Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
File:                     ihz-evMMHHJdI25KL8Kv1wn65kQ.mft (raw, json)
Hash identifier:          XErdl//6SnceJOPQ/MNbyz93DqwfxkFXvLptkHhXBeM=
Subject key identifier:   86:01:FE:FB:8D:33:D4:66:2D:30:01:E8:C5:8C:BC:74:39:5F:29:23
Authority key identifier: 8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44
Certificate issuer:       /CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
Certificate serial:       019A71B93FA181C980C34C7B7E659B454551
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
Manifest number:          0ADD
Signing time:             Tue 11 Nov 2025 07:02:37 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:37 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:37 +0000
Files and hashes:         1: ihz-evMMHHJdI25KL8Kv1wn65kQ.crl (hash: ZtbiwdOsaOctuuO1X8Bq+De6V13+RqOudnYlGpucY9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:3f:a1:81:c9:80:c3:4c:7b:7e:65:9b:45:45:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
        Validity
            Not Before: Nov 11 07:02:37 2025 GMT
            Not After : Nov 12 07:02:37 2025 GMT
        Subject: CN=8601fefb8d33d4662d3001e8c58cbc74395f2923
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bc:46:f6:ad:b2:2c:45:2c:9b:4c:f9:ea:e3:
                    41:b8:f1:27:16:32:12:4c:f0:b4:f6:c0:f6:47:7c:
                    e9:62:fa:16:3e:c7:5f:34:bb:f3:6f:44:96:fc:b8:
                    12:5c:5b:dc:06:8f:f5:56:a6:e7:1a:c2:af:14:bc:
                    cb:fe:e7:ba:f4:b2:13:cc:62:04:94:db:20:8c:1d:
                    e9:c0:95:72:43:12:b1:d2:37:99:4b:b6:fd:54:c5:
                    3b:6c:c7:17:9b:a1:e7:c1:55:cb:70:dc:bd:76:87:
                    40:6c:8a:3c:fb:d7:37:a9:91:65:d4:2d:40:da:c8:
                    6a:c2:73:9c:83:c9:3f:06:87:0c:c4:91:9d:4e:b0:
                    09:0e:18:c1:36:23:21:54:0b:e5:dc:e1:2b:81:e0:
                    df:5e:82:c6:18:93:3e:f6:57:f2:5f:3e:55:ec:a3:
                    45:bd:65:a8:5d:fd:9a:f9:0d:7f:87:b7:ea:0e:68:
                    8e:04:2e:10:13:70:d1:c8:f9:59:8b:37:1c:43:2a:
                    23:cd:57:1d:58:dc:d7:1d:ba:ee:74:10:18:88:67:
                    90:9d:4c:60:25:73:6c:53:51:88:92:60:55:de:92:
                    44:d4:24:9a:55:3f:de:44:3a:3a:9b:8f:db:ef:4f:
                    cf:c1:0c:94:84:ce:eb:1c:08:6a:68:63:c5:66:08:
                    b2:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:01:FE:FB:8D:33:D4:66:2D:30:01:E8:C5:8C:BC:74:39:5F:29:23
            X509v3 Authority Key Identifier:
                keyid:8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:5d:d9:5c:b6:63:a5:ce:d4:0c:fb:c0:06:83:8d:34:36:2d:
         ca:64:98:b9:dd:9c:61:31:21:bb:c5:fa:81:4d:b7:60:0a:0c:
         34:43:d2:4c:e2:66:91:50:48:27:55:ee:a9:b3:23:df:cb:97:
         2b:28:5a:29:4a:2a:4c:ed:68:26:a7:0c:39:7d:6b:7f:b7:db:
         00:35:6f:91:ee:80:e4:60:8b:86:21:7b:58:8d:ea:cf:31:7a:
         7c:fe:fa:c1:38:97:5a:4a:cc:a5:3e:9c:e3:39:75:5c:b0:3b:
         f1:ee:9d:e4:36:9c:6f:01:1e:bc:02:33:70:12:f9:dd:64:83:
         0d:76:a2:b6:56:3f:2a:c7:99:95:d8:9b:2c:5e:e0:15:34:f0:
         a1:cf:bb:5f:13:23:bf:cb:2f:f4:e4:b5:07:18:1b:13:dd:21:
         6b:d8:c6:18:73:f0:9c:81:79:7a:e6:50:4b:de:c1:8e:52:93:
         bb:c4:9d:15:a0:3b:bf:ab:1b:8e:25:94:31:2c:c6:a4:84:99:
         3b:2c:e8:15:a0:08:66:29:a9:c8:5d:4d:61:db:eb:6d:ba:4c:
         3e:5b:4d:67:2e:93:39:59:47:fb:ca:e0:7f:ef:28:8b:dc:a7:
         8a:19:b9:99:ce:05:e4:b6:f0:7b:00:e9:3e:66:27:f8:7c:7d:
         9e:c3:75:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuT+hgcmAw0x7fmWbRUVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNmZTdhZjMwYzFjNzI1ZDIzNmU0YTJmYzJhZmQ3MDlm
YWU2NDQwHhcNMjUxMTExMDcwMjM3WhcNMjUxMTEyMDcwMjM3WjAzMTEwLwYDVQQD
Eyg4NjAxZmVmYjhkMzNkNDY2MmQzMDAxZThjNThjYmM3NDM5NWYyOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrxG9q2yLEUsm0z56uNBuPEnFjIS
TPC09sD2R3zpYvoWPsdfNLvzb0SW/LgSXFvcBo/1VqbnGsKvFLzL/ue69LITzGIE
lNsgjB3pwJVyQxKx0jeZS7b9VMU7bMcXm6HnwVXLcNy9dodAbIo8+9c3qZFl1C1A
2shqwnOcg8k/BocMxJGdTrAJDhjBNiMhVAvl3OErgeDfXoLGGJM+9lfyXz5V7KNF
vWWoXf2a+Q1/h7fqDmiOBC4QE3DRyPlZizccQyojzVcdWNzXHbrudBAYiGeQnUxg
JXNsU1GIkmBV3pJE1CSaVT/eRDo6m4/b70/PwQyUhM7rHAhqaGPFZgiymQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYB/vuNM9RmLTAB6MWMvHQ5XykjMB8GA1UdIwQY
MBaAFIoc/nrzDBxyXSNuSi/Cr9cJ+uZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYt
YjhhM2QxNjUwMzk2LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYtYjhhM2QxNjUwMzk2
LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzV3ZXLZj
pc7UDPvABoONNDYtymSYud2cYTEhu8X6gU23YAoMNEPSTOJmkVBIJ1XuqbMj38uX
KyhaKUoqTO1oJqcMOX1rf7fbADVvke6A5GCLhiF7WI3qzzF6fP76wTiXWkrMpT6c
4zl1XLA78e6d5DacbwEevAIzcBL53WSDDXaitlY/KseZldibLF7gFTTwoc+7XxMj
v8sv9OS1BxgbE90ha9jGGHPwnIF5euZQS97BjlKTu8SdFaA7v6sbjiWUMSzGpISZ
OyzoFaAIZimpyF1NYdvrbbpMPltNZy6TOVlH+8rgf+8oi9ynihm5mc4F5LbwewDp
PmYn+Hx9nsN1lw==
-----END CERTIFICATE-----