Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
File:                     HzkK-DPX1CaQQsJJvPSWSFcglbY.mft (raw, json)
Hash identifier:          czScFg5P0FyUq7d/1PXr+JZ6EhAdlaUlU+vfqFbvpJk=
Subject key identifier:   DE:0A:9B:B3:A0:77:00:27:FA:67:CF:07:99:DA:66:13:0D:16:0B:68
Authority key identifier: 1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6
Certificate issuer:       /CN=1f390af833d7d4269042c249bcf49648572095b6
Certificate serial:       019510C6EA8FFE67E9004AC88DA1CB373675
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
Manifest number:          0EF5
Signing time:             Sun 16 Feb 2025 22:00:26 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:26 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:26 +0000
Files and hashes:         1: HzkK-DPX1CaQQsJJvPSWSFcglbY.crl (hash: jG5J5oybdmgaADMT2PXOIj8bAHITX8mzTfRQITUPTFw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:ea:8f:fe:67:e9:00:4a:c8:8d:a1:cb:37:36:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f390af833d7d4269042c249bcf49648572095b6
        Validity
            Not Before: Feb 16 22:00:26 2025 GMT
            Not After : Feb 17 22:00:26 2025 GMT
        Subject: CN=de0a9bb3a0770027fa67cf0799da66130d160b68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:cb:c1:03:bc:65:09:8f:fd:e3:93:12:35:8c:
                    59:92:7d:35:bf:b8:98:61:f0:cb:f1:23:6a:15:4f:
                    a7:af:20:ef:73:ae:45:6c:1e:fd:f4:4e:2e:d3:fb:
                    1a:ed:0d:8c:cf:fc:a7:de:8e:ca:68:ef:f5:37:00:
                    d3:c4:92:05:08:c8:fb:23:c3:6b:d9:75:93:ba:3f:
                    1c:4b:be:fd:57:fc:45:60:ac:91:4f:d2:6e:85:69:
                    01:ce:63:ed:5e:ed:f1:53:37:1c:41:06:e9:3a:ee:
                    07:56:9e:44:f0:32:87:94:c6:e2:64:41:57:24:e4:
                    be:1f:0e:e8:59:6e:bb:55:d7:41:81:1f:6e:c0:c7:
                    df:fd:94:2f:55:ec:7d:61:74:9b:9a:89:d7:19:5b:
                    b9:99:66:0c:de:3e:8e:4f:5f:36:62:3e:78:50:ce:
                    f0:0c:10:9f:bb:65:6f:68:bc:1d:b2:d5:81:20:93:
                    ea:9d:bc:51:d2:8b:52:53:b1:c1:63:d8:70:c5:83:
                    11:e4:58:f1:07:19:5d:15:4d:17:99:ec:24:92:9e:
                    e4:53:a6:b1:d4:64:e9:7b:27:84:5f:03:4c:8f:1b:
                    9e:8c:4d:b7:ee:12:50:cd:7f:c2:64:9f:ea:ee:c8:
                    f2:c0:ac:ce:12:17:9a:6a:36:c1:88:2f:a8:08:56:
                    80:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:0A:9B:B3:A0:77:00:27:FA:67:CF:07:99:DA:66:13:0D:16:0B:68
            X509v3 Authority Key Identifier:
                keyid:1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:0a:b7:5a:87:49:fe:ed:b4:12:74:e8:f3:fd:75:52:24:06:
         9f:c6:f9:d3:3b:f8:e3:c0:a6:1f:d7:cc:8a:b1:b7:8e:4b:93:
         fa:92:6e:cc:ff:b0:30:38:87:c1:78:68:37:fd:bb:20:35:56:
         91:da:88:15:e7:d0:35:3e:19:00:83:b2:b4:75:19:2e:00:cf:
         3d:da:52:6c:69:16:24:48:2e:0d:2e:11:de:de:0b:7f:65:65:
         a6:78:25:60:b7:1a:91:b3:c0:eb:7a:43:f6:16:00:e4:15:a7:
         dc:45:12:17:79:b6:91:60:8f:c5:9a:85:8d:5a:3d:a5:af:e8:
         51:e9:33:09:f6:84:37:7e:80:de:e2:c9:a2:d3:bc:6c:50:92:
         91:60:89:79:cf:0e:71:47:bf:61:96:75:27:a4:a3:d0:5c:cc:
         94:b8:4d:81:11:36:88:c3:75:d0:51:d5:69:75:f1:04:79:87:
         79:d0:0e:1a:b5:d2:f3:0a:fd:74:5b:2c:fe:c6:ad:3b:8b:7e:
         42:10:f7:32:6e:06:24:d0:70:7b:78:1e:03:5f:6c:63:94:2d:
         74:d0:51:61:37:f7:b0:65:89:ec:52:f3:ff:39:3d:76:43:c5:
         d0:2a:0d:d7:8e:69:2c:24:db:d6:46:fd:33:c3:6d:64:91:5c:
         1e:e3:b4:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxuqP/mfpAErIjaHLNzZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzkwYWY4MzNkN2Q0MjY5MDQyYzI0OWJjZjQ5NjQ4NTcy
MDk1YjYwHhcNMjUwMjE2MjIwMDI2WhcNMjUwMjE3MjIwMDI2WjAzMTEwLwYDVQQD
EyhkZTBhOWJiM2EwNzcwMDI3ZmE2N2NmMDc5OWRhNjYxMzBkMTYwYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8vBA7xlCY/945MSNYxZkn01v7iY
YfDL8SNqFU+nryDvc65FbB799E4u0/sa7Q2Mz/yn3o7KaO/1NwDTxJIFCMj7I8Nr
2XWTuj8cS779V/xFYKyRT9JuhWkBzmPtXu3xUzccQQbpOu4HVp5E8DKHlMbiZEFX
JOS+Hw7oWW67VddBgR9uwMff/ZQvVex9YXSbmonXGVu5mWYM3j6OT182Yj54UM7w
DBCfu2VvaLwdstWBIJPqnbxR0otSU7HBY9hwxYMR5FjxBxldFU0Xmewkkp7kU6ax
1GTpeyeEXwNMjxuejE237hJQzX/CZJ/q7sjywKzOEheaajbBiC+oCFaAXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4Km7OgdwAn+mfPB5naZhMNFgtoMB8GA1UdIwQY
MBaAFB85Cvgz19QmkELCSbz0lkhXIJW2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEt
ZDc1ODM3MmNmOGYwLzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEtZDc1ODM3MmNmOGYw
LzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVAq3WodJ
/u20EnTo8/11UiQGn8b50zv448CmH9fMirG3jkuT+pJuzP+wMDiHwXhoN/27IDVW
kdqIFefQNT4ZAIOytHUZLgDPPdpSbGkWJEguDS4R3t4Lf2VlpnglYLcakbPA63pD
9hYA5BWn3EUSF3m2kWCPxZqFjVo9pa/oUekzCfaEN36A3uLJotO8bFCSkWCJec8O
cUe/YZZ1J6Sj0FzMlLhNgRE2iMN10FHVaXXxBHmHedAOGrXS8wr9dFss/satO4t+
QhD3Mm4GJNBwe3geA19sY5QtdNBRYTf3sGWJ7FLz/zk9dkPF0CoN145pLCTb1kb9
M8NtZJFcHuO0bg==
-----END CERTIFICATE-----