Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
File:                     HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft (raw, json)
Hash identifier:          e3AmnrA4le9iledajvT52izp7BUC1CNLfotjuFYuz3E=
Subject key identifier:   84:2F:AF:23:EF:9F:64:F3:F0:42:B6:BA:B5:22:B3:C0:F3:B6:EB:8E
Authority key identifier: 1F:3B:F2:37:56:C6:E7:D6:4D:68:22:F5:97:B1:D5:80:49:BD:48:F1
Certificate issuer:       /CN=1f3bf23756c6e7d64d6822f597b1d58049bd48f1
Certificate serial:       0194C49A789CECA6BADD8F905192832C9E82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
Manifest number:          79
Signing time:             Sun 02 Feb 2025 03:00:45 +0000
Manifest this update:     Sun 02 Feb 2025 03:00:45 +0000
Manifest next update:     Mon 03 Feb 2025 03:00:45 +0000
Files and hashes:         1: HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl (hash: 59+tWJZWOUxQX+vMTqJe/HOtONwsamaxSu+tsaBis+c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:9a:78:9c:ec:a6:ba:dd:8f:90:51:92:83:2c:9e:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3bf23756c6e7d64d6822f597b1d58049bd48f1
        Validity
            Not Before: Feb  2 03:00:45 2025 GMT
            Not After : Feb  3 03:00:45 2025 GMT
        Subject: CN=842faf23ef9f64f3f042b6bab522b3c0f3b6eb8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:e7:3f:28:1b:7e:9f:75:cb:52:c6:ee:89:18:
                    37:13:a4:fb:7c:31:94:76:5e:31:6b:3c:be:fb:ac:
                    c5:0a:ac:e1:f2:69:36:d8:69:27:88:04:d0:61:3d:
                    ab:61:bc:9d:ef:a2:06:d0:3e:cd:97:b5:67:4c:09:
                    43:a8:d9:7b:b5:ec:29:d3:bc:b1:a0:f0:d4:55:33:
                    df:8d:2b:6e:38:fa:bf:b9:37:c1:9a:b4:a1:6d:28:
                    13:3e:6e:da:51:f2:0c:e5:5f:cd:f0:a1:e7:28:24:
                    f3:64:84:de:08:55:d2:f6:7d:c4:9d:af:ed:08:76:
                    e5:07:d4:a3:13:f1:ef:19:4b:7b:c7:0b:ea:f0:31:
                    d4:59:81:3f:60:9f:12:75:71:fa:ba:90:e2:a4:d0:
                    37:f9:4f:c0:2c:c1:94:4a:bc:10:ae:f1:4f:52:a4:
                    dc:d6:e6:3a:11:e0:18:0a:e5:cb:39:7d:df:f0:9f:
                    ab:b7:74:7b:58:5a:90:51:66:4b:5a:8e:7c:66:fc:
                    5f:57:b2:70:5a:cf:38:a4:3f:ad:37:60:62:1a:dd:
                    e7:06:b6:9e:43:8c:b0:6e:be:86:61:84:23:1b:4e:
                    59:5d:c5:75:e1:a7:eb:48:64:27:c2:91:13:0f:5e:
                    48:96:e9:d2:5f:78:80:01:75:dc:3b:68:35:c4:c9:
                    82:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:2F:AF:23:EF:9F:64:F3:F0:42:B6:BA:B5:22:B3:C0:F3:B6:EB:8E
            X509v3 Authority Key Identifier:
                keyid:1F:3B:F2:37:56:C6:E7:D6:4D:68:22:F5:97:B1:D5:80:49:BD:48:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:a6:04:76:9e:2b:e2:1a:02:62:0b:c6:0e:51:cd:e7:d6:6e:
         b5:a1:29:3a:c9:4d:23:76:be:ef:b4:89:49:02:30:5d:2d:04:
         bc:e9:5b:95:70:7b:e2:67:2c:60:b2:74:eb:a9:c4:5e:7c:f6:
         b7:b9:75:1b:1c:7c:15:91:bc:22:35:5f:7f:e1:da:5c:85:18:
         21:93:4a:3c:7c:b5:7e:6f:43:dc:e3:7e:e7:a4:e7:3a:f7:ef:
         c8:5a:1c:2c:15:54:4f:3e:86:39:a0:af:db:2a:89:d5:a6:5c:
         be:a6:46:4c:d0:ca:0d:0f:81:5d:cc:b2:d8:dc:53:50:33:b2:
         a4:5a:82:48:1c:bc:ff:4d:f5:e2:c7:b2:5a:ce:00:1a:be:2b:
         d4:4d:13:55:12:98:52:df:a8:52:26:bb:03:4c:62:a1:2f:8f:
         ef:29:9f:0a:9f:3e:6a:15:d6:66:74:01:28:80:c3:45:ea:4d:
         5d:8d:79:91:3d:c1:9c:5b:85:05:b4:4d:46:8d:d1:4c:90:a6:
         64:36:e6:11:9e:bc:c6:ca:b2:94:73:d3:8e:6e:ad:4a:dd:e8:
         1d:2a:60:d1:a7:a6:9d:b5:7e:14:a8:c8:89:e2:cd:d7:f9:bf:
         4d:8f:0d:88:49:ff:5f:d0:69:6e:60:b3:ab:23:5b:d9:b6:ac:
         0b:ee:66:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEmnic7Ka63Y+QUZKDLJ6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2JmMjM3NTZjNmU3ZDY0ZDY4MjJmNTk3YjFkNTgwNDli
ZDQ4ZjEwHhcNMjUwMjAyMDMwMDQ1WhcNMjUwMjAzMDMwMDQ1WjAzMTEwLwYDVQQD
Eyg4NDJmYWYyM2VmOWY2NGYzZjA0MmI2YmFiNTIyYjNjMGYzYjZlYjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Oc/KBt+n3XLUsbuiRg3E6T7fDGU
dl4xazy++6zFCqzh8mk22GkniATQYT2rYbyd76IG0D7Nl7VnTAlDqNl7tewp07yx
oPDUVTPfjStuOPq/uTfBmrShbSgTPm7aUfIM5V/N8KHnKCTzZITeCFXS9n3Ena/t
CHblB9SjE/HvGUt7xwvq8DHUWYE/YJ8SdXH6upDipNA3+U/ALMGUSrwQrvFPUqTc
1uY6EeAYCuXLOX3f8J+rt3R7WFqQUWZLWo58ZvxfV7JwWs84pD+tN2BiGt3nBrae
Q4ywbr6GYYQjG05ZXcV14afrSGQnwpETD15IlunSX3iAAXXcO2g1xMmCNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQvryPvn2Tz8EK2urUis8DztuuOMB8GA1UdIwQY
MBaAFB878jdWxufWTWgi9Zex1YBJvUjxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kMWJjZTItZjZkOC00OGFhLTk2MzIt
NDNkYzJkYmNhYjc3LzEvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9kMWJjZTItZjZkOC00OGFhLTk2MzItNDNkYzJkYmNhYjc3
LzEvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGKYEdp4r
4hoCYgvGDlHN59ZutaEpOslNI3a+77SJSQIwXS0EvOlblXB74mcsYLJ066nEXnz2
t7l1Gxx8FZG8IjVff+HaXIUYIZNKPHy1fm9D3ON+56TnOvfvyFocLBVUTz6GOaCv
2yqJ1aZcvqZGTNDKDQ+BXcyy2NxTUDOypFqCSBy8/0314seyWs4AGr4r1E0TVRKY
Ut+oUia7A0xioS+P7ymfCp8+ahXWZnQBKIDDRepNXY15kT3BnFuFBbRNRo3RTJCm
ZDbmEZ68xsqylHPTjm6tSt3oHSpg0aemnbV+FKjIieLN1/m/TY8NiEn/X9BpbmCz
qyNb2basC+5meg==
-----END CERTIFICATE-----