Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
File:                     ihz-evMMHHJdI25KL8Kv1wn65kQ.mft (raw, json)
Hash identifier:          PE++Yvhrv7iFcc1Z4qjDAS7/s3eroGNLypidYvyyaVo=
Subject key identifier:   BE:BD:15:E3:7B:F2:91:E4:B4:48:61:70:39:1D:98:58:A2:8F:0A:3D
Authority key identifier: 8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44
Certificate issuer:       /CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
Certificate serial:       019759EE9D93579E971D2F693AAD3FD2532C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
Manifest number:          0943
Signing time:             Tue 10 Jun 2025 13:01:39 +0000
Manifest this update:     Tue 10 Jun 2025 13:01:39 +0000
Manifest next update:     Wed 11 Jun 2025 13:01:39 +0000
Files and hashes:         1: ihz-evMMHHJdI25KL8Kv1wn65kQ.crl (hash: F6lpNiG5pgzEbIe3DV+Afv48cODmF/ekw47Eb6sq2aQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ee:9d:93:57:9e:97:1d:2f:69:3a:ad:3f:d2:53:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
        Validity
            Not Before: Jun 10 13:01:39 2025 GMT
            Not After : Jun 11 13:01:39 2025 GMT
        Subject: CN=bebd15e37bf291e4b4486170391d9858a28f0a3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e2:0b:0d:68:36:4e:8f:2b:73:cb:c4:a0:25:
                    b3:9f:be:b9:e6:48:3d:74:60:ab:f1:09:a4:93:b6:
                    1e:6e:59:94:74:0a:bc:ec:90:d0:70:18:dc:9e:0c:
                    c4:a9:b5:4c:44:01:47:12:8d:a6:32:ba:ea:90:00:
                    d6:94:74:00:9c:02:e9:5e:ab:22:7c:6a:9a:d0:2d:
                    be:fe:56:10:d2:13:c6:2a:86:c3:46:74:cb:b7:4b:
                    13:20:3f:f3:7d:e6:b5:52:cd:5f:65:de:0d:e9:9d:
                    43:f1:08:b2:8b:f0:d1:d1:46:3f:7d:0c:e2:4f:c4:
                    e2:f7:7d:74:ed:cd:71:05:9b:29:8f:79:bf:98:d7:
                    85:a9:ff:e1:d9:8c:5a:94:77:7d:b8:73:71:30:e7:
                    21:6e:83:20:98:d3:80:29:40:b7:8e:63:68:d6:86:
                    d2:15:d1:9c:99:21:b1:69:af:97:73:35:7f:ec:3f:
                    f0:8a:15:87:16:05:b0:ec:97:64:0f:70:c1:83:07:
                    59:5e:32:f9:11:75:5d:cf:7d:d4:c6:47:89:c6:55:
                    ee:5a:63:6f:a6:f6:f8:a2:f2:c1:f4:a5:e7:ef:44:
                    f5:9f:72:a7:3f:62:9b:8f:47:71:c8:99:b7:fb:96:
                    49:32:68:42:12:68:ba:84:5d:a7:07:65:4c:d6:f2:
                    e7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:BD:15:E3:7B:F2:91:E4:B4:48:61:70:39:1D:98:58:A2:8F:0A:3D
            X509v3 Authority Key Identifier:
                keyid:8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:74:69:0b:5c:be:80:79:99:98:74:23:4d:a3:cb:7a:2e:f0:
         8b:09:25:de:2e:e0:f7:a9:e2:76:60:65:76:3c:54:ca:dc:5f:
         a0:6c:66:5a:0d:23:c7:fd:68:f0:7b:68:2e:a8:4b:d6:03:98:
         dd:2b:ad:0f:6c:8d:26:26:e5:5e:61:b9:79:41:cc:5e:0c:b7:
         b3:a6:84:b6:02:51:d3:8a:25:28:1a:36:c2:41:f9:c0:8e:74:
         37:75:cf:5c:a8:11:8d:33:e2:23:c3:4c:a6:fc:03:ea:eb:b3:
         46:f8:3b:7b:dd:62:1e:37:98:a6:93:b4:a7:71:17:1b:80:80:
         15:bd:5a:29:d7:08:c8:c2:c9:20:60:bd:9c:70:9f:7b:23:83:
         ee:b8:c3:a3:7f:c0:d2:ea:2d:8a:c9:b1:8d:98:b2:ac:66:e0:
         f0:1f:59:3e:ec:3b:ca:58:fa:bd:f6:c0:0b:ff:33:ca:08:34:
         81:03:0b:75:33:25:34:1c:1e:2b:b9:46:95:28:a9:81:c6:12:
         81:80:df:b0:4c:3f:4d:62:67:f0:52:f5:90:f1:5c:4c:cb:44:
         94:6e:e3:0d:5c:58:04:7e:57:99:bc:8b:b6:56:5e:79:91:c4:
         54:fb:20:f5:46:10:45:84:17:3e:30:28:0b:37:6e:0e:23:cb:
         0b:0e:76:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7p2TV56XHS9pOq0/0lMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNmZTdhZjMwYzFjNzI1ZDIzNmU0YTJmYzJhZmQ3MDlm
YWU2NDQwHhcNMjUwNjEwMTMwMTM5WhcNMjUwNjExMTMwMTM5WjAzMTEwLwYDVQQD
EyhiZWJkMTVlMzdiZjI5MWU0YjQ0ODYxNzAzOTFkOTg1OGEyOGYwYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeILDWg2To8rc8vEoCWzn7655kg9
dGCr8Qmkk7YeblmUdAq87JDQcBjcngzEqbVMRAFHEo2mMrrqkADWlHQAnALpXqsi
fGqa0C2+/lYQ0hPGKobDRnTLt0sTID/zfea1Us1fZd4N6Z1D8Qiyi/DR0UY/fQzi
T8Ti93107c1xBZspj3m/mNeFqf/h2YxalHd9uHNxMOchboMgmNOAKUC3jmNo1obS
FdGcmSGxaa+XczV/7D/wihWHFgWw7JdkD3DBgwdZXjL5EXVdz33UxkeJxlXuWmNv
pvb4ovLB9KXn70T1n3KnP2Kbj0dxyJm3+5ZJMmhCEmi6hF2nB2VM1vLneQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL69FeN78pHktEhhcDkdmFiijwo9MB8GA1UdIwQY
MBaAFIoc/nrzDBxyXSNuSi/Cr9cJ+uZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYt
YjhhM2QxNjUwMzk2LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYtYjhhM2QxNjUwMzk2
LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS3RpC1y+
gHmZmHQjTaPLei7wiwkl3i7g96nidmBldjxUytxfoGxmWg0jx/1o8HtoLqhL1gOY
3SutD2yNJiblXmG5eUHMXgy3s6aEtgJR04olKBo2wkH5wI50N3XPXKgRjTPiI8NM
pvwD6uuzRvg7e91iHjeYppO0p3EXG4CAFb1aKdcIyMLJIGC9nHCfeyOD7rjDo3/A
0uotismxjZiyrGbg8B9ZPuw7ylj6vfbAC/8zygg0gQMLdTMlNBweK7lGlSipgcYS
gYDfsEw/TWJn8FL1kPFcTMtElG7jDVxYBH5XmbyLtlZeeZHEVPsg9UYQRYQXPjAo
CzduDiPLCw52QA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:59:27 2025 by rpki-client