Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
File:                     ihz-evMMHHJdI25KL8Kv1wn65kQ.mft (raw, json)
Hash identifier:          j2VeF07xM5q5jzgguMxZQ6BEkBOaXnwh+X/W1cmu9/k=
Subject key identifier:   01:B0:34:62:A7:31:D3:0F:F1:94:BE:79:CA:7D:2D:95:1B:DC:12:2E
Authority key identifier: 8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44
Certificate issuer:       /CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
Certificate serial:       019921B176293E978791063CA8662358A3F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
Manifest number:          0A2F
Signing time:             Sun 07 Sep 2025 01:01:42 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:42 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:42 +0000
Files and hashes:         1: ihz-evMMHHJdI25KL8Kv1wn65kQ.crl (hash: /2RVR+PQWqEp7U4AnVTiUh0KUi9qlWFdw+PMxUSYKWM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:76:29:3e:97:87:91:06:3c:a8:66:23:58:a3:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
        Validity
            Not Before: Sep  7 01:01:42 2025 GMT
            Not After : Sep  8 01:01:42 2025 GMT
        Subject: CN=01b03462a731d30ff194be79ca7d2d951bdc122e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:9f:39:b1:9a:c7:a3:25:75:54:25:64:51:0b:
                    6d:8f:3d:d3:61:f2:34:c1:82:a2:7f:05:65:a1:77:
                    0a:80:16:da:76:0a:4f:b4:97:4d:f9:01:2f:2d:17:
                    ee:66:7f:30:3f:b8:e4:8a:24:fb:33:1d:3f:00:f4:
                    b8:d4:35:92:30:f3:fe:58:c4:14:aa:8f:20:c5:21:
                    69:11:69:5c:69:0d:2d:fb:3d:f3:3a:70:0c:d5:c1:
                    76:44:bd:3a:b3:e0:6e:91:49:be:1d:d0:ca:b8:ae:
                    a0:47:13:e1:ce:6a:9d:9b:db:74:93:5d:2e:27:7a:
                    d6:f6:b8:38:a1:53:ab:db:dd:09:45:14:ce:7b:98:
                    06:1a:0f:09:d4:a7:1a:7d:e3:ce:ba:e3:fc:01:6a:
                    16:1a:2f:e8:c9:ca:3d:2a:71:dd:d2:29:59:5e:a1:
                    5e:a5:58:e9:b4:09:b1:b1:c4:ab:35:4c:2a:74:a0:
                    e5:3b:c3:65:f5:ee:c3:7e:88:0b:34:b1:38:28:03:
                    0a:36:71:98:80:43:0b:49:5c:43:7a:a8:f3:81:a4:
                    de:f3:02:75:27:42:1a:b2:10:ca:91:a5:65:93:5b:
                    bf:d3:73:ea:e1:49:75:20:4b:29:54:16:f6:94:55:
                    68:de:67:df:30:e3:94:4a:3a:30:6f:e7:a7:1d:cd:
                    71:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:B0:34:62:A7:31:D3:0F:F1:94:BE:79:CA:7D:2D:95:1B:DC:12:2E
            X509v3 Authority Key Identifier:
                keyid:8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:43:e6:2d:f8:73:69:6a:71:b2:b7:72:47:d3:a2:ec:34:c1:
         ba:7c:33:96:5c:5e:88:e2:e7:46:27:43:90:98:7d:82:5d:c8:
         65:b3:11:a2:3b:6d:5e:9d:c8:f3:34:cb:25:48:6b:a6:f4:52:
         dc:40:76:6a:b5:f0:a5:4f:ad:1c:cc:4e:cc:9c:d4:1c:45:48:
         2f:11:c4:86:da:45:15:9f:18:78:cf:9c:58:08:b8:22:1c:8f:
         da:d2:ed:70:69:70:80:26:25:98:4d:88:cd:78:72:ef:fe:8d:
         3d:04:e4:d9:79:d4:c8:16:de:d3:2c:81:51:e7:8f:64:cd:07:
         bf:a8:74:78:75:ca:34:63:45:31:6b:7f:36:1a:b2:f2:04:5c:
         40:f8:74:00:09:84:02:e9:db:27:43:50:6b:d5:13:18:da:67:
         f3:69:a7:8c:96:ee:7b:f4:8f:e1:54:1e:64:0e:18:fb:1e:ba:
         9b:3f:8e:b0:7a:f0:79:f3:5c:2e:8b:d6:a7:bb:77:eb:06:4d:
         74:83:df:5c:59:3d:bf:56:7a:46:9f:6b:de:7f:e9:d8:31:04:
         4d:e4:0e:aa:d1:15:b2:64:3d:e4:d1:f9:b5:77:77:b1:ce:10:
         9e:58:97:c4:45:e9:aa:93:27:b0:d0:a1:e3:b1:7a:a8:18:77:
         43:eb:fc:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsXYpPpeHkQY8qGYjWKPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNmZTdhZjMwYzFjNzI1ZDIzNmU0YTJmYzJhZmQ3MDlm
YWU2NDQwHhcNMjUwOTA3MDEwMTQyWhcNMjUwOTA4MDEwMTQyWjAzMTEwLwYDVQQD
EygwMWIwMzQ2MmE3MzFkMzBmZjE5NGJlNzljYTdkMmQ5NTFiZGMxMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs585sZrHoyV1VCVkUQttjz3TYfI0
wYKifwVloXcKgBbadgpPtJdN+QEvLRfuZn8wP7jkiiT7Mx0/APS41DWSMPP+WMQU
qo8gxSFpEWlcaQ0t+z3zOnAM1cF2RL06s+BukUm+HdDKuK6gRxPhzmqdm9t0k10u
J3rW9rg4oVOr290JRRTOe5gGGg8J1KcafePOuuP8AWoWGi/oyco9KnHd0ilZXqFe
pVjptAmxscSrNUwqdKDlO8Nl9e7DfogLNLE4KAMKNnGYgEMLSVxDeqjzgaTe8wJ1
J0IashDKkaVlk1u/03Pq4Ul1IEspVBb2lFVo3mffMOOUSjowb+enHc1x4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAGwNGKnMdMP8ZS+ecp9LZUb3BIuMB8GA1UdIwQY
MBaAFIoc/nrzDBxyXSNuSi/Cr9cJ+uZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYt
YjhhM2QxNjUwMzk2LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYtYjhhM2QxNjUwMzk2
LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFkPmLfhz
aWpxsrdyR9Oi7DTBunwzllxeiOLnRidDkJh9gl3IZbMRojttXp3I8zTLJUhrpvRS
3EB2arXwpU+tHMxOzJzUHEVILxHEhtpFFZ8YeM+cWAi4IhyP2tLtcGlwgCYlmE2I
zXhy7/6NPQTk2XnUyBbe0yyBUeePZM0Hv6h0eHXKNGNFMWt/Nhqy8gRcQPh0AAmE
AunbJ0NQa9UTGNpn82mnjJbue/SP4VQeZA4Y+x66mz+OsHrwefNcLovWp7t36wZN
dIPfXFk9v1Z6Rp9r3n/p2DEETeQOqtEVsmQ95NH5tXd3sc4QnliXxEXpqpMnsNCh
47F6qBh3Q+v8sA==
-----END CERTIFICATE-----