Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          HB9blQdmz5ka7hyhvldfST/aZhlvMYx1V7RzRXs5Gp4=
Subject key identifier:   7B:A2:43:71:BE:89:D6:4D:45:52:18:65:FE:63:4F:63:BF:37:65:3D
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       0196DA781377AC460A49C7EE532B523CCAA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          073D
Signing time:             Fri 16 May 2025 19:00:24 +0000
Manifest this update:     Fri 16 May 2025 19:00:24 +0000
Manifest next update:     Sat 17 May 2025 19:00:24 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: MHG44crVbdpjCyCEL8KqT+o3SB/GGuHgnw4RMQJBN8M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 17 May 2025 17:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:da:78:13:77:ac:46:0a:49:c7:ee:53:2b:52:3c:ca:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: May 16 19:00:24 2025 GMT
            Not After : May 17 19:00:24 2025 GMT
        Subject: CN=7ba24371be89d64d45521865fe634f63bf37653d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3f:e0:83:4a:dd:55:b5:a5:d9:a6:55:37:c3:
                    99:4d:9a:bd:05:74:a3:6f:15:75:18:e3:e4:a6:c0:
                    d6:b7:94:c3:cd:38:b9:e7:60:a2:a0:6e:1c:c3:29:
                    0a:2a:d3:e9:c0:6e:d0:9c:04:aa:c1:d8:09:ad:b6:
                    50:10:08:4d:38:71:30:10:94:05:c4:b8:96:9e:33:
                    2f:2e:90:87:2e:4a:5e:c5:9e:dd:98:28:4c:4f:ef:
                    db:89:2a:8f:b8:41:d0:d9:9c:3d:ff:ed:93:39:90:
                    d6:5b:92:55:13:b5:00:40:b1:8d:44:52:08:fb:c4:
                    d2:74:ab:90:4f:74:f4:22:70:15:44:68:67:2a:4d:
                    27:54:ca:86:a4:27:4d:39:d0:96:5d:97:c4:43:bf:
                    30:9c:1e:8d:b7:49:0e:cf:af:58:ac:8c:ea:79:4e:
                    35:b4:a9:72:1d:f9:7b:3a:a9:fe:5a:71:53:82:e3:
                    7a:31:b2:a8:2b:c4:e1:cf:b8:f3:55:bc:a1:09:1b:
                    8e:3d:83:d5:c8:e4:15:81:84:a4:bd:78:9c:43:d5:
                    9c:97:6e:70:c3:00:65:7d:29:26:91:fb:c4:e4:46:
                    62:0f:db:63:66:60:bf:d6:11:b4:e3:fb:24:08:14:
                    dc:ac:3b:aa:12:e9:90:2d:8e:dd:28:04:24:53:56:
                    77:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:A2:43:71:BE:89:D6:4D:45:52:18:65:FE:63:4F:63:BF:37:65:3D
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:d8:a3:9a:52:62:05:11:3f:1c:2d:b5:15:ae:00:e4:cf:43:
         60:1d:f8:b5:17:a7:da:36:2e:1f:bf:df:92:34:4c:ef:49:98:
         04:14:28:19:63:cd:ed:51:2e:51:5b:7a:19:84:0f:a7:f1:ea:
         ce:a1:6a:75:32:c8:8c:0a:cd:01:e1:c1:c4:77:15:91:39:86:
         e7:6f:9d:a7:d4:2f:3a:ba:f6:14:6e:b4:75:96:79:8e:62:5b:
         0b:a7:13:47:48:9f:8d:dc:ae:28:de:1f:a4:89:c1:3e:32:da:
         17:98:c3:79:34:c2:a4:ab:48:56:11:d1:22:f1:4b:c4:af:7c:
         9c:e7:1a:5f:bd:bf:e7:14:6e:d0:77:a2:f2:0e:27:cd:05:15:
         b8:42:d5:88:1a:b2:46:cd:28:62:71:7b:c6:11:4e:f1:de:8f:
         04:08:79:68:c3:4b:45:b0:86:83:1e:b4:0d:60:5d:5d:19:e0:
         79:b4:d5:22:46:34:9c:a2:28:5e:35:cb:4e:40:b4:67:94:b6:
         60:5c:f9:b5:85:78:0e:93:4b:fc:15:5d:b2:b4:18:5b:11:e6:
         71:4b:c6:a4:0a:0d:e1:8a:3c:82:90:81:60:c2:cd:44:90:0a:
         19:80:04:63:d3:e5:4e:20:3e:32:2b:c4:bc:78:ac:50:a2:5f:
         93:e8:09:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbaeBN3rEYKScfuUytSPMqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUwNTE2MTkwMDI0WhcNMjUwNTE3MTkwMDI0WjAzMTEwLwYDVQQD
Eyg3YmEyNDM3MWJlODlkNjRkNDU1MjE4NjVmZTYzNGY2M2JmMzc2NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArz/gg0rdVbWl2aZVN8OZTZq9BXSj
bxV1GOPkpsDWt5TDzTi552CioG4cwykKKtPpwG7QnASqwdgJrbZQEAhNOHEwEJQF
xLiWnjMvLpCHLkpexZ7dmChMT+/biSqPuEHQ2Zw9/+2TOZDWW5JVE7UAQLGNRFII
+8TSdKuQT3T0InAVRGhnKk0nVMqGpCdNOdCWXZfEQ78wnB6Nt0kOz69YrIzqeU41
tKlyHfl7Oqn+WnFTguN6MbKoK8Thz7jzVbyhCRuOPYPVyOQVgYSkvXicQ9Wcl25w
wwBlfSkmkfvE5EZiD9tjZmC/1hG04/skCBTcrDuqEumQLY7dKAQkU1Z3cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHuiQ3G+idZNRVIYZf5jT2O/N2U9MB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg9ijmlJi
BRE/HC21Fa4A5M9DYB34tRen2jYuH7/fkjRM70mYBBQoGWPN7VEuUVt6GYQPp/Hq
zqFqdTLIjArNAeHBxHcVkTmG52+dp9QvOrr2FG60dZZ5jmJbC6cTR0ifjdyuKN4f
pInBPjLaF5jDeTTCpKtIVhHRIvFLxK98nOcaX72/5xRu0Hei8g4nzQUVuELViBqy
Rs0oYnF7xhFO8d6PBAh5aMNLRbCGgx60DWBdXRngebTVIkY0nKIoXjXLTkC0Z5S2
YFz5tYV4DpNL/BVdsrQYWxHmcUvGpAoN4Yo8gpCBYMLNRJAKGYAEY9PlTiA+MivE
vHisUKJfk+gJxw==
-----END CERTIFICATE-----