Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.mft
File:                     HxUjko2OjlS-Rnl2MxoBIdQqAGc.mft (raw, json)
Hash identifier:          DAFyZwufOQH36DoG6m2Xr6T7V2/D4GccKMfxGcwkFZ4=
Subject key identifier:   89:15:F4:44:F9:3B:36:84:05:51:DF:6C:3A:B0:74:A6:5B:6E:95:50
Authority key identifier: 1F:15:23:92:8D:8E:8E:54:BE:46:79:76:33:1A:01:21:D4:2A:00:67
Certificate issuer:       /CN=1f1523928d8e8e54be467976331a0121d42a0067
Certificate serial:       019683911882CB41A589E9BFA742A69A0C2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HxUjko2OjlS-Rnl2MxoBIdQqAGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.mft
Manifest number:          1514
Signing time:             Tue 29 Apr 2025 22:00:46 +0000
Manifest this update:     Tue 29 Apr 2025 22:00:46 +0000
Manifest next update:     Wed 30 Apr 2025 22:00:46 +0000
Files and hashes:         1: HxUjko2OjlS-Rnl2MxoBIdQqAGc.crl (hash: KBKKwb+8tS0pQBwgFiTaZxNqmPHQv9//GOy9XUCwFBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HxUjko2OjlS-Rnl2MxoBIdQqAGc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 22:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:91:18:82:cb:41:a5:89:e9:bf:a7:42:a6:9a:0c:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f1523928d8e8e54be467976331a0121d42a0067
        Validity
            Not Before: Apr 29 22:00:46 2025 GMT
            Not After : Apr 30 22:00:46 2025 GMT
        Subject: CN=8915f444f93b36840551df6c3ab074a65b6e9550
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:dd:59:2e:b8:32:e6:32:c9:99:8e:6f:53:70:
                    4b:eb:15:58:8b:a6:ee:ba:fd:ee:49:1a:a4:23:8d:
                    e5:b4:3e:2f:00:39:4d:28:54:a4:6f:65:ba:0d:f7:
                    33:f1:a1:e2:01:51:34:5e:b2:3c:89:19:41:48:81:
                    97:83:88:4c:1b:ce:49:28:99:b9:7a:c2:7c:2d:28:
                    bf:3a:65:c7:49:5f:05:2d:fa:11:11:5e:f3:7f:0a:
                    f6:c7:74:2f:31:ce:41:40:01:cf:30:ef:60:e9:71:
                    46:6d:67:8b:21:83:08:18:5b:3c:f6:aa:c1:f3:ff:
                    a4:aa:52:2f:fe:b2:27:31:f2:b0:7d:a2:7b:70:28:
                    d9:00:4b:61:c1:13:b2:50:bd:db:94:f5:00:8b:06:
                    68:fb:5b:25:b3:cb:3a:df:19:61:ea:d7:33:28:dd:
                    90:83:6d:03:c3:18:27:30:99:38:95:49:af:ac:07:
                    67:e4:f2:b5:05:8f:a8:59:d7:e8:3e:57:55:70:32:
                    66:6b:a3:d4:27:3f:d5:76:b3:33:db:1d:e2:a4:b9:
                    96:fa:1b:48:bd:92:1c:6e:eb:b9:41:ec:9d:d6:43:
                    e6:92:d8:1e:09:b7:03:2e:85:a1:76:46:62:63:d7:
                    18:61:3b:b2:fd:80:a4:d6:d9:0e:dc:f2:8e:8c:f1:
                    65:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:15:F4:44:F9:3B:36:84:05:51:DF:6C:3A:B0:74:A6:5B:6E:95:50
            X509v3 Authority Key Identifier:
                keyid:1F:15:23:92:8D:8E:8E:54:BE:46:79:76:33:1A:01:21:D4:2A:00:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HxUjko2OjlS-Rnl2MxoBIdQqAGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:19:55:4e:34:32:92:82:85:33:75:f3:64:bc:6d:26:b9:44:
         d0:8b:a1:6b:5d:4b:26:b0:64:c5:ea:b3:88:5b:c7:15:62:d5:
         8a:69:23:7c:43:ff:52:51:af:cb:47:77:0f:65:5a:cf:65:9c:
         e9:0e:d1:10:d6:1c:32:f4:80:ef:bc:5a:b3:e1:16:a6:b9:45:
         57:9d:b7:0a:7f:47:79:c5:25:07:41:21:de:d5:0f:4b:f0:34:
         b2:21:4f:4c:0a:66:63:a3:07:af:7b:a3:53:d4:42:54:6a:a6:
         6b:f1:dd:ca:ff:ec:55:4d:eb:3c:45:7f:e3:46:82:19:3a:15:
         78:06:2f:15:6f:6d:f6:8d:a1:86:6a:33:8d:39:77:0d:15:51:
         bc:21:49:b5:aa:48:88:08:92:42:36:42:73:70:db:91:8d:a7:
         11:24:9c:a1:f4:e6:61:a3:36:e4:b4:0c:92:3f:20:1e:fb:39:
         ec:c2:15:a2:a3:13:66:cd:c8:0d:28:a0:8d:7c:0d:0a:ff:73:
         e8:fa:df:55:9f:24:97:2e:84:57:c7:1c:9c:d3:25:ef:eb:76:
         bb:9b:de:c5:83:5d:82:1e:35:48:0b:14:df:4b:db:e3:60:99:
         78:21:58:61:70:ad:29:7b:6a:ed:8a:bf:dd:ed:ba:4a:bd:88:
         b3:47:7b:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkRiCy0Gliem/p0KmmgwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMTUyMzkyOGQ4ZThlNTRiZTQ2Nzk3NjMzMWEwMTIxZDQy
YTAwNjcwHhcNMjUwNDI5MjIwMDQ2WhcNMjUwNDMwMjIwMDQ2WjAzMTEwLwYDVQQD
Eyg4OTE1ZjQ0NGY5M2IzNjg0MDU1MWRmNmMzYWIwNzRhNjViNmU5NTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN1ZLrgy5jLJmY5vU3BL6xVYi6bu
uv3uSRqkI43ltD4vADlNKFSkb2W6Dfcz8aHiAVE0XrI8iRlBSIGXg4hMG85JKJm5
esJ8LSi/OmXHSV8FLfoREV7zfwr2x3QvMc5BQAHPMO9g6XFGbWeLIYMIGFs89qrB
8/+kqlIv/rInMfKwfaJ7cCjZAEthwROyUL3blPUAiwZo+1sls8s63xlh6tczKN2Q
g20DwxgnMJk4lUmvrAdn5PK1BY+oWdfoPldVcDJma6PUJz/VdrMz2x3ipLmW+htI
vZIcbuu5Qeyd1kPmktgeCbcDLoWhdkZiY9cYYTuy/YCk1tkO3PKOjPFlDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIkV9ET5OzaEBVHfbDqwdKZbbpVQMB8GA1UdIwQY
MBaAFB8VI5KNjo5UvkZ5djMaASHUKgBnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHhVamtvMk9qbFMtUm5sMk14b0JJZFFxQUdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8xODk1MWItYTY1NC00NGI1LWJhNmIt
ODk5ZjlmYmViYjE5LzEvSHhVamtvMk9qbFMtUm5sMk14b0JJZFFxQUdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8xODk1MWItYTY1NC00NGI1LWJhNmItODk5ZjlmYmViYjE5
LzEvSHhVamtvMk9qbFMtUm5sMk14b0JJZFFxQUdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQhlVTjQy
koKFM3XzZLxtJrlE0Iuha11LJrBkxeqziFvHFWLVimkjfEP/UlGvy0d3D2Vaz2Wc
6Q7RENYcMvSA77xas+EWprlFV523Cn9HecUlB0Eh3tUPS/A0siFPTApmY6MHr3uj
U9RCVGqma/Hdyv/sVU3rPEV/40aCGToVeAYvFW9t9o2hhmozjTl3DRVRvCFJtapI
iAiSQjZCc3DbkY2nESScofTmYaM25LQMkj8gHvs57MIVoqMTZs3IDSigjXwNCv9z
6PrfVZ8kly6EV8ccnNMl7+t2u5vexYNdgh41SAsU30vb42CZeCFYYXCtKXtq7Yq/
3e26Sr2Is0d7aA==
-----END CERTIFICATE-----