Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
File:                     ihz-evMMHHJdI25KL8Kv1wn65kQ.mft (raw, json)
Hash identifier:          j5FLI7+4uFRBGXZ1EHwsYaj5R1hfezLKkEgopzFIrhQ=
Subject key identifier:   46:4C:05:28:75:0D:08:D5:AC:60:D1:64:BB:A8:39:90:C9:67:5B:C3
Authority key identifier: 8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44
Certificate issuer:       /CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
Certificate serial:       0196138F703046FC45107EF1B5ABF2F98DC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
Manifest number:          089A
Signing time:             Tue 08 Apr 2025 04:01:29 +0000
Manifest this update:     Tue 08 Apr 2025 04:01:29 +0000
Manifest next update:     Wed 09 Apr 2025 04:01:29 +0000
Files and hashes:         1: ihz-evMMHHJdI25KL8Kv1wn65kQ.crl (hash: wWYJpn6w+BF4yJ/3uq4FPrrl+vKQif4QEM15l6+oXVw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 23:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:13:8f:70:30:46:fc:45:10:7e:f1:b5:ab:f2:f9:8d:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
        Validity
            Not Before: Apr  8 04:01:29 2025 GMT
            Not After : Apr  9 04:01:29 2025 GMT
        Subject: CN=464c0528750d08d5ac60d164bba83990c9675bc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:0c:2c:ba:7c:29:f5:51:da:61:fe:b4:95:48:
                    fa:19:f9:50:f5:a6:00:63:7c:93:ae:45:b9:6a:4f:
                    52:bf:0a:a8:f5:7e:c0:f9:22:2b:9d:44:8d:87:eb:
                    b8:da:cb:28:3c:e3:54:7a:c4:98:7a:a2:0c:5e:a6:
                    05:09:fd:74:31:ab:f7:f9:d2:85:8f:29:77:c3:74:
                    ec:b2:70:0e:97:2b:b3:6c:6d:31:86:d4:22:75:45:
                    55:df:3c:03:3a:5d:da:b2:4e:2c:26:b7:08:0c:49:
                    dd:af:02:09:28:1f:a9:ee:f1:a2:9d:18:97:6d:cc:
                    41:a3:44:77:04:b4:5c:e8:44:4b:27:cd:99:81:bb:
                    c2:32:c9:7e:58:e3:69:58:78:b6:90:af:ee:08:2a:
                    4d:4a:fe:e9:3a:ac:ab:69:c8:27:a2:d3:f0:0e:22:
                    1c:19:e3:10:35:ce:9e:c0:a6:87:12:51:0e:bf:da:
                    c1:15:e0:87:3c:54:3d:d5:f9:62:d4:33:1e:7c:1d:
                    fc:01:22:10:30:bd:13:10:5f:ec:4a:08:93:da:e1:
                    92:e3:13:63:1c:f2:ad:0a:77:6b:66:59:6f:2b:19:
                    65:2a:a7:d1:4a:9a:4f:d4:4a:9c:de:a4:c2:5f:1d:
                    78:1c:4c:8e:4b:f1:08:52:0d:2b:5a:ae:23:6c:e6:
                    7a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:4C:05:28:75:0D:08:D5:AC:60:D1:64:BB:A8:39:90:C9:67:5B:C3
            X509v3 Authority Key Identifier:
                keyid:8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:c9:ee:7e:c1:b2:d1:c3:2a:a4:98:e6:a0:dc:f8:bb:28:b7:
         d0:f8:94:c9:e7:11:98:c9:70:37:13:43:67:46:37:19:cd:d2:
         84:32:04:db:b8:a3:be:43:84:5d:aa:09:50:43:12:d6:2a:04:
         94:c4:ec:70:9e:e3:05:02:2e:d4:6a:65:d6:bf:aa:58:15:bb:
         e0:4e:07:d0:6a:5f:eb:ea:99:98:da:ab:30:92:3d:70:e6:a7:
         7f:ce:76:c7:64:b8:8a:27:af:f2:51:a6:1e:79:2d:b1:e4:b0:
         b8:db:dc:53:f7:c4:94:c0:66:ec:4c:55:1c:13:cf:56:9b:da:
         dd:ea:d8:10:b9:08:d5:b6:16:be:48:f1:a7:90:51:67:25:3d:
         42:85:06:fe:df:84:db:94:ee:a4:3a:60:fa:44:7c:b8:86:04:
         49:dc:ba:e0:1e:c8:81:2a:10:19:09:62:dd:a3:e9:fc:55:ec:
         9f:5f:52:d2:40:7f:d7:c4:19:6a:cb:43:06:20:86:d9:4e:a6:
         d4:92:09:d6:6d:5e:8c:9c:b9:7a:b6:d7:6b:63:81:af:d5:3c:
         31:b1:99:5b:4c:e4:94:93:97:32:a0:19:f0:a5:c5:ce:8a:d8:
         ff:5f:af:65:f7:10:e1:2c:77:6a:38:13:9a:99:ae:67:95:21:
         52:04:bf:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYTj3AwRvxFEH7xtavy+Y3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNmZTdhZjMwYzFjNzI1ZDIzNmU0YTJmYzJhZmQ3MDlm
YWU2NDQwHhcNMjUwNDA4MDQwMTI5WhcNMjUwNDA5MDQwMTI5WjAzMTEwLwYDVQQD
Eyg0NjRjMDUyODc1MGQwOGQ1YWM2MGQxNjRiYmE4Mzk5MGM5Njc1YmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gwsunwp9VHaYf60lUj6GflQ9aYA
Y3yTrkW5ak9Svwqo9X7A+SIrnUSNh+u42ssoPONUesSYeqIMXqYFCf10Mav3+dKF
jyl3w3TssnAOlyuzbG0xhtQidUVV3zwDOl3ask4sJrcIDEndrwIJKB+p7vGinRiX
bcxBo0R3BLRc6ERLJ82ZgbvCMsl+WONpWHi2kK/uCCpNSv7pOqyracgnotPwDiIc
GeMQNc6ewKaHElEOv9rBFeCHPFQ91fli1DMefB38ASIQML0TEF/sSgiT2uGS4xNj
HPKtCndrZllvKxllKqfRSppP1Eqc3qTCXx14HEyOS/EIUg0rWq4jbOZ6WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEZMBSh1DQjVrGDRZLuoOZDJZ1vDMB8GA1UdIwQY
MBaAFIoc/nrzDBxyXSNuSi/Cr9cJ+uZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYt
YjhhM2QxNjUwMzk2LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYtYjhhM2QxNjUwMzk2
LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAesnufsGy
0cMqpJjmoNz4uyi30PiUyecRmMlwNxNDZ0Y3Gc3ShDIE27ijvkOEXaoJUEMS1ioE
lMTscJ7jBQIu1Gpl1r+qWBW74E4H0Gpf6+qZmNqrMJI9cOanf852x2S4iiev8lGm
HnktseSwuNvcU/fElMBm7ExVHBPPVpva3erYELkI1bYWvkjxp5BRZyU9QoUG/t+E
25TupDpg+kR8uIYESdy64B7IgSoQGQli3aPp/FXsn19S0kB/18QZastDBiCG2U6m
1JIJ1m1ejJy5erbXa2OBr9U8MbGZW0zklJOXMqAZ8KXFzorY/1+vZfcQ4Sx3ajgT
mpmuZ5UhUgS/Lg==
-----END CERTIFICATE-----