Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
File:                     Hekyc87VkolMnTVRSLsfrMEPcqI.mft (raw, json)
Hash identifier:          27h/gBAxN525yKNKfAXOiudi99XscqcOlK5R9947yNo=
Subject key identifier:   84:B8:45:34:DE:8D:38:3C:B2:60:BD:89:85:64:61:2A:75:7C:C7:ED
Authority key identifier: 1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2
Certificate issuer:       /CN=1de93273ced592894c9d355148bb1facc10f72a2
Certificate serial:       0198D8504A5B309A7EFDAC07AE995DEBC335
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
Manifest number:          122D
Signing time:             Sat 23 Aug 2025 19:03:17 +0000
Manifest this update:     Sat 23 Aug 2025 19:03:17 +0000
Manifest next update:     Sun 24 Aug 2025 19:03:17 +0000
Files and hashes:         1: Hekyc87VkolMnTVRSLsfrMEPcqI.crl (hash: eQUlh4cTBCagHwwCoZTPej2sSjHWQ3sRauKI12JswVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:50:4a:5b:30:9a:7e:fd:ac:07:ae:99:5d:eb:c3:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1de93273ced592894c9d355148bb1facc10f72a2
        Validity
            Not Before: Aug 23 19:03:17 2025 GMT
            Not After : Aug 24 19:03:17 2025 GMT
        Subject: CN=84b84534de8d383cb260bd898564612a757cc7ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:cf:d4:0c:cf:d0:f5:dd:fb:04:f9:bf:03:f2:
                    a9:ef:84:96:ef:df:5a:d6:4d:61:86:8a:20:79:88:
                    14:5c:97:2e:10:b3:58:af:e5:c1:6e:fe:11:22:b1:
                    64:16:79:8b:92:45:15:83:86:fd:bb:bd:fc:cd:8a:
                    99:22:fd:6f:4f:79:a4:39:62:6a:25:62:ca:60:1e:
                    d3:0c:8e:97:3b:55:56:ec:d3:8c:d9:69:b7:72:47:
                    49:36:6d:d5:88:a0:c8:da:2c:2d:13:a0:3a:45:e0:
                    bf:40:be:15:6a:fb:00:10:ca:b1:20:f5:2a:11:3d:
                    4b:63:40:44:b1:f2:a7:e8:62:b7:d8:33:cb:1d:0e:
                    a9:92:80:3d:5c:bf:a7:b2:be:4b:01:cf:30:7b:d7:
                    24:d1:23:66:d0:d6:5d:9e:4c:e0:ca:89:8f:c9:5f:
                    d0:99:84:d7:c4:f7:9a:97:4e:b7:b6:1c:cb:e7:08:
                    04:bd:30:06:3a:e4:7c:cd:6d:f8:f5:4c:30:48:ff:
                    ae:91:94:98:cd:b7:5d:80:6a:d8:b2:5f:79:93:6f:
                    c3:40:e1:29:c3:4c:9f:37:c0:15:5c:67:2f:3e:61:
                    33:c2:51:57:ae:4d:45:6c:0c:56:c4:c9:d9:8f:5f:
                    f3:e9:f6:f5:82:0f:05:f1:77:00:d0:1e:90:97:87:
                    d3:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:B8:45:34:DE:8D:38:3C:B2:60:BD:89:85:64:61:2A:75:7C:C7:ED
            X509v3 Authority Key Identifier:
                keyid:1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:79:4b:f6:bf:dc:fc:5d:73:5f:34:44:d4:cf:03:10:d2:02:
         4b:be:1f:1a:5f:2e:08:28:cc:3b:4a:98:f3:91:c6:de:46:fb:
         ff:51:7a:de:d3:c2:80:ac:94:d8:49:0c:72:d6:9f:23:91:06:
         9f:a5:71:ee:0b:f3:52:ed:95:e9:59:49:64:f4:76:4d:4f:47:
         12:6a:04:3e:f4:b3:73:f7:bb:67:69:b5:58:89:85:a8:69:6b:
         c7:8c:94:37:5e:58:e3:04:46:e5:32:53:a6:bc:1e:a7:4f:c1:
         66:d1:be:bf:33:eb:0d:a9:fb:cd:80:07:10:bf:84:5d:6c:cc:
         03:1a:0b:ac:06:06:0b:0c:6f:ff:ab:c4:29:10:aa:84:c0:df:
         1b:ec:df:25:28:5e:19:a6:cb:ba:d9:e1:a0:0b:e2:31:26:63:
         df:89:8b:f6:df:bf:f1:fa:2e:7a:d4:2a:ca:d7:5a:84:18:fe:
         ba:b0:d9:0c:31:f6:ee:a2:32:98:20:01:4d:58:09:40:e3:4b:
         19:0e:6a:07:49:28:d5:a8:e9:e2:43:90:bb:f3:b0:3b:47:f9:
         78:c0:38:88:b8:9d:ff:22:28:8e:91:f4:ad:de:02:8f:45:b6:
         c2:55:72:50:78:e5:3b:5c:f9:31:f7:1e:3c:df:01:43:8c:6f:
         80:da:5d:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYUEpbMJp+/awHrpld68M1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTkzMjczY2VkNTkyODk0YzlkMzU1MTQ4YmIxZmFjYzEw
ZjcyYTIwHhcNMjUwODIzMTkwMzE3WhcNMjUwODI0MTkwMzE3WjAzMTEwLwYDVQQD
Eyg4NGI4NDUzNGRlOGQzODNjYjI2MGJkODk4NTY0NjEyYTc1N2NjN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8/UDM/Q9d37BPm/A/Kp74SW799a
1k1hhoogeYgUXJcuELNYr+XBbv4RIrFkFnmLkkUVg4b9u738zYqZIv1vT3mkOWJq
JWLKYB7TDI6XO1VW7NOM2Wm3ckdJNm3ViKDI2iwtE6A6ReC/QL4VavsAEMqxIPUq
ET1LY0BEsfKn6GK32DPLHQ6pkoA9XL+nsr5LAc8we9ck0SNm0NZdnkzgyomPyV/Q
mYTXxPeal063thzL5wgEvTAGOuR8zW349UwwSP+ukZSYzbddgGrYsl95k2/DQOEp
w0yfN8AVXGcvPmEzwlFXrk1FbAxWxMnZj1/z6fb1gg8F8XcA0B6Ql4fT+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIS4RTTejTg8smC9iYVkYSp1fMftMB8GA1UdIwQY
MBaAFB3pMnPO1ZKJTJ01UUi7H6zBD3KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgt
MThhZDU4OWNlY2QwLzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgtMThhZDU4OWNlY2Qw
LzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARHlL9r/c
/F1zXzRE1M8DENICS74fGl8uCCjMO0qY85HG3kb7/1F63tPCgKyU2EkMctafI5EG
n6Vx7gvzUu2V6VlJZPR2TU9HEmoEPvSzc/e7Z2m1WImFqGlrx4yUN15Y4wRG5TJT
prwep0/BZtG+vzPrDan7zYAHEL+EXWzMAxoLrAYGCwxv/6vEKRCqhMDfG+zfJShe
GabLutnhoAviMSZj34mL9t+/8fouetQqytdahBj+urDZDDH27qIymCABTVgJQONL
GQ5qB0ko1ajp4kOQu/OwO0f5eMA4iLid/yIojpH0rd4Cj0W2wlVyUHjlO1z5Mfce
PN8BQ4xvgNpd7A==
-----END CERTIFICATE-----