc7mIsBRCjrr2ehj30Zmbojxk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:5b:74:51:99:f1:ed:f8:f1:9a:75:1a:96:90:d1:65:3f:09:
         aa:2c:63:ce:ab:27:34:1c:5c:3b:56:99:cf:fe:07:20:f0:34:
         7b:50:5c:a5:ed:e7:30:6c:43:f3:d2:7f:4e:f6:45:fc:36:59:
         34:9d:78:46:5e:fe:ad:6c:0d:7d:1a:b3:a2:05:44:84:19:72:
         f4:4b:6d:e5:24:76:60:da:20:b9:a3:11:70:cf:fe:7a:cd:90:
         45:87:2c:04:0b:8c:26:43:82:9a:1e:86:6e:eb:0b:04:bc:d1:
         13:1e:d3:2a:25:ba:24:ff:e0:d4:f6:57:5c:97:72:98:36:f4:
         52:74:f1:ea:f4:9b:ad:dd:7e:c5:fa:c6:b2:11:8d:17:53:c3:
         44:69:3c:ed:60:4c:52:0a:b4:fd:1d:67:e4:4e:44:be:5c:af:
         3e:28:11:82:1f:a5:81:b5:a5:eb:40:bb:f9:77:01:ac:83:75:
         3e:9c:15:53:60:ba:2e:dd:77:be:f9:65:04:95:f6:74:70:1c:
         d1:f4:30:3a:3a:5b:75:e6:71:2f:86:e6:39:55:50:26:72:68:
         f2:99:97:e8:a0:60:d4:24:39:80:d1:97:33:03:d5:ce:72:04:
         a7:17:47:e1:1a:7e:5b:49:e8:6f:f5:67:72:f2:d6:ae:e7:a4:
         ff:b8:39:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2obtqYqXDRruWfkZbeAfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjczYjk4OGIwMTQ0MjhlYmFmNjdhMThmN2QxOTk5YmEy
M2M2NGQwHhcNMjUwNjI4MTMwMjIxWhcNMjUwNjI5MTMwMjIxWjAzMTEwLwYDVQQD
EygyMGMyMTRhODQwMWFlZTgxZTdhYTZkZTU4Y2UzYWVhYTM5NDcwMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb6JQwp6mIZKCuvGIMbWBWiugPVi
1d1uuN57goOIWTK4eOvBUECLaGMymQTEbjzTP18BwwmPri/Wcf0sj6ZSOyXa1o2k
GcKwHVE4kk7SkaBltNQ6j7EDpGLLjhXo4VAg1Wwrbyt7UihtgnB3aEYigTcn42Er
O9/Dfv0hdwIzIuruHJIRcHoa3ZBkN0J4LeAhiyzDPRBluVbhkAjGdr6/8Lk5q4bG
jeUK9XoNZ5oJTzJoosxqYiL/e41Oj5gBCDJGavqmci03Or9M2Q5a1qUR2ZXQ1NIW
PHFDyWkrEqP4sTSnoZlvXVXiecrTRC7AJI/gQe0Oh1eBw3XrZhKWdm1cTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDCFKhAGu6B56pt5Yzjrqo5RwMwMB8GA1UdIwQY
MBaAFIW3O5iLAUQo669noY99GZm6I8ZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJjN21Jc0JSQ2pycjJlaGozMFptYm9qeGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iODUwZGUtMGM2Yi00ZGMyLWFkOWUt
Y2ZlZGUwOTAwN2FhLzEvaGJjN21Jc0JSQ2pycjJlaGozMFptYm9qeGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iODUwZGUtMGM2Yi00ZGMyLWFkOWUtY2ZlZGUwOTAwN2Fh
LzEvaGJjN21Jc0JSQ2pycjJlaGozMFptYm9qeGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOFt0UZnx
7fjxmnUalpDRZT8JqixjzqsnNBxcO1aZz/4HIPA0e1Bcpe3nMGxD89J/TvZF/DZZ
NJ14Rl7+rWwNfRqzogVEhBly9Ett5SR2YNoguaMRcM/+es2QRYcsBAuMJkOCmh6G
busLBLzREx7TKiW6JP/g1PZXXJdymDb0UnTx6vSbrd1+xfrGshGNF1PDRGk87WBM
Ugq0/R1n5E5EvlyvPigRgh+lgbWl60C7+XcBrIN1PpwVU2C6Lt13vvllBJX2dHAc
0fQwOjpbdeZxL4bmOVVQJnJo8pmX6KBg1CQ5gNGXMwPVznIEpxdH4Rp+W0nob/Vn
cvLWruek/7g52A==
-----END CERTIFICATE-----