Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft
File:                     hGy8NY5qqP7tbgMmoECJt-XyqYk.mft (raw, json)
Hash identifier:          2GSkx0gsukdYT/LVKFnDd3vLmDnN4QNHhA3yD+RcvSA=
Subject key identifier:   0A:66:C8:48:BA:27:61:FA:D9:79:5F:6B:57:21:51:C5:96:E8:CE:43
Authority key identifier: 84:6C:BC:35:8E:6A:A8:FE:ED:6E:03:26:A0:40:89:B7:E5:F2:A9:89
Certificate issuer:       /CN=846cbc358e6aa8feed6e0326a04089b7e5f2a989
Certificate serial:       0199FDD9B5B7B75388C3F1A2550F80BD3EA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hGy8NY5qqP7tbgMmoECJt-XyqYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft
Manifest number:          0B44
Signing time:             Sun 19 Oct 2025 19:02:07 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:07 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:07 +0000
Files and hashes:         1: hGy8NY5qqP7tbgMmoECJt-XyqYk.crl (hash: 1SPaU6A3Sb+7727nnLE8HScpi+fmqQxK8qi5kSZmEuY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hGy8NY5qqP7tbgMmoECJt-XyqYk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:b5:b7:b7:53:88:c3:f1:a2:55:0f:80:bd:3e:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=846cbc358e6aa8feed6e0326a04089b7e5f2a989
        Validity
            Not Before: Oct 19 19:02:07 2025 GMT
            Not After : Oct 20 19:02:07 2025 GMT
        Subject: CN=0a66c848ba2761fad9795f6b572151c596e8ce43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:de:10:df:44:ac:b7:0a:dd:b4:6a:fe:07:4d:
                    dd:ce:eb:1b:f3:c0:4a:c6:46:76:49:fe:2b:9d:ca:
                    f4:6c:3c:1b:5e:29:2c:95:fb:7f:57:53:2f:ce:46:
                    6b:a4:df:6b:b3:9c:48:ea:11:f7:55:81:a6:bc:dc:
                    56:74:e5:32:60:e7:e8:b6:41:a3:1c:b4:67:11:76:
                    66:9f:3f:18:a2:e8:f9:92:25:27:e5:d7:b3:ba:da:
                    24:eb:ab:39:2e:89:a0:d8:ef:01:11:59:4c:ff:5f:
                    0d:a8:39:3d:a2:cf:4e:3b:fc:ea:35:e3:89:96:5a:
                    bb:2c:26:86:dd:30:e8:7d:c4:be:4a:f9:4a:3d:b3:
                    a7:2d:9c:15:de:a8:0b:bc:71:b4:b9:70:af:28:1c:
                    20:03:a2:b8:dd:fa:b1:0d:7b:8a:0f:94:61:91:16:
                    12:03:5f:ec:71:70:12:56:4e:d9:c6:bd:18:41:e9:
                    a5:67:f1:2d:97:d5:0a:05:b2:15:41:a1:57:56:b8:
                    fd:c0:41:65:72:aa:93:85:e7:bb:0f:df:d8:3e:85:
                    ec:05:5c:d3:06:f3:50:ce:ae:00:4e:7c:95:9b:e3:
                    43:5e:98:46:59:90:bf:88:6e:6e:f2:6b:73:3c:b9:
                    09:e5:38:d1:8b:5d:0d:c0:b3:53:d3:62:93:9c:aa:
                    66:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:66:C8:48:BA:27:61:FA:D9:79:5F:6B:57:21:51:C5:96:E8:CE:43
            X509v3 Authority Key Identifier:
                keyid:84:6C:BC:35:8E:6A:A8:FE:ED:6E:03:26:A0:40:89:B7:E5:F2:A9:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGy8NY5qqP7tbgMmoECJt-XyqYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:66:bd:7a:18:79:b8:42:46:44:45:ba:56:53:ac:56:87:c3:
         ef:9e:ae:c8:dd:20:25:b1:7a:79:6f:80:24:3a:e8:bb:50:b3:
         b0:af:78:d1:5d:b9:7b:88:b4:73:f3:6e:84:64:fd:88:b1:ee:
         98:94:82:30:7a:c0:8b:95:e8:cc:30:ba:06:b9:09:20:74:3b:
         80:c2:80:aa:c9:7a:ab:17:63:a2:2b:53:c8:53:b5:c7:da:a7:
         4c:18:81:0c:ae:6b:56:dd:12:6d:6a:c2:79:0e:05:86:00:39:
         c4:d5:fb:4f:b8:95:0b:df:3c:7f:cd:dd:9a:13:92:69:4f:13:
         08:87:bb:25:96:b2:16:d1:f4:d8:0e:88:a9:a9:74:39:2a:74:
         94:fd:2a:6d:a5:07:df:67:61:81:78:0a:b5:15:df:78:98:5a:
         54:3c:9a:5b:59:61:49:c5:8d:c4:4a:59:50:0c:d2:0b:0a:05:
         ef:21:9f:b2:ca:3e:89:1e:ff:99:66:d8:96:84:b5:61:84:bd:
         34:a6:97:3f:02:19:40:b5:db:09:6c:5b:c2:47:f1:99:30:08:
         31:7f:84:4b:d0:42:62:9e:ad:d4:b1:3a:31:fd:7b:7f:a7:fe:
         ba:44:de:0d:2a:16:2b:53:b4:50:01:7f:82:dc:e1:d6:3c:72:
         e3:c7:40:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92bW3t1OIw/GiVQ+AvT6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmNiYzM1OGU2YWE4ZmVlZDZlMDMyNmEwNDA4OWI3ZTVm
MmE5ODkwHhcNMjUxMDE5MTkwMjA3WhcNMjUxMDIwMTkwMjA3WjAzMTEwLwYDVQQD
EygwYTY2Yzg0OGJhMjc2MWZhZDk3OTVmNmI1NzIxNTFjNTk2ZThjZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA094Q30SstwrdtGr+B03dzusb88BK
xkZ2Sf4rncr0bDwbXikslft/V1MvzkZrpN9rs5xI6hH3VYGmvNxWdOUyYOfotkGj
HLRnEXZmnz8Youj5kiUn5dezutok66s5Lomg2O8BEVlM/18NqDk9os9OO/zqNeOJ
llq7LCaG3TDofcS+SvlKPbOnLZwV3qgLvHG0uXCvKBwgA6K43fqxDXuKD5RhkRYS
A1/scXASVk7Zxr0YQemlZ/Etl9UKBbIVQaFXVrj9wEFlcqqThee7D9/YPoXsBVzT
BvNQzq4ATnyVm+NDXphGWZC/iG5u8mtzPLkJ5TjRi10NwLNT02KTnKpmwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFApmyEi6J2H62Xlfa1chUcWW6M5DMB8GA1UdIwQY
MBaAFIRsvDWOaqj+7W4DJqBAibfl8qmJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEd5OE5ZNXFxUDd0YmdNbW9FQ0p0LVh5cVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS81ZjNkNDUtMDBkMC00NTVhLWFjYzgt
M2Y3ZDgxYmFmN2I3LzEvaEd5OE5ZNXFxUDd0YmdNbW9FQ0p0LVh5cVlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS81ZjNkNDUtMDBkMC00NTVhLWFjYzgtM2Y3ZDgxYmFmN2I3
LzEvaEd5OE5ZNXFxUDd0YmdNbW9FQ0p0LVh5cVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd2a9ehh5
uEJGREW6VlOsVofD756uyN0gJbF6eW+AJDrou1CzsK940V25e4i0c/NuhGT9iLHu
mJSCMHrAi5XozDC6BrkJIHQ7gMKAqsl6qxdjoitTyFO1x9qnTBiBDK5rVt0SbWrC
eQ4FhgA5xNX7T7iVC988f83dmhOSaU8TCIe7JZayFtH02A6Iqal0OSp0lP0qbaUH
32dhgXgKtRXfeJhaVDyaW1lhScWNxEpZUAzSCwoF7yGfsso+iR7/mWbYloS1YYS9
NKaXPwIZQLXbCWxbwkfxmTAIMX+ES9BCYp6t1LE6Mf17f6f+ukTeDSoWK1O0UAF/
gtzh1jxy48dAnA==
-----END CERTIFICATE-----