Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
File:                     ihz-evMMHHJdI25KL8Kv1wn65kQ.mft (raw, json)
Hash identifier:          pjwQ/l+FOoEyd9ZKOsiSNAZUrKNa2eKEkWeatWhgY6M=
Subject key identifier:   40:A7:60:30:D0:12:90:72:3B:DB:DC:42:CD:00:0C:80:33:57:39:0B
Authority key identifier: 8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44
Certificate issuer:       /CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
Certificate serial:       0196D2BEE642D716BDB907C240D50119486B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
Manifest number:          08FD
Signing time:             Thu 15 May 2025 07:00:48 +0000
Manifest this update:     Thu 15 May 2025 07:00:48 +0000
Manifest next update:     Fri 16 May 2025 07:00:48 +0000
Files and hashes:         1: ihz-evMMHHJdI25KL8Kv1wn65kQ.crl (hash: 83KSGrJXHy3PvYABgh3lcd9sH07DeV0D2AcWd70ip2g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d2:be:e6:42:d7:16:bd:b9:07:c2:40:d5:01:19:48:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
        Validity
            Not Before: May 15 07:00:48 2025 GMT
            Not After : May 16 07:00:48 2025 GMT
        Subject: CN=40a76030d01290723bdbdc42cd000c803357390b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a4:74:8d:1f:84:62:7a:c0:d2:14:1c:32:dc:
                    d6:c9:8d:c5:6c:4a:2e:a7:7c:93:a4:ce:f3:b7:ec:
                    c6:72:23:11:2c:38:de:90:e8:a4:de:46:d3:5a:e4:
                    5d:87:c2:1f:84:c4:ad:1f:8b:1a:46:54:44:15:b1:
                    81:de:b7:24:21:69:ed:db:f3:f8:51:17:d1:31:2d:
                    d8:5a:e1:ae:4a:ce:ed:f2:82:0e:f7:b3:ed:92:8b:
                    d4:49:4b:04:b8:96:34:80:30:5d:e8:3a:c0:de:b6:
                    50:4c:c8:7f:f9:4c:f7:06:56:42:4b:0c:c5:33:a0:
                    e3:a1:87:3f:d8:d2:7e:c1:d2:de:84:b5:70:c3:cf:
                    09:a8:3f:33:9a:30:c4:c2:9d:b9:4d:aa:b6:36:01:
                    11:0b:83:d2:dd:29:ed:cb:7e:6d:bb:98:09:16:d5:
                    87:3a:e8:5a:06:f2:4c:71:30:b8:0f:8c:bb:ed:3b:
                    08:e9:e8:4b:9e:f6:d5:3a:2a:b3:d5:28:a7:7f:bd:
                    a3:7f:6c:f3:5c:cc:ef:90:b4:62:a5:47:b9:a0:77:
                    bb:a4:d4:a2:84:2f:d0:02:7f:b5:ae:61:64:50:ed:
                    cb:c9:f2:34:5f:9b:02:de:19:5e:be:36:e5:02:35:
                    70:ab:ef:ff:89:4d:20:8c:7a:eb:c9:eb:b8:8f:78:
                    c6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:A7:60:30:D0:12:90:72:3B:DB:DC:42:CD:00:0C:80:33:57:39:0B
            X509v3 Authority Key Identifier:
                keyid:8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ef:f3:69:2b:b2:77:27:c2:2a:18:c0:3f:1f:9b:47:50:ea:c8:
         64:59:ff:40:07:ec:67:6a:e4:43:b6:8a:94:b0:0f:33:18:6c:
         19:79:12:18:16:b2:5a:91:04:a3:d5:7a:0e:9f:70:fa:a4:c4:
         ea:95:3d:e5:80:a7:2d:74:f8:86:96:8c:f7:b8:6e:32:26:61:
         8b:65:9c:db:23:95:b8:e8:8a:00:15:cf:87:df:ac:8d:36:4e:
         51:19:36:9e:93:53:13:69:eb:11:16:9d:87:f2:a2:e5:1b:78:
         f2:22:be:04:cd:29:f4:12:12:5f:7b:05:69:37:2e:34:5f:9a:
         dc:97:b1:c5:58:e1:75:d7:9c:c7:cd:ba:c4:b7:d4:6c:6f:db:
         43:10:48:89:cd:83:fe:60:50:c1:98:88:db:e0:fd:0d:47:07:
         01:c2:47:94:b5:8c:c4:2c:1d:a1:c4:03:d3:d7:07:b9:64:91:
         70:f5:6a:21:87:ef:db:77:55:7d:49:21:7e:be:03:54:81:64:
         56:69:65:3d:0b:17:d2:f7:81:15:89:14:6e:86:81:27:15:de:
         b1:f9:60:c9:bc:3d:58:b2:e9:a8:0f:08:b1:a2:c7:17:db:9e:
         46:bd:56:05:c0:3f:84:e3:bf:ca:df:f2:a2:c0:be:f9:a2:2c:
         64:1e:aa:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbSvuZC1xa9uQfCQNUBGUhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNmZTdhZjMwYzFjNzI1ZDIzNmU0YTJmYzJhZmQ3MDlm
YWU2NDQwHhcNMjUwNTE1MDcwMDQ4WhcNMjUwNTE2MDcwMDQ4WjAzMTEwLwYDVQQD
Eyg0MGE3NjAzMGQwMTI5MDcyM2JkYmRjNDJjZDAwMGM4MDMzNTczOTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aR0jR+EYnrA0hQcMtzWyY3FbEou
p3yTpM7zt+zGciMRLDjekOik3kbTWuRdh8IfhMStH4saRlREFbGB3rckIWnt2/P4
URfRMS3YWuGuSs7t8oIO97PtkovUSUsEuJY0gDBd6DrA3rZQTMh/+Uz3BlZCSwzF
M6DjoYc/2NJ+wdLehLVww88JqD8zmjDEwp25Taq2NgERC4PS3Snty35tu5gJFtWH
OuhaBvJMcTC4D4y77TsI6ehLnvbVOiqz1Sinf72jf2zzXMzvkLRipUe5oHe7pNSi
hC/QAn+1rmFkUO3LyfI0X5sC3hlevjblAjVwq+//iU0gjHrryeu4j3jGwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECnYDDQEpByO9vcQs0ADIAzVzkLMB8GA1UdIwQY
MBaAFIoc/nrzDBxyXSNuSi/Cr9cJ+uZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYt
YjhhM2QxNjUwMzk2LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYtYjhhM2QxNjUwMzk2
LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA7/NpK7J3
J8IqGMA/H5tHUOrIZFn/QAfsZ2rkQ7aKlLAPMxhsGXkSGBayWpEEo9V6Dp9w+qTE
6pU95YCnLXT4hpaM97huMiZhi2Wc2yOVuOiKABXPh9+sjTZOURk2npNTE2nrERad
h/Ki5Rt48iK+BM0p9BISX3sFaTcuNF+a3JexxVjhddecx826xLfUbG/bQxBIic2D
/mBQwZiI2+D9DUcHAcJHlLWMxCwdocQD09cHuWSRcPVqIYfv23dVfUkhfr4DVIFk
VmllPQsX0veBFYkUboaBJxXesflgybw9WLLpqA8IsaLHF9ueRr1WBcA/hOO/yt/y
osC++aIsZB6qwA==
-----END CERTIFICATE-----