Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
File:                     ihz-evMMHHJdI25KL8Kv1wn65kQ.mft (raw, json)
Hash identifier:          PzdQaCsM3Hu9yayb5yKwaHmH4ngvEwMf0wI23iE1xpM=
Subject key identifier:   DA:64:BA:98:A6:2C:25:F1:B7:79:D4:E8:67:63:04:F4:0F:BF:13:6D
Authority key identifier: 8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44
Certificate issuer:       /CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
Certificate serial:       01976D3DFB6C9A26D8F47D01B6F7F612CC6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
Manifest number:          094D
Signing time:             Sat 14 Jun 2025 07:01:07 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:07 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:07 +0000
Files and hashes:         1: ihz-evMMHHJdI25KL8Kv1wn65kQ.crl (hash: 9ey55XhgJmrFqkDNE9Z7JINDDNtR5bI8J3NIurskMsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:fb:6c:9a:26:d8:f4:7d:01:b6:f7:f6:12:cc:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644
        Validity
            Not Before: Jun 14 07:01:07 2025 GMT
            Not After : Jun 15 07:01:07 2025 GMT
        Subject: CN=da64ba98a62c25f1b779d4e8676304f40fbf136d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:87:06:5c:21:18:61:62:5b:96:e6:d1:ad:91:
                    45:8f:3c:68:4d:b2:73:4b:10:ff:31:c8:7e:b1:68:
                    4e:fa:06:aa:b3:2d:88:7d:d8:f1:28:20:71:23:cd:
                    fe:28:59:ff:0e:86:2f:79:05:3c:32:03:e8:32:a7:
                    1f:55:27:ce:d2:89:c9:31:7b:0b:45:c9:5b:03:9f:
                    06:61:fa:ad:ca:3b:69:54:2a:77:e4:d5:09:35:e6:
                    cd:39:8e:de:f3:59:1b:3a:c1:05:86:2d:47:67:69:
                    d1:1a:9b:4b:93:e9:5a:10:e6:3c:b9:da:29:0c:b0:
                    e4:e9:e7:b0:0a:55:7e:5d:07:1c:21:20:d0:8d:2c:
                    7a:13:f7:8a:80:83:73:4e:da:0d:ef:75:d3:77:d7:
                    10:76:22:38:8e:86:bb:b8:f8:2a:0c:27:20:c2:cf:
                    8e:f7:34:1c:d8:b7:7e:85:5e:6d:46:bc:32:1e:1f:
                    37:91:24:b3:93:58:f2:02:58:e0:f2:e1:df:8d:39:
                    73:cf:5a:36:d9:0f:a1:e4:88:6f:3f:42:53:2b:5e:
                    15:be:dd:1e:26:7e:d6:2c:32:48:a3:f0:35:6d:3b:
                    75:8e:a5:79:d8:59:7d:ea:e2:68:de:c8:f1:6f:61:
                    82:9c:74:1c:6a:7c:55:3c:eb:39:c2:4a:04:f6:01:
                    52:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:64:BA:98:A6:2C:25:F1:B7:79:D4:E8:67:63:04:F4:0F:BF:13:6D
            X509v3 Authority Key Identifier:
                keyid:8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         f0:6e:ac:5d:62:8b:b1:80:5a:4c:c5:7a:cb:34:7c:ef:bc:ab:
         8c:ed:a5:76:ac:39:c7:6f:95:59:8c:99:16:d3:59:fc:80:01:
         89:8c:f7:2c:a1:08:6d:1d:2a:b4:53:57:fc:1f:1e:5d:ca:8a:
         69:07:ed:08:ee:3c:36:a2:47:ca:53:fa:dc:9a:4b:54:ff:92:
         e0:35:c4:68:ca:2e:44:d1:46:ea:4d:2c:14:58:48:d6:77:c2:
         3a:cd:05:01:2f:5f:21:13:49:20:ff:bc:39:50:91:c6:42:03:
         32:17:bf:07:6d:8f:04:4d:e2:8c:74:a8:a5:04:78:9b:8b:29:
         24:68:c9:e6:76:68:65:f9:50:28:14:66:3c:7e:e9:76:ac:58:
         ec:10:cf:44:d7:93:a9:22:54:f6:86:99:17:b7:1a:8e:5a:9f:
         fd:da:b5:99:42:a2:7c:3b:79:7f:9d:cb:61:87:db:b3:ba:04:
         19:bb:cc:89:d5:cb:16:9f:e5:bf:56:f8:54:76:bd:27:2e:e8:
         20:b3:ed:aa:02:c4:3f:5b:89:94:d3:88:09:91:46:d7:92:b8:
         d7:fe:75:35:b5:d7:0d:b7:85:62:38:94:16:99:30:28:bd:8b:
         0f:b4:10:fd:11:b1:0d:67:cb:ec:69:48:a8:c9:14:e3:b0:f6:
         81:a1:f2:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPftsmibY9H0Btvf2EsxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNmZTdhZjMwYzFjNzI1ZDIzNmU0YTJmYzJhZmQ3MDlm
YWU2NDQwHhcNMjUwNjE0MDcwMTA3WhcNMjUwNjE1MDcwMTA3WjAzMTEwLwYDVQQD
EyhkYTY0YmE5OGE2MmMyNWYxYjc3OWQ0ZTg2NzYzMDRmNDBmYmYxMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8YcGXCEYYWJblubRrZFFjzxoTbJz
SxD/Mch+sWhO+gaqsy2IfdjxKCBxI83+KFn/DoYveQU8MgPoMqcfVSfO0onJMXsL
RclbA58GYfqtyjtpVCp35NUJNebNOY7e81kbOsEFhi1HZ2nRGptLk+laEOY8udop
DLDk6eewClV+XQccISDQjSx6E/eKgINzTtoN73XTd9cQdiI4joa7uPgqDCcgws+O
9zQc2Ld+hV5tRrwyHh83kSSzk1jyAljg8uHfjTlzz1o22Q+h5IhvP0JTK14Vvt0e
Jn7WLDJIo/A1bTt1jqV52Fl96uJo3sjxb2GCnHQcanxVPOs5wkoE9gFS5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpkupimLCXxt3nU6GdjBPQPvxNtMB8GA1UdIwQY
MBaAFIoc/nrzDBxyXSNuSi/Cr9cJ+uZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYt
YjhhM2QxNjUwMzk2LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYtYjhhM2QxNjUwMzk2
LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA8G6sXWKL
sYBaTMV6yzR877yrjO2ldqw5x2+VWYyZFtNZ/IABiYz3LKEIbR0qtFNX/B8eXcqK
aQftCO48NqJHylP63JpLVP+S4DXEaMouRNFG6k0sFFhI1nfCOs0FAS9fIRNJIP+8
OVCRxkIDMhe/B22PBE3ijHSopQR4m4spJGjJ5nZoZflQKBRmPH7pdqxY7BDPRNeT
qSJU9oaZF7cajlqf/dq1mUKifDt5f53LYYfbs7oEGbvMidXLFp/lv1b4VHa9Jy7o
ILPtqgLEP1uJlNOICZFG15K41/51NbXXDbeFYjiUFpkwKL2LD7QQ/RGxDWfL7GlI
qMkU47D2gaHycw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:57:27 2025 by rpki-client