Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          2b60oLP5zmPoz3N2cIzQj0L1/IZ7v67FsbGsizKM6l8=
Subject key identifier:   73:66:12:A6:9E:79:B0:BC:98:33:71:0F:FA:7E:5A:7B:AD:41:FE:17
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019A7112DE6288F82FE3348C96BFF9E51E72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 04:00:53 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:53 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:53 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: 3hGHAZpkJcjvXhHP7SKhcY0SIpS5+SCgCPplujHT3sk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:de:62:88:f8:2f:e3:34:8c:96:bf:f9:e5:1e:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Nov 11 04:00:53 2025 GMT
            Not After : Nov 12 04:00:53 2025 GMT
        Subject: CN=736612a69e79b0bc9833710ffa7e5a7bad41fe17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:61:a1:fd:06:e4:ea:b4:ef:fa:24:b7:ce:70:
                    20:68:94:a2:e1:7f:9d:28:50:37:89:4f:44:be:98:
                    f1:88:f0:f0:87:6b:fc:f0:59:34:2a:8a:28:81:9f:
                    64:04:01:04:e4:11:b8:8c:1c:78:4f:f2:7b:f4:da:
                    de:85:7c:4e:4c:d9:64:ef:2f:dc:ae:65:f6:2c:d7:
                    4e:a4:3f:4e:c9:39:2f:34:c7:9c:39:f2:20:2f:b6:
                    bc:ff:d9:c0:a8:49:e8:29:40:5e:8b:ad:7a:d8:03:
                    01:57:22:28:aa:ad:98:a0:99:1b:6e:e3:7d:c1:67:
                    9c:c3:95:5f:01:71:85:31:96:3e:33:ac:92:fd:f1:
                    5b:85:b8:38:e1:8d:1e:12:69:1f:df:3d:5f:3e:ed:
                    8a:a1:38:9a:d2:fd:81:0e:db:1c:8c:14:f9:c3:d7:
                    51:c3:32:65:8a:31:d8:93:cb:c3:9f:61:85:e3:18:
                    a1:c5:08:d0:ad:79:51:67:c0:f4:69:01:5d:fb:8e:
                    97:38:67:94:79:16:32:88:bd:d4:b3:7c:c7:2e:56:
                    30:c7:65:96:60:a7:a7:28:37:8a:63:f2:ba:ed:2f:
                    5e:aa:d0:9f:3e:a0:62:c1:35:5e:4f:26:9d:84:01:
                    11:1e:3d:8d:52:61:1b:fe:ce:f3:5c:1d:fa:10:4d:
                    62:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:66:12:A6:9E:79:B0:BC:98:33:71:0F:FA:7E:5A:7B:AD:41:FE:17
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:d1:e1:cf:77:a6:43:43:26:7f:e6:d4:55:2f:86:1f:7c:cb:
         f0:e6:49:fd:f4:b3:e4:8b:7c:c5:f2:f2:93:ac:b2:3b:75:30:
         3a:7d:57:f8:a1:6f:94:8f:a7:66:b8:8b:52:4c:de:15:f6:8f:
         73:92:aa:39:43:fa:83:f7:08:71:e7:e4:90:74:8b:0a:10:92:
         ae:75:31:ad:95:30:5f:4d:f0:1a:ce:04:5f:ad:55:37:76:16:
         a3:22:ea:a3:60:e9:e6:30:72:1a:f7:2b:79:3a:7f:8e:91:66:
         29:80:2c:ae:9b:99:5f:82:63:f7:a3:75:5a:c0:b3:a7:71:50:
         3a:be:1a:0b:f0:f2:33:9c:bd:6f:47:ad:4f:36:c6:2f:27:6e:
         de:f8:dc:e5:f4:01:ab:32:a6:77:1b:e5:b1:e3:97:e7:32:c9:
         c0:9b:0e:e9:5a:28:70:06:24:19:19:a1:1e:bd:1e:d6:91:c0:
         6a:e6:1a:7c:8d:68:4a:24:a9:3d:5f:49:e1:17:86:aa:71:70:
         d9:57:b5:28:ed:c4:ac:16:38:bc:bd:e1:9c:80:88:6c:e4:9d:
         21:5c:b6:3f:e7:1a:5b:c2:90:67:13:f2:22:27:c2:ab:ee:0c:
         3c:92:d7:2f:1b:7f:a8:4c:a5:7d:33:89:47:04:3c:49:8f:99:
         26:93:47:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEt5iiPgv4zSMlr/55R5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUxMTExMDQwMDUzWhcNMjUxMTEyMDQwMDUzWjAzMTEwLwYDVQQD
Eyg3MzY2MTJhNjllNzliMGJjOTgzMzcxMGZmYTdlNWE3YmFkNDFmZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mGh/Qbk6rTv+iS3znAgaJSi4X+d
KFA3iU9EvpjxiPDwh2v88Fk0KooogZ9kBAEE5BG4jBx4T/J79NrehXxOTNlk7y/c
rmX2LNdOpD9OyTkvNMecOfIgL7a8/9nAqEnoKUBei6162AMBVyIoqq2YoJkbbuN9
wWecw5VfAXGFMZY+M6yS/fFbhbg44Y0eEmkf3z1fPu2KoTia0v2BDtscjBT5w9dR
wzJlijHYk8vDn2GF4xihxQjQrXlRZ8D0aQFd+46XOGeUeRYyiL3Us3zHLlYwx2WW
YKenKDeKY/K67S9eqtCfPqBiwTVeTyadhAERHj2NUmEb/s7zXB36EE1inQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHNmEqaeebC8mDNxD/p+WnutQf4XMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEActHhz3em
Q0Mmf+bUVS+GH3zL8OZJ/fSz5It8xfLyk6yyO3UwOn1X+KFvlI+nZriLUkzeFfaP
c5KqOUP6g/cIcefkkHSLChCSrnUxrZUwX03wGs4EX61VN3YWoyLqo2Dp5jByGvcr
eTp/jpFmKYAsrpuZX4Jj96N1WsCzp3FQOr4aC/DyM5y9b0etTzbGLydu3vjc5fQB
qzKmdxvlseOX5zLJwJsO6VoocAYkGRmhHr0e1pHAauYafI1oSiSpPV9J4ReGqnFw
2Ve1KO3ErBY4vL3hnICIbOSdIVy2P+caW8KQZxPyIifCq+4MPJLXLxt/qEylfTOJ
RwQ8SY+ZJpNH0Q==
-----END CERTIFICATE-----