Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
File:                     HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json)
Hash identifier:          FN/QHfvzqSSSRU+TKMhcb1sprlN8vY/P9SyQbWlZ9ps=
Subject key identifier:   F3:68:67:DC:43:C0:F3:D6:79:ED:3D:B2:2D:A3:38:76:D1:86:AF:FC
Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
Certificate issuer:       /CN=1c1c754b7a5b541892540d24ab98d31537974574
Certificate serial:       01964C34CF74070E3D6078606CA0AE391D05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
Manifest number:          14FA
Signing time:             Sat 19 Apr 2025 04:00:51 +0000
Manifest this update:     Sat 19 Apr 2025 04:00:51 +0000
Manifest next update:     Sun 20 Apr 2025 04:00:51 +0000
Files and hashes:         1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: 0VyqvwMGt8SMH4MMwTeNy5B1SFTrMUvrelpwJ86ZX0I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:34:cf:74:07:0e:3d:60:78:60:6c:a0:ae:39:1d:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574
        Validity
            Not Before: Apr 19 04:00:51 2025 GMT
            Not After : Apr 20 04:00:51 2025 GMT
        Subject: CN=f36867dc43c0f3d679ed3db22da33876d186affc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:4c:59:9b:21:b2:ca:df:c8:ab:37:87:5a:a8:
                    f1:4a:8e:19:7c:2d:94:80:97:7a:8f:76:e3:0e:71:
                    97:d8:9f:3f:82:c0:89:e0:b9:ae:73:b1:43:e8:8b:
                    63:6f:20:51:99:f0:fb:5c:c4:e0:46:b4:9d:f9:06:
                    ce:ea:fc:e8:ab:a7:2c:4e:b8:8d:ff:30:80:10:7b:
                    33:46:6e:8f:35:4d:0d:b8:ed:38:2f:6f:52:86:24:
                    87:7e:d6:d7:9f:19:3e:e9:fb:31:6a:d4:cf:6a:6a:
                    d3:c4:2b:9d:0d:f8:7b:e3:6a:4e:db:16:8b:aa:7c:
                    db:94:c3:c9:3c:32:47:bb:a3:a4:ae:91:b0:59:4d:
                    94:2c:8c:e2:af:8f:eb:1d:00:3c:0e:56:6c:20:7e:
                    f6:de:e3:0b:ab:1b:9f:29:20:be:90:76:f7:4a:8f:
                    3a:25:05:b3:ee:04:29:34:0a:cd:65:e4:d6:9c:e8:
                    d6:eb:15:bb:d9:65:c2:a6:81:6d:e8:27:ca:92:fe:
                    44:3c:e2:1a:00:da:19:a9:13:77:53:1d:7a:d8:9b:
                    4d:4d:5f:21:89:70:da:bc:42:95:dc:d3:94:6a:6a:
                    32:27:f3:89:8b:a7:88:13:4e:71:96:c9:c7:72:38:
                    31:c1:2f:79:1e:f2:d7:f4:11:12:a5:31:05:19:e2:
                    19:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:68:67:DC:43:C0:F3:D6:79:ED:3D:B2:2D:A3:38:76:D1:86:AF:FC
            X509v3 Authority Key Identifier:
                keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:c8:34:21:cc:c2:94:d2:8d:d3:64:75:dc:38:8a:bb:f2:f0:
         25:45:81:21:15:ee:12:42:64:15:58:73:9a:9a:a1:bc:9f:e0:
         10:eb:85:b4:ab:d6:10:1f:8c:ca:43:f3:ba:02:b0:7a:a9:c0:
         e7:61:39:c0:2c:64:2b:89:83:e5:20:3e:92:61:1a:2b:79:fa:
         47:4b:97:59:c7:f8:a8:4a:02:28:34:89:f5:1f:ab:1e:2a:e4:
         67:4f:73:38:fc:e9:a5:13:e6:04:d3:1f:81:7d:ac:d7:75:c9:
         de:91:a3:ef:a4:4e:b1:3a:ca:62:8f:bb:c7:1b:4b:70:10:29:
         bb:1c:77:1a:80:2c:3a:13:ed:5f:d0:81:a5:94:0c:22:a8:61:
         a1:19:79:59:d2:e9:fa:ce:50:22:de:fa:b9:9c:d1:be:ee:95:
         a0:47:24:2e:34:6d:0a:2f:af:cd:9d:ef:15:be:aa:c9:81:26:
         46:ff:54:69:ab:82:68:18:bd:fd:3a:03:fc:5e:53:a0:0f:84:
         48:aa:9b:55:cc:49:34:c9:14:9d:22:1b:e6:e5:69:00:8c:27:
         99:b2:b9:55:cc:e7:d5:c5:16:1f:e3:3f:f1:d3:8d:14:bb:42:
         f7:2f:94:95:43:18:d0:4f:c5:80:4c:41:6e:1d:45:7e:21:52:
         77:71:f6:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMNM90Bw49YHhgbKCuOR0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5
NzQ1NzQwHhcNMjUwNDE5MDQwMDUxWhcNMjUwNDIwMDQwMDUxWjAzMTEwLwYDVQQD
EyhmMzY4NjdkYzQzYzBmM2Q2NzllZDNkYjIyZGEzMzg3NmQxODZhZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UxZmyGyyt/IqzeHWqjxSo4ZfC2U
gJd6j3bjDnGX2J8/gsCJ4Lmuc7FD6ItjbyBRmfD7XMTgRrSd+QbO6vzoq6csTriN
/zCAEHszRm6PNU0NuO04L29ShiSHftbXnxk+6fsxatTPamrTxCudDfh742pO2xaL
qnzblMPJPDJHu6OkrpGwWU2ULIzir4/rHQA8DlZsIH723uMLqxufKSC+kHb3So86
JQWz7gQpNArNZeTWnOjW6xW72WXCpoFt6CfKkv5EPOIaANoZqRN3Ux162JtNTV8h
iXDavEKV3NOUamoyJ/OJi6eIE05xlsnHcjgxwS95HvLX9BESpTEFGeIZIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNoZ9xDwPPWee09si2jOHbRhq/8MB8GA1UdIwQY
MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt
YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3
LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYMg0IczC
lNKN02R13DiKu/LwJUWBIRXuEkJkFVhzmpqhvJ/gEOuFtKvWEB+MykPzugKweqnA
52E5wCxkK4mD5SA+kmEaK3n6R0uXWcf4qEoCKDSJ9R+rHirkZ09zOPzppRPmBNMf
gX2s13XJ3pGj76ROsTrKYo+7xxtLcBApuxx3GoAsOhPtX9CBpZQMIqhhoRl5WdLp
+s5QIt76uZzRvu6VoEckLjRtCi+vzZ3vFb6qyYEmRv9UaauCaBi9/ToD/F5ToA+E
SKqbVcxJNMkUnSIb5uVpAIwnmbK5Vczn1cUWH+M/8dONFLtC9y+UlUMY0E/FgExB
bh1FfiFSd3H28Q==
-----END CERTIFICATE-----