Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
File:                     HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft (raw, json)
Hash identifier:          ZfVhLGOC0AZpbjRDiQQV1EE3fx+NnfM5aYX7FR/VzNo=
Subject key identifier:   34:77:4E:95:1F:D2:04:38:85:15:B9:64:49:F6:F9:8F:20:DF:6C:82
Authority key identifier: 1F:3B:F2:37:56:C6:E7:D6:4D:68:22:F5:97:B1:D5:80:49:BD:48:F1
Certificate issuer:       /CN=1f3bf23756c6e7d64d6822f597b1d58049bd48f1
Certificate serial:       0194BAF28CD0FB8FB43D6314D8037125935B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
Manifest number:          74
Signing time:             Fri 31 Jan 2025 06:00:45 +0000
Manifest this update:     Fri 31 Jan 2025 06:00:45 +0000
Manifest next update:     Sat 01 Feb 2025 06:00:45 +0000
Files and hashes:         1: HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl (hash: FSUyJRd1bMpgMwDxKFjcmEW8kDTldI57AXz0Lie/ckw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 06:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:f2:8c:d0:fb:8f:b4:3d:63:14:d8:03:71:25:93:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3bf23756c6e7d64d6822f597b1d58049bd48f1
        Validity
            Not Before: Jan 31 06:00:45 2025 GMT
            Not After : Feb  1 06:00:45 2025 GMT
        Subject: CN=34774e951fd204388515b96449f6f98f20df6c82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:d3:63:cd:5f:a4:8e:b6:7d:db:14:9b:84:13:
                    16:04:35:a7:99:89:e5:7e:02:a9:84:3e:07:eb:82:
                    b6:70:2e:d4:84:bd:10:89:0e:51:9c:e2:16:bf:33:
                    a0:c2:49:07:68:1f:57:5a:f6:8e:9e:d7:ab:c4:94:
                    85:ef:c7:80:75:ca:bf:2c:cc:59:d7:86:a4:f9:04:
                    4d:15:77:0c:db:e8:fd:3b:c3:f9:b8:48:fe:27:09:
                    2b:6e:fd:32:cd:8e:20:37:5f:f3:1e:88:9a:c3:a6:
                    34:86:77:15:a9:29:dc:5d:41:d4:19:72:05:64:39:
                    ae:2a:38:bb:af:72:38:f8:44:78:6f:33:12:23:27:
                    85:32:24:02:c2:d4:03:df:5c:00:51:45:d1:f5:66:
                    c4:3c:9e:0b:40:d3:be:a8:c0:56:b5:79:56:d1:28:
                    5d:97:9e:bc:17:bd:ab:ae:d8:a2:13:fa:87:02:e1:
                    f7:49:b4:a2:f1:5c:75:99:c2:ec:bd:0f:db:16:5b:
                    a6:9b:ec:fc:52:46:7b:bc:f8:55:e7:be:f0:87:67:
                    86:4d:2c:c5:03:5a:d3:1c:5c:d8:ff:6a:1b:bf:b7:
                    d0:14:a6:7d:0b:29:37:74:09:4f:3a:e2:2e:49:0c:
                    02:2e:b5:4d:0d:2c:97:51:30:18:03:01:fb:89:92:
                    8c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:77:4E:95:1F:D2:04:38:85:15:B9:64:49:F6:F9:8F:20:DF:6C:82
            X509v3 Authority Key Identifier:
                keyid:1F:3B:F2:37:56:C6:E7:D6:4D:68:22:F5:97:B1:D5:80:49:BD:48:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:7d:8f:3b:f4:55:3b:31:81:17:ff:8b:1f:36:4b:0f:78:bb:
         fb:e3:4d:e8:d5:89:43:1a:77:58:f3:a5:41:eb:3f:d2:52:cb:
         1c:72:70:c9:b7:2d:8a:22:72:a0:99:40:1f:96:b2:86:b0:7b:
         4a:73:7c:4f:92:23:95:66:10:1d:bc:d9:40:89:7b:78:e8:e8:
         da:25:95:91:87:b9:69:7b:59:7b:8a:12:43:c9:3c:51:11:67:
         aa:0a:02:92:bd:87:e2:f8:34:bc:56:ef:d7:29:44:d2:7f:86:
         53:f1:2b:72:43:60:bb:bd:d7:81:cd:0f:9d:e7:c2:a6:08:c3:
         13:9e:72:b1:b1:00:55:e5:73:0d:b4:c9:e0:cb:c9:a8:cc:f8:
         c3:81:c4:90:f0:e8:52:c3:2a:84:91:39:70:b4:1d:92:59:ad:
         a6:d3:0f:d8:bf:a4:d3:34:ac:9d:1f:15:d4:d0:4b:09:10:98:
         fe:a4:3e:2b:57:55:5f:e8:de:48:2c:59:05:81:9e:ed:c6:66:
         8a:bb:6c:93:70:76:14:00:9c:35:ce:ff:4d:e4:cc:61:8c:05:
         01:24:e7:01:c7:2e:2b:ea:70:ac:d7:7d:52:9b:9d:3e:48:b3:
         98:eb:c9:cc:62:4e:24:42:3c:27:7d:80:65:4a:7a:ba:0a:f5:
         19:2f:56:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS68ozQ+4+0PWMU2ANxJZNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2JmMjM3NTZjNmU3ZDY0ZDY4MjJmNTk3YjFkNTgwNDli
ZDQ4ZjEwHhcNMjUwMTMxMDYwMDQ1WhcNMjUwMjAxMDYwMDQ1WjAzMTEwLwYDVQQD
EygzNDc3NGU5NTFmZDIwNDM4ODUxNWI5NjQ0OWY2Zjk4ZjIwZGY2YzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtNjzV+kjrZ92xSbhBMWBDWnmYnl
fgKphD4H64K2cC7UhL0QiQ5RnOIWvzOgwkkHaB9XWvaOnterxJSF78eAdcq/LMxZ
14ak+QRNFXcM2+j9O8P5uEj+Jwkrbv0yzY4gN1/zHoiaw6Y0hncVqSncXUHUGXIF
ZDmuKji7r3I4+ER4bzMSIyeFMiQCwtQD31wAUUXR9WbEPJ4LQNO+qMBWtXlW0Shd
l568F72rrtiiE/qHAuH3SbSi8Vx1mcLsvQ/bFlumm+z8UkZ7vPhV577wh2eGTSzF
A1rTHFzY/2obv7fQFKZ9Cyk3dAlPOuIuSQwCLrVNDSyXUTAYAwH7iZKMEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDR3TpUf0gQ4hRW5ZEn2+Y8g32yCMB8GA1UdIwQY
MBaAFB878jdWxufWTWgi9Zex1YBJvUjxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kMWJjZTItZjZkOC00OGFhLTk2MzIt
NDNkYzJkYmNhYjc3LzEvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9kMWJjZTItZjZkOC00OGFhLTk2MzItNDNkYzJkYmNhYjc3
LzEvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQX2PO/RV
OzGBF/+LHzZLD3i7++NN6NWJQxp3WPOlQes/0lLLHHJwybctiiJyoJlAH5ayhrB7
SnN8T5IjlWYQHbzZQIl7eOjo2iWVkYe5aXtZe4oSQ8k8URFnqgoCkr2H4vg0vFbv
1ylE0n+GU/ErckNgu73Xgc0PnefCpgjDE55ysbEAVeVzDbTJ4MvJqMz4w4HEkPDo
UsMqhJE5cLQdklmtptMP2L+k0zSsnR8V1NBLCRCY/qQ+K1dVX+jeSCxZBYGe7cZm
irtsk3B2FACcNc7/TeTMYYwFASTnAccuK+pwrNd9UpudPkizmOvJzGJOJEI8J32A
ZUp6ugr1GS9WeQ==
-----END CERTIFICATE-----