Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
File:                     HzjUsMuomcJPTjQHOE1tP6jVGl8.mft (raw, json)
Hash identifier:          qB52LB4cXkr3lvu9qaPEE35bnH9FEIIWSCX4I8NTdiA=
Subject key identifier:   ED:89:FB:3D:3C:45:7A:C2:5C:D0:50:27:E3:24:30:60:38:FD:F8:87
Authority key identifier: 1F:38:D4:B0:CB:A8:99:C2:4F:4E:34:07:38:4D:6D:3F:A8:D5:1A:5F
Certificate issuer:       /CN=1f38d4b0cba899c24f4e3407384d6d3fa8d51a5f
Certificate serial:       0196C9845BCDC7013EC187E8A026D75E96E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
Manifest number:          0304
Signing time:             Tue 13 May 2025 12:00:16 +0000
Manifest this update:     Tue 13 May 2025 12:00:16 +0000
Manifest next update:     Wed 14 May 2025 12:00:16 +0000
Files and hashes:         1: HzjUsMuomcJPTjQHOE1tP6jVGl8.crl (hash: Qbl4veWcV5PK4enz14eDW3qCgb+zXVNUvOrlBrIB3ms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:84:5b:cd:c7:01:3e:c1:87:e8:a0:26:d7:5e:96:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f38d4b0cba899c24f4e3407384d6d3fa8d51a5f
        Validity
            Not Before: May 13 12:00:16 2025 GMT
            Not After : May 14 12:00:16 2025 GMT
        Subject: CN=ed89fb3d3c457ac25cd05027e324306038fdf887
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:39:7a:18:11:fe:23:da:3e:3b:67:08:1f:63:
                    40:06:ed:d5:f0:ba:a2:fe:1a:76:50:ab:ac:01:ae:
                    39:a2:73:d9:70:7e:1f:df:55:75:a7:82:87:fc:db:
                    e5:a1:44:fe:a4:ed:44:15:13:1d:e9:6c:15:15:12:
                    cb:f2:2f:7a:9e:bb:9a:16:9c:db:ee:2a:84:ba:14:
                    21:bb:cd:1b:94:bf:0d:99:c6:82:31:38:f2:d3:73:
                    22:35:b6:f6:56:fe:6a:1b:7e:74:fa:ce:5b:67:54:
                    43:9c:f8:b6:73:86:b0:56:40:2f:77:44:9d:26:dc:
                    4e:88:1e:46:e3:69:9b:89:a9:7d:e2:90:f3:99:4c:
                    ec:c4:6a:4d:ba:ec:59:f1:01:fd:96:80:a3:12:a4:
                    74:3f:d2:1e:75:1f:f8:53:bf:4a:1d:60:93:fb:ff:
                    f6:bf:8d:65:ed:ee:9c:57:78:5d:2c:2c:03:79:84:
                    40:ba:f2:85:d7:55:91:94:ce:6d:12:d9:34:f3:ec:
                    b8:69:7f:4d:e9:60:b6:ff:72:23:97:e7:96:33:22:
                    51:b8:d8:bf:5e:48:57:5a:db:9d:b5:3b:d2:80:92:
                    ff:7d:45:1d:92:21:d2:20:3a:be:93:ee:9e:f2:87:
                    52:70:b1:ee:72:9c:fc:21:95:8d:a4:f0:b7:37:a1:
                    cf:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:89:FB:3D:3C:45:7A:C2:5C:D0:50:27:E3:24:30:60:38:FD:F8:87
            X509v3 Authority Key Identifier:
                keyid:1F:38:D4:B0:CB:A8:99:C2:4F:4E:34:07:38:4D:6D:3F:A8:D5:1A:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:21:26:57:de:bb:7b:20:c5:21:50:69:45:f4:33:a8:d5:71:
         62:61:35:c2:84:8f:7c:55:93:22:97:31:e3:fb:21:3b:a4:b3:
         9d:ce:ff:62:e8:c4:d3:83:38:56:2c:99:84:14:28:88:50:a8:
         ff:e4:7d:45:63:60:ce:5f:c4:58:44:d0:df:a1:f0:9b:27:df:
         ce:75:76:35:b9:1a:54:e1:9f:c7:ba:88:44:ac:09:db:a2:4f:
         39:e8:7e:36:62:bd:09:60:39:b7:a0:3a:4b:91:45:47:d0:36:
         5c:46:28:db:21:fa:1b:f7:08:f6:e1:ba:27:aa:5d:33:87:c7:
         fc:9e:ed:a6:28:1d:73:75:43:49:0b:82:a6:00:c5:a4:8d:b1:
         47:e1:62:ec:94:fd:07:fe:2f:f5:37:70:ea:0b:49:ce:63:b1:
         7e:fa:85:ee:9e:df:3b:05:da:6c:82:00:52:36:b8:ce:64:42:
         6d:ca:4e:00:7a:f8:0d:de:23:c7:d9:9a:85:61:d1:a9:06:4d:
         41:26:7a:83:a4:b7:86:2d:27:0f:9b:39:7b:fe:64:4c:8b:b3:
         86:1a:03:3c:9e:12:7b:f3:6f:d3:4f:a9:da:7f:31:d5:51:21:
         45:bf:3e:af:ea:51:1c:02:80:9d:2c:75:90:c1:bb:c6:68:f4:
         c9:13:b5:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJhFvNxwE+wYfooCbXXpbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzhkNGIwY2JhODk5YzI0ZjRlMzQwNzM4NGQ2ZDNmYThk
NTFhNWYwHhcNMjUwNTEzMTIwMDE2WhcNMjUwNTE0MTIwMDE2WjAzMTEwLwYDVQQD
EyhlZDg5ZmIzZDNjNDU3YWMyNWNkMDUwMjdlMzI0MzA2MDM4ZmRmODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTl6GBH+I9o+O2cIH2NABu3V8Lqi
/hp2UKusAa45onPZcH4f31V1p4KH/NvloUT+pO1EFRMd6WwVFRLL8i96nruaFpzb
7iqEuhQhu80blL8NmcaCMTjy03MiNbb2Vv5qG350+s5bZ1RDnPi2c4awVkAvd0Sd
JtxOiB5G42mbial94pDzmUzsxGpNuuxZ8QH9loCjEqR0P9IedR/4U79KHWCT+//2
v41l7e6cV3hdLCwDeYRAuvKF11WRlM5tEtk08+y4aX9N6WC2/3Ijl+eWMyJRuNi/
XkhXWtudtTvSgJL/fUUdkiHSIDq+k+6e8odScLHucpz8IZWNpPC3N6HPZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2J+z08RXrCXNBQJ+MkMGA4/fiHMB8GA1UdIwQY
MBaAFB841LDLqJnCT040BzhNbT+o1RpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8xNmNmN2QtYTE1MS00OWVjLThkOGEt
M2EyODhjMmM4NTJjLzEvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8xNmNmN2QtYTE1MS00OWVjLThkOGEtM2EyODhjMmM4NTJj
LzEvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApSEmV967
eyDFIVBpRfQzqNVxYmE1woSPfFWTIpcx4/shO6Sznc7/YujE04M4ViyZhBQoiFCo
/+R9RWNgzl/EWETQ36HwmyffznV2NbkaVOGfx7qIRKwJ26JPOeh+NmK9CWA5t6A6
S5FFR9A2XEYo2yH6G/cI9uG6J6pdM4fH/J7tpigdc3VDSQuCpgDFpI2xR+Fi7JT9
B/4v9Tdw6gtJzmOxfvqF7p7fOwXabIIAUja4zmRCbcpOAHr4Dd4jx9mahWHRqQZN
QSZ6g6S3hi0nD5s5e/5kTIuzhhoDPJ4Se/Nv00+p2n8x1VEhRb8+r+pRHAKAnSx1
kMG7xmj0yRO1PQ==
-----END CERTIFICATE-----