Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          AjpFJFUsjGdnTsTZBIdox+qgmxgYfSbAJy5cVerDrPI=
Subject key identifier:   1C:20:A3:F6:A7:6A:C7:D6:2C:08:33:72:EF:4A:A1:EC:54:68:25:D7
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019A06DBB68162D2F41D670AE01D75309EB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          16E5
Signing time:             Tue 21 Oct 2025 13:00:53 +0000
Manifest this update:     Tue 21 Oct 2025 13:00:53 +0000
Manifest next update:     Wed 22 Oct 2025 13:00:53 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: uYzvC4uwwkYDBIwdlg4GTWftSyI9fQZIGOhRmx2PCz0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 Oct 2025 13:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:06:db:b6:81:62:d2:f4:1d:67:0a:e0:1d:75:30:9e:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Oct 21 13:00:53 2025 GMT
            Not After : Oct 22 13:00:53 2025 GMT
        Subject: CN=1c20a3f6a76ac7d62c083372ef4aa1ec546825d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:f2:48:02:1e:2d:47:2d:10:de:48:83:8e:a3:
                    7b:47:6a:06:c2:b2:d8:52:69:28:6e:03:c1:ff:4b:
                    34:50:15:b7:9a:fc:b9:c8:85:76:5c:0a:5a:f3:60:
                    a1:b7:4e:a4:47:27:98:3f:c1:19:36:5c:d0:e7:e0:
                    83:cb:07:8c:ca:b8:cb:7c:d1:bb:cb:c1:a7:16:ee:
                    64:fe:eb:90:90:09:0f:f2:28:68:cf:80:4f:e5:07:
                    cf:4a:82:5b:49:00:f2:5d:3d:2e:7d:0c:e5:b5:e4:
                    6e:22:62:2a:10:de:4f:c1:d9:d7:54:7e:01:c2:66:
                    68:16:fa:40:53:b9:dd:fe:6e:b9:a7:2d:b6:71:ff:
                    4c:0e:19:fb:f4:64:58:c2:3f:d4:c5:1d:ef:94:2a:
                    83:29:c8:e7:4e:bc:e3:e3:29:a1:30:c8:3d:8f:88:
                    a1:8f:3d:08:f9:26:c5:db:74:b3:54:b3:f3:c5:08:
                    df:21:1c:66:f6:c3:c7:89:79:fe:61:33:e1:df:51:
                    d8:25:fe:9c:10:10:90:fd:ec:a7:0a:81:84:17:9f:
                    25:4a:76:9d:c3:23:a0:3f:f0:38:80:12:2f:2c:9f:
                    84:10:aa:1d:1d:1c:b9:26:81:44:e2:30:e0:60:25:
                    79:15:bb:0a:96:43:8d:ff:3d:33:a9:e3:89:b9:bf:
                    47:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:20:A3:F6:A7:6A:C7:D6:2C:08:33:72:EF:4A:A1:EC:54:68:25:D7
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:34:93:c7:df:83:14:fa:df:1b:40:ec:d6:7c:3f:41:bd:cc:
         0c:51:25:1d:31:6e:90:54:28:31:ed:bb:be:e7:48:84:f1:08:
         e8:4e:84:58:5b:96:0f:a6:7d:7d:75:a9:16:ed:91:7d:35:3c:
         2f:d7:34:d9:d8:47:f1:97:8e:c4:a0:c8:8e:05:cc:1a:62:e6:
         53:11:ea:ac:09:70:17:19:50:8c:09:33:4e:ce:5b:66:20:05:
         a7:a4:02:ba:fe:be:a8:3a:6f:8f:ea:17:d1:7e:80:33:08:76:
         26:cc:42:55:df:18:70:13:08:19:91:4e:6d:30:a6:64:60:d7:
         8a:40:13:23:91:46:69:2c:a0:f2:85:5f:0b:b9:53:cd:31:69:
         a1:c7:01:a0:51:a9:bd:06:ea:49:5f:c2:5b:1c:f0:01:f6:29:
         cd:50:74:2a:0e:27:b9:c4:ce:9b:ea:fc:11:25:68:bd:1a:e9:
         1c:46:66:d8:b4:a6:27:44:b3:c0:02:52:d9:5d:f6:1a:75:27:
         76:9f:af:db:2c:c6:c6:28:c2:22:46:ec:ea:48:0c:14:ca:73:
         0f:ca:17:25:52:82:38:bd:6a:65:c3:ee:6d:29:69:10:b1:03:
         a1:dd:3c:00:9d:87:73:54:0e:d0:ea:af:31:32:22:d7:71:71:
         eb:cb:33:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoG27aBYtL0HWcK4B11MJ62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUxMDIxMTMwMDUzWhcNMjUxMDIyMTMwMDUzWjAzMTEwLwYDVQQD
EygxYzIwYTNmNmE3NmFjN2Q2MmMwODMzNzJlZjRhYTFlYzU0NjgyNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vJIAh4tRy0Q3kiDjqN7R2oGwrLY
UmkobgPB/0s0UBW3mvy5yIV2XApa82Cht06kRyeYP8EZNlzQ5+CDyweMyrjLfNG7
y8GnFu5k/uuQkAkP8ihoz4BP5QfPSoJbSQDyXT0ufQzlteRuImIqEN5PwdnXVH4B
wmZoFvpAU7nd/m65py22cf9MDhn79GRYwj/UxR3vlCqDKcjnTrzj4ymhMMg9j4ih
jz0I+SbF23SzVLPzxQjfIRxm9sPHiXn+YTPh31HYJf6cEBCQ/eynCoGEF58lSnad
wyOgP/A4gBIvLJ+EEKodHRy5JoFE4jDgYCV5FbsKlkON/z0zqeOJub9H+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwgo/anasfWLAgzcu9KoexUaCXXMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiDSTx9+D
FPrfG0Ds1nw/Qb3MDFElHTFukFQoMe27vudIhPEI6E6EWFuWD6Z9fXWpFu2RfTU8
L9c02dhH8ZeOxKDIjgXMGmLmUxHqrAlwFxlQjAkzTs5bZiAFp6QCuv6+qDpvj+oX
0X6AMwh2JsxCVd8YcBMIGZFObTCmZGDXikATI5FGaSyg8oVfC7lTzTFpoccBoFGp
vQbqSV/CWxzwAfYpzVB0Kg4nucTOm+r8ESVovRrpHEZm2LSmJ0SzwAJS2V32GnUn
dp+v2yzGxijCIkbs6kgMFMpzD8oXJVKCOL1qZcPubSlpELEDod08AJ2Hc1QO0Oqv
MTIi13Fx68szPw==
-----END CERTIFICATE-----