Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
File:                     HCN7aINpeRKVf40zc3AryQbSZEU.mft (raw, json)
Hash identifier:          gqIYHpTVcHmnQY+7+Mt4+NUE61C9IKE5mNQCsfzS+/M=
Subject key identifier:   67:A8:7D:12:B3:A7:9F:7D:92:2C:43:B8:54:07:86:9E:C5:16:67:40
Authority key identifier: 1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45
Certificate issuer:       /CN=1c237b6883697912957f8d3373702bc906d26445
Certificate serial:       0199FA6A6B4B362607EB28445163DE0FB5AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
Manifest number:          12F8
Signing time:             Sun 19 Oct 2025 03:01:42 +0000
Manifest this update:     Sun 19 Oct 2025 03:01:42 +0000
Manifest next update:     Mon 20 Oct 2025 03:01:42 +0000
Files and hashes:         1: HCN7aINpeRKVf40zc3AryQbSZEU.crl (hash: 9il8hdG2Rd5ZrOirKNRuPp5gWvyQPeSWmqso7IEIfEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 03:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:6a:6b:4b:36:26:07:eb:28:44:51:63:de:0f:b5:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c237b6883697912957f8d3373702bc906d26445
        Validity
            Not Before: Oct 19 03:01:42 2025 GMT
            Not After : Oct 20 03:01:42 2025 GMT
        Subject: CN=67a87d12b3a79f7d922c43b85407869ec5166740
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:49:f2:41:77:eb:95:81:84:cc:11:ef:29:34:
                    bd:80:21:19:a4:c5:6d:bf:5a:bd:36:c8:12:dc:df:
                    f6:32:95:3d:7d:ff:75:df:3f:2d:8b:eb:3b:b1:0f:
                    02:1b:51:72:f3:a3:74:d1:05:f7:7e:38:d4:bc:61:
                    44:c2:c1:df:3a:07:f6:f4:47:22:3d:34:b2:b0:fb:
                    90:b8:07:75:24:d0:05:0b:31:6e:59:05:ea:aa:8d:
                    b1:cf:bd:b3:c9:61:5e:fb:76:32:9f:30:27:31:2c:
                    d9:f3:8c:af:e0:a8:a2:7a:01:2d:4a:bb:77:5b:50:
                    c1:18:a1:3b:dc:16:e9:d5:b9:bc:16:c0:4f:f4:5f:
                    c3:dd:29:04:ea:40:a1:30:c8:73:e7:59:ee:17:70:
                    0b:f5:8c:0d:e4:3b:f6:d0:e5:0f:5c:d3:5e:36:d6:
                    f8:2f:05:61:2e:7b:87:e9:c5:78:f7:df:0a:35:12:
                    63:b3:63:6f:80:20:0f:26:70:ce:48:b1:dc:c0:b2:
                    23:25:77:ce:ef:68:54:64:fa:c4:0d:90:06:d9:d0:
                    c3:c0:f5:63:e1:c4:94:8d:b6:77:67:ee:73:8d:08:
                    fc:86:64:51:93:cc:ee:ba:ef:46:5b:0e:1d:29:ab:
                    d6:47:1e:1e:1a:96:c2:c8:79:c9:0d:09:51:fd:ca:
                    c5:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:A8:7D:12:B3:A7:9F:7D:92:2C:43:B8:54:07:86:9E:C5:16:67:40
            X509v3 Authority Key Identifier:
                keyid:1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:6f:62:a6:4a:8c:06:1d:97:57:d3:40:88:36:97:b3:f0:fc:
         72:94:b1:c7:49:43:a8:b5:b4:41:54:17:7c:29:4e:24:14:7c:
         9a:9a:8e:d6:62:33:9a:ed:d5:d1:64:99:9f:43:20:9d:42:de:
         3d:3d:d0:a4:2d:b2:27:9e:f7:c9:53:ac:08:6c:4b:37:28:c0:
         35:d6:14:32:00:71:8d:fb:98:6e:8d:4b:8b:2f:02:ab:50:fa:
         ec:d0:a3:9a:7c:58:2d:ba:d5:3a:39:0d:88:a7:e9:81:b8:f7:
         5d:ab:9d:4e:1f:5a:80:68:55:53:c5:ff:90:6e:1a:3b:b0:b3:
         d8:a3:2d:75:0c:a5:5a:78:cb:6f:39:65:e0:e4:f8:a1:d9:6b:
         df:6e:06:aa:14:3c:9c:a5:b9:84:44:dd:65:77:af:ee:71:3a:
         7a:5b:85:44:5b:68:b9:bb:50:0f:d2:a5:37:03:07:d0:6d:c5:
         34:b8:97:21:3b:ef:c3:bb:8e:51:d1:08:64:eb:e8:53:6c:d2:
         42:cc:b4:1b:2b:30:f1:4b:0e:8f:17:22:ec:28:50:40:00:44:
         86:5c:8a:65:f6:67:b3:d4:07:d0:90:7f:f4:a1:e5:b2:ae:00:
         1e:15:96:a9:00:3f:f3:c8:63:89:e0:90:94:ce:6f:48:6d:86:
         d2:d2:65:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6amtLNiYH6yhEUWPeD7WqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjM3YjY4ODM2OTc5MTI5NTdmOGQzMzczNzAyYmM5MDZk
MjY0NDUwHhcNMjUxMDE5MDMwMTQyWhcNMjUxMDIwMDMwMTQyWjAzMTEwLwYDVQQD
Eyg2N2E4N2QxMmIzYTc5ZjdkOTIyYzQzYjg1NDA3ODY5ZWM1MTY2NzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlknyQXfrlYGEzBHvKTS9gCEZpMVt
v1q9NsgS3N/2MpU9ff913z8ti+s7sQ8CG1Fy86N00QX3fjjUvGFEwsHfOgf29Eci
PTSysPuQuAd1JNAFCzFuWQXqqo2xz72zyWFe+3YynzAnMSzZ84yv4KiiegEtSrt3
W1DBGKE73Bbp1bm8FsBP9F/D3SkE6kChMMhz51nuF3AL9YwN5Dv20OUPXNNeNtb4
LwVhLnuH6cV4998KNRJjs2NvgCAPJnDOSLHcwLIjJXfO72hUZPrEDZAG2dDDwPVj
4cSUjbZ3Z+5zjQj8hmRRk8zuuu9GWw4dKavWRx4eGpbCyHnJDQlR/crFBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGeofRKzp599kixDuFQHhp7FFmdAMB8GA1UdIwQY
MBaAFBwje2iDaXkSlX+NM3NwK8kG0mRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUt
YTMzZThlYjVhNTM4LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUtYTMzZThlYjVhNTM4
LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsG9ipkqM
Bh2XV9NAiDaXs/D8cpSxx0lDqLW0QVQXfClOJBR8mpqO1mIzmu3V0WSZn0MgnULe
PT3QpC2yJ573yVOsCGxLNyjANdYUMgBxjfuYbo1Liy8Cq1D67NCjmnxYLbrVOjkN
iKfpgbj3XaudTh9agGhVU8X/kG4aO7Cz2KMtdQylWnjLbzll4OT4odlr324GqhQ8
nKW5hETdZXev7nE6eluFRFtoubtQD9KlNwMH0G3FNLiXITvvw7uOUdEIZOvoU2zS
Qsy0Gysw8UsOjxci7ChQQABEhlyKZfZns9QH0JB/9KHlsq4AHhWWqQA/88hjieCQ
lM5vSG2G0tJlaw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:13 2025 by rpki-client