Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
File:                     HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft (raw, json)
Hash identifier:          vO7z/tyjIWRVGDnAQ6YlK3RQ7o8/2sKBFiakWodBxNo=
Subject key identifier:   80:F5:A5:F1:5D:C5:3A:33:3D:00:1D:FB:0B:BF:D6:EC:90:47:D8:CF
Authority key identifier: 1F:3B:F2:37:56:C6:E7:D6:4D:68:22:F5:97:B1:D5:80:49:BD:48:F1
Certificate issuer:       /CN=1f3bf23756c6e7d64d6822f597b1d58049bd48f1
Certificate serial:       019922C3159545BF542CCE722FDBEC0D498E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
Manifest number:          02BC
Signing time:             Sun 07 Sep 2025 06:00:34 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:34 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:34 +0000
Files and hashes:         1: HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl (hash: SyehfTVwPjdf1v1ah9xMVyen10TdrBzmVDzM04XjUEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:15:95:45:bf:54:2c:ce:72:2f:db:ec:0d:49:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3bf23756c6e7d64d6822f597b1d58049bd48f1
        Validity
            Not Before: Sep  7 06:00:34 2025 GMT
            Not After : Sep  8 06:00:34 2025 GMT
        Subject: CN=80f5a5f15dc53a333d001dfb0bbfd6ec9047d8cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e8:30:ff:57:8b:11:00:4d:0f:c9:38:ba:ba:
                    cb:0b:5f:93:b0:de:a6:56:cc:db:ad:3d:12:6a:62:
                    84:79:74:da:72:c5:5a:9a:51:87:59:59:00:81:f8:
                    bc:2b:a6:09:23:dc:be:32:4c:1f:be:80:68:5a:9d:
                    8d:64:6a:da:c1:9d:9a:e7:dc:e2:6a:7b:2d:b2:90:
                    31:44:3c:52:78:50:36:8c:51:3f:88:91:30:39:e2:
                    73:fe:3f:86:84:64:4a:65:d6:04:28:67:01:49:8d:
                    6e:1d:f2:c0:f4:79:aa:e6:e4:a5:af:fb:07:46:24:
                    0b:b5:2f:4d:84:cc:7d:b7:f0:44:43:e8:6b:f3:f3:
                    ee:4b:89:0d:bd:36:90:11:15:53:03:fc:fb:a3:32:
                    78:2f:6c:0a:51:c0:5a:67:64:f9:c8:33:e0:b2:58:
                    ba:5b:8f:d0:6e:b6:c0:ba:bd:cf:01:a8:d0:1e:0a:
                    1b:89:43:a8:fe:41:4b:bf:eb:fb:6a:21:d9:d6:6a:
                    86:dc:27:e5:aa:a4:1e:3c:dd:d2:85:39:81:76:6e:
                    fc:52:13:ed:81:31:a1:3f:85:1c:e6:6a:62:b5:a6:
                    7f:8f:9c:50:9e:c4:15:e3:16:04:df:b4:5e:b8:22:
                    2b:9b:4e:e3:7e:a8:17:57:f5:ce:df:a3:6a:28:c7:
                    b5:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:F5:A5:F1:5D:C5:3A:33:3D:00:1D:FB:0B:BF:D6:EC:90:47:D8:CF
            X509v3 Authority Key Identifier:
                keyid:1F:3B:F2:37:56:C6:E7:D6:4D:68:22:F5:97:B1:D5:80:49:BD:48:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:0a:86:6f:b2:c6:e9:81:21:dd:14:b9:a7:96:21:64:6a:5a:
         8e:e4:b9:90:30:3d:8b:ea:69:ca:15:da:6d:88:8f:5b:df:e6:
         6a:85:f9:a8:2c:6d:04:1e:ef:66:2b:58:f3:4d:75:fe:61:ba:
         a3:1c:d5:76:ac:79:ed:bb:e1:02:b9:5c:a7:d5:0e:6f:67:0a:
         a0:b4:4b:ea:80:7d:f0:44:a5:ac:55:76:60:b1:d5:e3:ad:45:
         e9:e4:c3:98:13:80:a0:f7:ce:70:3f:48:40:92:63:d0:42:50:
         91:f1:2a:0f:5c:c9:7e:9a:aa:81:59:93:58:73:1c:cb:cd:82:
         b4:44:42:ee:3d:a0:f0:06:6a:fe:d3:2c:7d:45:68:18:72:a4:
         a8:da:6e:55:3c:b9:54:0a:6f:a7:9b:39:c3:5e:2d:db:3a:03:
         5f:4c:3b:8b:fb:f0:95:cc:ec:5e:9c:53:04:c0:94:7a:45:82:
         57:4a:4d:5b:1c:84:08:ed:0b:c6:9b:41:29:33:dd:86:1c:82:
         81:0f:25:42:a2:67:17:e9:11:50:74:96:a0:1b:b8:c8:9b:c8:
         e6:0b:0a:2d:74:8b:ee:b2:ec:f3:a0:6e:b0:1d:2a:e2:6e:7c:
         81:ca:93:12:75:bf:12:8b:8d:e3:7a:39:92:38:ee:7f:ac:b6:
         3c:3a:42:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwxWVRb9ULM5yL9vsDUmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2JmMjM3NTZjNmU3ZDY0ZDY4MjJmNTk3YjFkNTgwNDli
ZDQ4ZjEwHhcNMjUwOTA3MDYwMDM0WhcNMjUwOTA4MDYwMDM0WjAzMTEwLwYDVQQD
Eyg4MGY1YTVmMTVkYzUzYTMzM2QwMDFkZmIwYmJmZDZlYzkwNDdkOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmegw/1eLEQBND8k4urrLC1+TsN6m
VszbrT0SamKEeXTacsVamlGHWVkAgfi8K6YJI9y+MkwfvoBoWp2NZGrawZ2a59zi
anstspAxRDxSeFA2jFE/iJEwOeJz/j+GhGRKZdYEKGcBSY1uHfLA9Hmq5uSlr/sH
RiQLtS9NhMx9t/BEQ+hr8/PuS4kNvTaQERVTA/z7ozJ4L2wKUcBaZ2T5yDPgsli6
W4/QbrbAur3PAajQHgobiUOo/kFLv+v7aiHZ1mqG3CflqqQePN3ShTmBdm78UhPt
gTGhP4Uc5mpitaZ/j5xQnsQV4xYE37ReuCIrm07jfqgXV/XO36NqKMe1CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFID1pfFdxTozPQAd+wu/1uyQR9jPMB8GA1UdIwQY
MBaAFB878jdWxufWTWgi9Zex1YBJvUjxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kMWJjZTItZjZkOC00OGFhLTk2MzIt
NDNkYzJkYmNhYjc3LzEvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9kMWJjZTItZjZkOC00OGFhLTk2MzItNDNkYzJkYmNhYjc3
LzEvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANgqGb7LG
6YEh3RS5p5YhZGpajuS5kDA9i+ppyhXabYiPW9/maoX5qCxtBB7vZitY8011/mG6
oxzVdqx57bvhArlcp9UOb2cKoLRL6oB98ESlrFV2YLHV461F6eTDmBOAoPfOcD9I
QJJj0EJQkfEqD1zJfpqqgVmTWHMcy82CtERC7j2g8AZq/tMsfUVoGHKkqNpuVTy5
VApvp5s5w14t2zoDX0w7i/vwlczsXpxTBMCUekWCV0pNWxyECO0LxptBKTPdhhyC
gQ8lQqJnF+kRUHSWoBu4yJvI5gsKLXSL7rLs86BusB0q4m58gcqTEnW/EouN43o5
kjjuf6y2PDpCSw==
-----END CERTIFICATE-----