Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          UFUQTdxwLZJ1qHGzIbgh0DxnX9QdcIzADwbsxdbnQVE=
Subject key identifier:   22:B9:DE:70:B5:33:0A:19:2E:BA:25:91:3B:19:E2:BA:9E:6E:10:37
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       019759EEA9968EA2FBE57EF15D9D3A8A71DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          077F
Signing time:             Tue 10 Jun 2025 13:01:42 +0000
Manifest this update:     Tue 10 Jun 2025 13:01:42 +0000
Manifest next update:     Wed 11 Jun 2025 13:01:42 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: Kg8vt4wavx8dnLCXJmRUirxgdoUbTyJ/l7/Zy4JfcwE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ee:a9:96:8e:a2:fb:e5:7e:f1:5d:9d:3a:8a:71:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Jun 10 13:01:42 2025 GMT
            Not After : Jun 11 13:01:42 2025 GMT
        Subject: CN=22b9de70b5330a192eba25913b19e2ba9e6e1037
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ba:e5:1b:ad:c5:d8:c5:d3:53:9e:a9:29:2d:
                    0f:c2:0e:6e:b8:21:2b:6a:c7:07:d0:ac:a6:15:41:
                    22:24:e9:b4:0f:36:48:54:1d:fc:d2:48:b1:a9:c9:
                    b2:4a:70:e2:de:06:e4:e1:a4:30:1b:87:92:9f:e8:
                    f5:5e:d7:bf:38:ee:ee:32:20:55:45:8e:29:e0:f5:
                    97:bf:9c:20:9d:a6:98:58:4a:02:02:c4:7e:d0:db:
                    0e:07:83:76:07:05:2b:df:7c:b5:1a:c0:1c:68:b0:
                    d8:db:c0:7d:ab:ab:4b:db:8b:5b:7e:40:70:17:97:
                    af:69:dc:2f:2b:1e:8b:d4:f1:a9:00:e6:75:dd:7a:
                    d5:0d:01:06:8a:c7:84:d2:44:be:a7:8f:c3:a3:66:
                    8b:8e:7c:48:e5:c7:e1:87:5d:5c:5e:be:07:27:68:
                    94:4d:d2:89:9e:a8:f7:3e:67:2c:f2:b2:81:ba:23:
                    c9:e4:22:ec:fe:ed:43:c2:42:8f:41:ab:38:1b:a3:
                    a9:24:ba:d0:45:ba:cd:c1:2e:40:58:6d:6f:98:c0:
                    1d:f1:13:8f:97:56:d6:da:18:dc:81:f6:8c:4c:43:
                    d3:54:59:93:d9:76:6b:c5:e5:68:fb:c4:cf:06:95:
                    4b:2c:5d:9d:77:8a:39:0a:ff:08:2b:9f:a8:9c:ca:
                    d1:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:B9:DE:70:B5:33:0A:19:2E:BA:25:91:3B:19:E2:BA:9E:6E:10:37
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:57:00:62:34:91:9c:07:f4:08:f6:f3:4f:14:a3:97:c0:75:
         9b:4c:77:1c:50:cb:71:d0:5d:77:9c:9b:43:64:52:3a:05:e4:
         a8:8e:a5:77:9c:5a:98:04:f3:7f:d7:90:b1:b1:ea:73:1a:e4:
         14:e0:b8:c0:4a:cc:c8:65:e2:81:b0:3f:06:a3:f0:18:29:5f:
         f4:df:85:95:fc:74:17:72:15:dd:d7:88:dc:73:b5:45:84:23:
         dc:ad:00:bb:dc:ce:e6:ff:09:b8:0e:7a:00:80:5b:9c:9a:89:
         64:68:c0:61:e5:f3:40:17:92:35:de:c6:2e:65:87:2d:3c:cf:
         aa:bc:fd:03:ca:4b:bc:e5:a3:91:9a:c5:fa:c7:f9:51:18:ad:
         7d:f1:c9:89:d6:51:ea:55:b8:e1:68:28:44:4d:e1:88:b6:74:
         05:1a:5c:30:69:6a:19:e9:94:a2:6e:55:f5:59:39:86:2d:fe:
         79:bc:06:20:32:4c:72:bf:06:f8:14:38:de:ff:2a:72:58:d1:
         ef:eb:31:3e:cd:c1:30:f3:97:01:7c:fb:11:bd:83:35:ce:75:
         8d:d7:8d:6c:61:7d:04:96:87:cd:38:3b:15:4a:e8:11:3b:77:
         e4:3a:81:36:f8:91:8b:3a:cd:4f:80:4d:d3:63:3d:2c:e8:22:
         9a:95:f8:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7qmWjqL75X7xXZ06inHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUwNjEwMTMwMTQyWhcNMjUwNjExMTMwMTQyWjAzMTEwLwYDVQQD
EygyMmI5ZGU3MGI1MzMwYTE5MmViYTI1OTEzYjE5ZTJiYTllNmUxMDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbrlG63F2MXTU56pKS0Pwg5uuCEr
ascH0KymFUEiJOm0DzZIVB380kixqcmySnDi3gbk4aQwG4eSn+j1Xte/OO7uMiBV
RY4p4PWXv5wgnaaYWEoCAsR+0NsOB4N2BwUr33y1GsAcaLDY28B9q6tL24tbfkBw
F5evadwvKx6L1PGpAOZ13XrVDQEGiseE0kS+p4/Do2aLjnxI5cfhh11cXr4HJ2iU
TdKJnqj3Pmcs8rKBuiPJ5CLs/u1DwkKPQas4G6OpJLrQRbrNwS5AWG1vmMAd8ROP
l1bW2hjcgfaMTEPTVFmT2XZrxeVo+8TPBpVLLF2dd4o5Cv8IK5+onMrRnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCK53nC1MwoZLrolkTsZ4rqebhA3MB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUlcAYjSR
nAf0CPbzTxSjl8B1m0x3HFDLcdBdd5ybQ2RSOgXkqI6ld5xamATzf9eQsbHqcxrk
FOC4wErMyGXigbA/BqPwGClf9N+Flfx0F3IV3deI3HO1RYQj3K0Au9zO5v8JuA56
AIBbnJqJZGjAYeXzQBeSNd7GLmWHLTzPqrz9A8pLvOWjkZrF+sf5URitffHJidZR
6lW44WgoRE3hiLZ0BRpcMGlqGemUom5V9Vk5hi3+ebwGIDJMcr8G+BQ43v8qcljR
7+sxPs3BMPOXAXz7Eb2DNc51jdeNbGF9BJaHzTg7FUroETt35DqBNviRizrNT4BN
02M9LOgimpX48Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:20:45 2025 by rpki-client