Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
File:                     HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft (raw, json)
Hash identifier:          bPwVUXOZ8oeTzV8npL38HffQL0lm+pUJy9YDfYkRzYg=
Subject key identifier:   8E:05:C8:40:54:ED:A9:01:46:B5:CD:8A:D0:19:AC:C2:45:30:12:5C
Authority key identifier: 1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52
Certificate issuer:       /CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
Certificate serial:       0199FC582D8C42F2D7627EDD02257743ADC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
Manifest number:          0339
Signing time:             Sun 19 Oct 2025 12:01:01 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:01 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:01 +0000
Files and hashes:         1: HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl (hash: 3SgbY6SMmxwQ6XBFivJz9saGOs0YPtz9Bh5EInxAm/Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:2d:8c:42:f2:d7:62:7e:dd:02:25:77:43:ad:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
        Validity
            Not Before: Oct 19 12:01:01 2025 GMT
            Not After : Oct 20 12:01:01 2025 GMT
        Subject: CN=8e05c84054eda90146b5cd8ad019acc24530125c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ef:8a:dc:37:3e:62:f2:53:72:8e:37:76:44:
                    3b:0d:d9:fe:bd:b3:6a:de:49:3a:cb:c6:a4:ba:b1:
                    89:9c:06:36:50:6d:09:9b:f5:f9:b7:cb:b5:cf:33:
                    75:2d:5f:2c:2b:bc:f1:15:93:12:d5:1b:99:8a:65:
                    1e:36:24:ad:6c:40:ff:cd:79:30:0f:a8:4e:87:8b:
                    41:50:69:20:c3:db:71:90:54:9d:a8:f9:32:d7:d5:
                    b7:88:9b:73:ab:c6:82:2b:79:b2:8e:12:17:d4:ff:
                    ba:a0:e7:03:f1:d9:84:9b:f3:79:ce:07:3b:0f:2b:
                    f1:3a:9b:89:67:f7:5f:b2:13:73:44:5d:d7:c7:15:
                    09:a4:e5:b0:8a:40:03:16:cb:d1:cd:70:b9:5d:e1:
                    1e:f8:88:92:b6:bd:d3:6b:4d:3a:14:c9:51:c2:f1:
                    de:dc:d0:02:9f:ae:e9:04:fd:ff:cf:e7:49:f2:e7:
                    7e:d9:37:62:09:fc:b7:7d:c4:24:59:03:50:a6:aa:
                    fa:84:20:9e:58:6b:60:c5:db:e1:95:9c:79:fb:c2:
                    90:ac:f8:7c:25:3d:95:71:94:79:62:e3:82:2d:e8:
                    03:8a:cc:c5:79:36:75:ab:60:ed:94:b5:94:71:3c:
                    5d:38:bb:df:62:46:0d:b0:03:b1:4e:73:bb:e5:af:
                    f8:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:05:C8:40:54:ED:A9:01:46:B5:CD:8A:D0:19:AC:C2:45:30:12:5C
            X509v3 Authority Key Identifier:
                keyid:1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d7:4e:bd:bf:01:1e:18:47:98:ce:d7:c9:52:14:9a:a0:3e:2f:
         d4:91:05:24:9f:bc:ed:0c:5d:30:86:15:21:e5:81:17:63:25:
         7c:5c:37:27:13:c6:8a:22:42:a9:ba:35:d5:c9:18:09:0c:76:
         90:11:03:2e:c3:c4:81:df:85:41:86:e7:2c:a2:85:1f:c5:dd:
         45:a9:cf:00:1f:b0:c4:06:c8:77:cd:e5:18:33:f2:c6:22:fb:
         ec:18:1d:5b:f2:de:51:86:a6:68:d3:7a:d0:ab:23:f3:2f:a7:
         6e:b4:7a:fa:aa:66:e6:a4:8d:fe:9a:e9:88:f3:b5:ab:64:06:
         e3:a4:ac:10:ec:04:16:fd:1e:8f:65:b7:fc:6e:da:41:41:51:
         0f:e3:71:c7:c8:09:cc:be:00:fc:08:e2:9c:f3:1f:68:5e:df:
         8b:ee:d4:4b:cf:95:da:78:5e:62:5f:4a:0c:62:bc:bb:bd:a5:
         41:ff:5a:fd:f9:f5:af:3c:ef:9f:4b:bf:60:44:f3:7d:f7:dc:
         43:63:79:d0:df:bd:a5:a9:23:31:d2:ed:e7:1e:67:4c:65:41:
         f6:55:9d:ee:3c:0a:07:8b:0c:61:86:69:03:80:ac:c9:f7:4d:
         c3:32:24:4e:00:11:72:8d:46:86:23:1e:a6:42:76:7c:2a:d0:
         69:59:43:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WC2MQvLXYn7dAiV3Q63FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDJlNzhhMDk3ZjI5MGZjMmZjYWY1ZDljN2Q4OGZjYzg3
YmQ0NTIwHhcNMjUxMDE5MTIwMTAxWhcNMjUxMDIwMTIwMTAxWjAzMTEwLwYDVQQD
Eyg4ZTA1Yzg0MDU0ZWRhOTAxNDZiNWNkOGFkMDE5YWNjMjQ1MzAxMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe+K3Dc+YvJTco43dkQ7Ddn+vbNq
3kk6y8akurGJnAY2UG0Jm/X5t8u1zzN1LV8sK7zxFZMS1RuZimUeNiStbED/zXkw
D6hOh4tBUGkgw9txkFSdqPky19W3iJtzq8aCK3myjhIX1P+6oOcD8dmEm/N5zgc7
DyvxOpuJZ/dfshNzRF3XxxUJpOWwikADFsvRzXC5XeEe+IiStr3Ta006FMlRwvHe
3NACn67pBP3/z+dJ8ud+2TdiCfy3fcQkWQNQpqr6hCCeWGtgxdvhlZx5+8KQrPh8
JT2VcZR5YuOCLegDiszFeTZ1q2DtlLWUcTxdOLvfYkYNsAOxTnO75a/4FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4FyEBU7akBRrXNitAZrMJFMBJcMB8GA1UdIwQY
MBaAFBzS54oJfykPwvyvXZx9iPzIe9RSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWIt
MDZjMGYyYTE3NTdmLzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWItMDZjMGYyYTE3NTdm
LzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1069vwEe
GEeYztfJUhSaoD4v1JEFJJ+87QxdMIYVIeWBF2MlfFw3JxPGiiJCqbo11ckYCQx2
kBEDLsPEgd+FQYbnLKKFH8XdRanPAB+wxAbId83lGDPyxiL77BgdW/LeUYamaNN6
0Ksj8y+nbrR6+qpm5qSN/prpiPO1q2QG46SsEOwEFv0ej2W3/G7aQUFRD+Nxx8gJ
zL4A/AjinPMfaF7fi+7US8+V2nheYl9KDGK8u72lQf9a/fn1rzzvn0u/YETzfffc
Q2N50N+9pakjMdLt5x5nTGVB9lWd7jwKB4sMYYZpA4CsyfdNwzIkTgARco1GhiMe
pkJ2fCrQaVlDZw==
-----END CERTIFICATE-----