Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
File:                     HpICrmewRlNH1t35D2Ri-ubk5kM.mft (raw, json)
Hash identifier:          GuFl9JwtJCL0Hi9l0Jh9N8lSkZXo2DeIsPqKZ5tJOpI=
Subject key identifier:   03:41:70:17:2E:CD:D2:7D:6C:3E:FC:42:79:3B:F6:3A:78:85:40:F4
Authority key identifier: 1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43
Certificate issuer:       /CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643
Certificate serial:       0196C6161B844D976D43035BEDFE16244232
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
Manifest number:          09E2
Signing time:             Mon 12 May 2025 20:00:59 +0000
Manifest this update:     Mon 12 May 2025 20:00:59 +0000
Manifest next update:     Tue 13 May 2025 20:00:59 +0000
Files and hashes:         1: HpICrmewRlNH1t35D2Ri-ubk5kM.crl (hash: tOEEjAonUChKfJPQQtLa4M9R8TRXs6KFbyB+lzQtZi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c6:16:1b:84:4d:97:6d:43:03:5b:ed:fe:16:24:42:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643
        Validity
            Not Before: May 12 20:00:59 2025 GMT
            Not After : May 13 20:00:59 2025 GMT
        Subject: CN=034170172ecdd27d6c3efc42793bf63a788540f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6b:f2:39:da:db:28:db:eb:19:cf:c8:01:a4:
                    7f:2b:c3:1e:63:a0:f5:81:c2:b7:a3:d2:38:20:dc:
                    98:1a:e6:0c:82:f0:91:d8:98:f0:87:a3:30:c1:7e:
                    0d:73:d9:24:38:65:a1:3d:71:ae:90:3d:e1:1f:99:
                    c4:f0:65:5a:c5:de:86:5d:a3:54:ea:ff:3e:b0:98:
                    27:c2:30:e0:9b:f1:a7:32:2f:74:6e:30:70:0b:a6:
                    de:34:f8:ac:ea:41:88:20:95:dc:3f:a3:44:cc:7b:
                    32:32:9b:bd:df:a4:4b:d3:9d:0a:85:b9:0e:91:70:
                    4b:91:14:9a:98:fe:f6:83:81:de:c9:b0:c7:bc:94:
                    9e:ac:ce:02:5d:e9:83:fd:97:d7:b1:af:00:f1:42:
                    4e:34:a3:15:fa:2d:d7:95:71:72:a1:2b:b0:ad:d5:
                    85:5d:99:59:dc:e6:98:5c:44:36:25:6a:a1:f3:5c:
                    13:55:86:ca:21:52:aa:f6:f7:aa:40:41:a4:0e:49:
                    95:30:dd:b0:41:1c:70:f8:e2:17:c9:d8:c4:73:91:
                    cd:f6:fd:c6:f1:50:dc:d5:74:7d:6e:05:66:ba:02:
                    9e:aa:43:99:00:2f:5d:79:c7:7d:a7:7f:51:48:1b:
                    56:40:0a:a2:3d:a8:3f:0e:c5:0d:2c:9a:0a:46:e6:
                    59:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:41:70:17:2E:CD:D2:7D:6C:3E:FC:42:79:3B:F6:3A:78:85:40:F4
            X509v3 Authority Key Identifier:
                keyid:1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:39:56:21:0c:53:dc:59:22:d4:2c:b5:f0:5e:bc:d1:46:31:
         fe:b7:8a:4b:e6:48:ee:1f:91:aa:e3:63:0d:f5:74:5f:c7:70:
         9e:21:0f:18:a0:27:7d:db:0d:86:60:cd:a6:f5:9c:8d:30:76:
         4f:82:d4:8b:45:56:ba:59:74:6b:8c:c2:f2:8d:c7:a0:26:fa:
         40:a2:5d:a0:96:82:e2:8f:fb:ba:41:4b:46:9e:41:41:6c:5b:
         5c:c7:15:ca:e1:87:32:a4:63:b5:a3:f0:31:f1:2a:d2:a6:55:
         36:60:ab:f2:02:9e:12:50:a3:49:d4:ab:76:31:56:7a:a0:f8:
         0d:0e:83:1c:ce:25:4c:5d:1c:15:22:ca:d6:30:fc:e5:ce:59:
         e3:31:94:e5:96:c4:af:92:f6:c4:e6:95:56:db:71:a4:a7:08:
         bb:85:53:04:60:0c:e8:bc:80:88:c7:1d:fe:5c:01:fc:62:1f:
         1d:59:62:dd:5b:b2:34:8f:fa:c6:82:7a:04:b5:04:e4:a4:85:
         ab:86:20:79:ed:ca:68:5b:8e:96:63:c6:92:2f:eb:06:df:25:
         bc:3b:eb:ab:cf:5e:aa:53:42:38:15:3a:1b:f4:51:37:0d:ad:
         5e:ec:12:2b:89:c6:3b:32:5d:91:5e:7e:01:54:58:ad:87:4b:
         0d:03:f4:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbGFhuETZdtQwNb7f4WJEIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTIwMmFlNjdiMDQ2NTM0N2Q2ZGRmOTBmNjQ2MmZhZTZl
NGU2NDMwHhcNMjUwNTEyMjAwMDU5WhcNMjUwNTEzMjAwMDU5WjAzMTEwLwYDVQQD
EygwMzQxNzAxNzJlY2RkMjdkNmMzZWZjNDI3OTNiZjYzYTc4ODU0MGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGvyOdrbKNvrGc/IAaR/K8MeY6D1
gcK3o9I4INyYGuYMgvCR2Jjwh6MwwX4Nc9kkOGWhPXGukD3hH5nE8GVaxd6GXaNU
6v8+sJgnwjDgm/GnMi90bjBwC6beNPis6kGIIJXcP6NEzHsyMpu936RL050KhbkO
kXBLkRSamP72g4HeybDHvJSerM4CXemD/ZfXsa8A8UJONKMV+i3XlXFyoSuwrdWF
XZlZ3OaYXEQ2JWqh81wTVYbKIVKq9veqQEGkDkmVMN2wQRxw+OIXydjEc5HN9v3G
8VDc1XR9bgVmugKeqkOZAC9decd9p39RSBtWQAqiPag/DsUNLJoKRuZZOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANBcBcuzdJ9bD78Qnk79jp4hUD0MB8GA1UdIwQY
MBaAFB6SAq5nsEZTR9bd+Q9kYvrm5OZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEt
NTQwYTM0OGRkMjIzLzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEtNTQwYTM0OGRkMjIz
LzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDlWIQxT
3Fki1Cy18F680UYx/reKS+ZI7h+RquNjDfV0X8dwniEPGKAnfdsNhmDNpvWcjTB2
T4LUi0VWull0a4zC8o3HoCb6QKJdoJaC4o/7ukFLRp5BQWxbXMcVyuGHMqRjtaPw
MfEq0qZVNmCr8gKeElCjSdSrdjFWeqD4DQ6DHM4lTF0cFSLK1jD85c5Z4zGU5ZbE
r5L2xOaVVttxpKcIu4VTBGAM6LyAiMcd/lwB/GIfHVli3VuyNI/6xoJ6BLUE5KSF
q4Ygee3KaFuOlmPGki/rBt8lvDvrq89eqlNCOBU6G/RRNw2tXuwSK4nGOzJdkV5+
AVRYrYdLDQP0Fw==
-----END CERTIFICATE-----