Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          SOFd+UTIEgUHK/PQ8Hop34bngrzX7trSRCyETbc6V1Q=
Subject key identifier:   69:7D:4B:CE:14:63:75:14:FF:3D:44:1E:3C:5D:09:80:87:A4:21:6D
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       0199FDD91454161582D9670A954A8D862630
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          12B0
Signing time:             Sun 19 Oct 2025 19:01:25 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:25 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:25 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: RKM7o3irI/vz5anPi3rjw1tZnb8GpA4NHLb8gKvDqh4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:14:54:16:15:82:d9:67:0a:95:4a:8d:86:26:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Oct 19 19:01:25 2025 GMT
            Not After : Oct 20 19:01:25 2025 GMT
        Subject: CN=697d4bce14637514ff3d441e3c5d098087a4216d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:2d:4e:23:49:22:c9:8c:ec:a9:ca:0b:d5:29:
                    f3:58:77:a3:e8:56:1d:b5:88:59:28:38:81:f0:d1:
                    57:9c:65:3d:94:67:d9:4e:f1:9d:59:3a:ad:d5:6e:
                    d1:c4:9e:ea:cf:b3:ca:ed:f1:54:f8:f4:66:34:db:
                    14:77:7e:75:59:6f:c4:78:a8:5b:58:7a:ee:56:2e:
                    43:32:0f:91:d5:0d:a6:5b:fb:8c:f6:b2:59:f1:5c:
                    0b:2d:10:c8:6e:02:f7:c8:09:e6:f4:74:be:b0:07:
                    e2:00:f3:f8:e8:5e:d7:8d:77:cc:f0:02:9d:40:db:
                    43:2f:41:58:74:47:8f:62:02:56:bf:51:7d:6d:35:
                    61:2d:95:93:68:82:7c:a3:c9:ba:bd:d5:5d:db:c8:
                    7a:4f:8e:60:6a:5c:68:d3:1b:b7:8c:b6:7b:60:e2:
                    02:76:2a:76:08:29:1e:56:3e:19:27:ea:99:ea:56:
                    3d:20:7c:a0:64:47:0b:6a:50:67:82:c1:12:35:76:
                    6c:3f:7d:8e:92:c7:0f:f1:51:d9:11:fc:6d:dd:6f:
                    1d:2e:38:8e:5a:b0:2a:14:67:30:eb:26:71:48:27:
                    8a:7f:a4:2e:c7:67:63:d6:5f:e8:16:b6:9a:fa:14:
                    16:d9:88:d8:36:ea:b9:f5:85:9d:45:bf:79:57:82:
                    d4:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:7D:4B:CE:14:63:75:14:FF:3D:44:1E:3C:5D:09:80:87:A4:21:6D
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:49:be:f3:a0:c1:04:e9:22:f7:7b:27:d7:a0:27:0c:43:18:
         b7:c1:5d:fb:18:c7:e8:87:cf:16:5e:e6:54:53:59:43:28:af:
         b4:48:c3:34:11:3e:1e:df:ce:cb:5c:b2:93:22:97:a8:0d:51:
         fc:42:c6:ea:69:24:07:79:16:ac:6b:34:0d:2c:66:1a:b5:b8:
         cc:57:22:9e:b0:78:b9:ea:e7:fa:1f:3c:e4:3c:d3:bd:d5:25:
         6f:22:f5:0c:fa:df:82:e0:b8:9a:9e:1a:f9:84:ea:fe:42:e1:
         5e:52:52:5d:f3:17:75:6d:79:6a:14:48:ef:40:af:4f:23:2e:
         7c:c8:e3:02:c2:24:28:6b:ca:a3:c5:3f:00:99:4c:44:6e:6d:
         35:ef:dc:1a:86:fe:63:c6:14:09:38:ff:30:9b:67:b5:91:96:
         81:e1:03:7d:39:2a:47:22:9c:fd:59:af:10:60:65:58:1a:9a:
         bb:89:fe:e7:43:fe:c7:c6:9b:e0:b2:73:b2:33:d4:d1:86:4a:
         80:e8:bc:a7:8d:5e:b1:d7:2b:3e:85:c6:71:6d:6c:b4:49:cc:
         83:4c:97:83:70:ce:1a:51:47:81:d8:71:08:d6:8b:96:aa:ca:
         47:98:29:d4:c8:ef:3f:1e:a5:af:00:6e:76:a9:80:cb:1a:ca:
         0c:c7:4f:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92RRUFhWC2WcKlUqNhiYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjUxMDE5MTkwMTI1WhcNMjUxMDIwMTkwMTI1WjAzMTEwLwYDVQQD
Eyg2OTdkNGJjZTE0NjM3NTE0ZmYzZDQ0MWUzYzVkMDk4MDg3YTQyMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy1OI0kiyYzsqcoL1SnzWHej6FYd
tYhZKDiB8NFXnGU9lGfZTvGdWTqt1W7RxJ7qz7PK7fFU+PRmNNsUd351WW/EeKhb
WHruVi5DMg+R1Q2mW/uM9rJZ8VwLLRDIbgL3yAnm9HS+sAfiAPP46F7XjXfM8AKd
QNtDL0FYdEePYgJWv1F9bTVhLZWTaIJ8o8m6vdVd28h6T45galxo0xu3jLZ7YOIC
dip2CCkeVj4ZJ+qZ6lY9IHygZEcLalBngsESNXZsP32OkscP8VHZEfxt3W8dLjiO
WrAqFGcw6yZxSCeKf6Qux2dj1l/oFraa+hQW2YjYNuq59YWdRb95V4LUCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGl9S84UY3UU/z1EHjxdCYCHpCFtMB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwEm+86DB
BOki93sn16AnDEMYt8Fd+xjH6IfPFl7mVFNZQyivtEjDNBE+Ht/Oy1yykyKXqA1R
/ELG6mkkB3kWrGs0DSxmGrW4zFcinrB4uern+h885DzTvdUlbyL1DPrfguC4mp4a
+YTq/kLhXlJSXfMXdW15ahRI70CvTyMufMjjAsIkKGvKo8U/AJlMRG5tNe/cGob+
Y8YUCTj/MJtntZGWgeEDfTkqRyKc/VmvEGBlWBqau4n+50P+x8ab4LJzsjPU0YZK
gOi8p41esdcrPoXGcW1stEnMg0yXg3DOGlFHgdhxCNaLlqrKR5gp1MjvPx6lrwBu
dqmAyxrKDMdPZA==
-----END CERTIFICATE-----