Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft
File:                     HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft (raw, json)
Hash identifier:          5q34bYzxtG4cKDEFy2oNr5BHxOloqoPhOXg37YRA/ss=
Subject key identifier:   59:2D:99:68:1B:79:3C:29:93:81:B6:22:78:FA:60:93:5C:CF:AA:4D
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Certificate issuer:       /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial:       0199FEB4F0A158720268DC6C578121695855
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft
Manifest number:          0C8E
Signing time:             Sun 19 Oct 2025 23:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:34 +0000
Files and hashes:         1: 89ZdTmp7S2NunnuoGSf_2vtgPY8.roa (hash: bPa9rSCPFw03d28VXPa3N71Ifao0FpVDusG0bNmLxwE=)
                          2: HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl (hash: 533+5Idri7cZ1GYecBxF9zx3ze0QXb1ntrSVSM7kBn0=)
                          3: f9__0EOOD2bbqws_SYovsEadu64.roa (hash: rdpqu3t3b72JgKQs0LjFSsEK4eL5Gx3rtjq221xpO1U=)
                          4: fTWM1zKEU10CvPHR7x8xLqGMmBk.roa (hash: SLdOjrmdsiTj6gBhRX9Fmq3urmuPys2J1yZIBUXb9kE=)
                          5: kc5iSTCS2Wj8DpgYXFD3Z8kI0-w.roa (hash: uGP+3hnsQtTfTdEoExGqurh/AYLhmRguK0+ycdKSTRo=)
                          6: ozQ0B3nPhW9yGj6eBSj3bv5_jKQ.roa (hash: 52z0loKl64IpfsA33HSHXJF3VKeUhqS7Sku5ZE137X0=)
                          7: rZWoVR8go-ETzcAh50MLSM8Nmkw.roa (hash: cgavxAlOshWtjoy57HjDWJFVrT3Fp0YJu3pSKWnrDaQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b4:f0:a1:58:72:02:68:dc:6c:57:81:21:69:58:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
        Validity
            Not Before: Oct 19 23:01:34 2025 GMT
            Not After : Oct 20 23:01:34 2025 GMT
        Subject: CN=592d99681b793c299381b62278fa60935ccfaa4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:40:9b:6d:29:aa:34:f6:0e:03:9d:f9:0e:d3:
                    37:60:85:0f:02:69:22:16:e2:8b:38:ef:f2:74:0d:
                    a9:c5:8e:f0:c4:ed:d6:b4:80:1f:5c:df:09:6b:2d:
                    4a:59:e5:c5:c4:0e:a6:16:24:12:25:8c:d7:ca:5c:
                    5b:5e:e3:69:5e:e6:9a:c5:dc:bd:fb:46:ac:c6:9d:
                    d3:d3:b9:a3:eb:5b:a8:b1:e7:eb:f0:2e:b0:50:54:
                    46:15:c1:e4:7f:bf:13:04:71:9c:c9:5e:71:73:85:
                    0a:86:87:0d:0d:f7:95:8b:80:84:62:47:d0:5a:b9:
                    99:01:67:77:e6:f5:9a:d9:89:80:47:7d:83:7c:3f:
                    90:57:dd:3c:43:7b:17:e4:68:d9:0b:6d:13:35:ad:
                    b2:92:0e:ab:ed:28:6b:bb:98:e1:aa:c7:93:57:45:
                    9f:60:79:fb:33:ed:d3:5c:10:a3:21:35:7b:1c:ec:
                    48:88:5c:f1:fb:50:4d:f3:18:4d:74:cf:b7:ac:ea:
                    c8:f9:89:53:bc:c6:bb:94:43:b0:b9:27:e1:26:ab:
                    10:25:45:1e:69:d9:67:b9:0d:51:53:c9:e3:0d:d2:
                    d0:fe:37:14:71:0a:1a:92:d3:86:f6:4f:83:8d:07:
                    8e:78:31:bc:cf:6f:75:3a:a8:c6:c9:c5:a4:2a:5d:
                    95:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:2D:99:68:1B:79:3C:29:93:81:B6:22:78:FA:60:93:5C:CF:AA:4D
            X509v3 Authority Key Identifier:
                keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:4f:67:a5:a3:ae:9b:70:94:3c:ca:80:20:cc:34:dc:f1:da:
         a8:c0:38:7e:b4:e9:a2:3e:4f:85:da:01:2e:1d:c8:49:cd:5c:
         67:78:96:94:5b:64:e7:c8:d0:91:21:0c:5c:b2:3e:02:92:7d:
         5d:45:82:90:0b:fd:d3:5c:3b:ce:30:5a:11:67:4e:1e:19:a7:
         0d:fb:bb:fb:0b:a2:94:af:b4:08:c5:eb:70:ac:e4:99:8f:9f:
         77:7b:75:96:7c:d6:2e:e1:95:2a:a8:17:b9:f7:56:53:e7:36:
         4c:f3:8c:ad:6a:61:10:a0:4c:1f:80:8c:6b:3a:d2:28:fe:89:
         02:0d:58:f8:5f:e3:fc:4e:0b:c7:7a:3a:b4:f3:d5:c9:6e:09:
         9c:3a:0e:90:cd:03:b9:da:ce:f8:6d:a0:ff:ef:30:7d:5b:ed:
         c7:54:51:71:31:c8:38:37:99:d3:87:e9:cf:dc:b7:ac:16:5c:
         db:38:bf:c3:1c:97:ed:61:79:45:d5:8f:1d:91:bc:f5:e6:b2:
         80:f7:e8:de:76:09:e4:60:6e:06:20:53:eb:4e:94:d7:99:6a:
         2a:eb:09:58:50:74:68:23:77:c9:c8:7a:15:9c:d3:0d:8a:bd:
         53:c4:29:0d:b3:c0:64:7c:b1:47:3a:b1:e3:0d:ff:be:2f:7f:
         25:65:cf:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tPChWHICaNxsV4EhaVhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjUxMDE5MjMwMTM0WhcNMjUxMDIwMjMwMTM0WjAzMTEwLwYDVQQD
Eyg1OTJkOTk2ODFiNzkzYzI5OTM4MWI2MjI3OGZhNjA5MzVjY2ZhYTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kCbbSmqNPYOA535DtM3YIUPAmki
FuKLOO/ydA2pxY7wxO3WtIAfXN8Jay1KWeXFxA6mFiQSJYzXylxbXuNpXuaaxdy9
+0asxp3T07mj61uosefr8C6wUFRGFcHkf78TBHGcyV5xc4UKhocNDfeVi4CEYkfQ
WrmZAWd35vWa2YmAR32DfD+QV908Q3sX5GjZC20TNa2ykg6r7Shru5jhqseTV0Wf
YHn7M+3TXBCjITV7HOxIiFzx+1BN8xhNdM+3rOrI+YlTvMa7lEOwuSfhJqsQJUUe
adlnuQ1RU8njDdLQ/jcUcQoaktOG9k+DjQeOeDG8z291OqjGycWkKl2VuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFktmWgbeTwpk4G2Inj6YJNcz6pNMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmU9npaOu
m3CUPMqAIMw03PHaqMA4frTpoj5PhdoBLh3ISc1cZ3iWlFtk58jQkSEMXLI+ApJ9
XUWCkAv901w7zjBaEWdOHhmnDfu7+wuilK+0CMXrcKzkmY+fd3t1lnzWLuGVKqgX
ufdWU+c2TPOMrWphEKBMH4CMazrSKP6JAg1Y+F/j/E4Lx3o6tPPVyW4JnDoOkM0D
udrO+G2g/+8wfVvtx1RRcTHIODeZ04fpz9y3rBZc2zi/wxyX7WF5RdWPHZG89eay
gPfo3nYJ5GBuBiBT606U15lqKusJWFB0aCN3ych6FZzTDYq9U8QpDbPAZHyxRzqx
4w3/vi9/JWXPvg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:30:13 2025 by rpki-client