Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
File:                     hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft (raw, json)
Hash identifier:          u76dvY9HR8yOXteRSiF6aP2h5s36vK+lnXms950L55E=
Subject key identifier:   B8:29:C4:C0:64:9C:2F:69:C7:BC:A7:35:6B:A3:46:47:76:6A:A4:D4
Authority key identifier: 87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F
Certificate issuer:       /CN=8738bf1cc1381678038ef5da67642398e3d9819f
Certificate serial:       0198917EDFA76921EBEBEF1FC62F2DEEEFF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
Manifest number:          0172
Signing time:             Sun 10 Aug 2025 01:01:07 +0000
Manifest this update:     Sun 10 Aug 2025 01:01:07 +0000
Manifest next update:     Mon 11 Aug 2025 01:01:07 +0000
Files and hashes:         1: hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl (hash: QCr3fAUl0U35PyEh0nWOYhrIGB3iqFJu52JxKZHH87k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 18:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:91:7e:df:a7:69:21:eb:eb:ef:1f:c6:2f:2d:ee:ef:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8738bf1cc1381678038ef5da67642398e3d9819f
        Validity
            Not Before: Aug 10 01:01:07 2025 GMT
            Not After : Aug 11 01:01:07 2025 GMT
        Subject: CN=b829c4c0649c2f69c7bca7356ba34647766aa4d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:e4:da:29:ef:3d:2d:70:b9:53:f9:b4:6a:ba:
                    a5:40:fa:26:bc:58:64:81:fb:7d:95:10:fd:8a:08:
                    c0:54:c0:c2:93:83:e2:e2:86:da:a0:9d:70:1f:cc:
                    22:01:8d:53:45:75:2c:3d:7e:0d:35:65:05:00:e7:
                    96:b3:7a:60:98:92:7f:ab:3d:63:39:22:36:3d:ab:
                    16:0c:81:a0:d2:69:00:1a:60:49:ca:09:9c:bc:f2:
                    74:16:80:ed:92:ab:bb:93:d7:29:c5:a9:91:7e:eb:
                    1a:2a:99:e5:22:85:ad:67:2c:07:85:d0:8c:79:7c:
                    49:a4:fa:59:db:71:fd:cc:a1:34:8d:a4:1d:2b:ce:
                    b6:2f:14:9d:3b:e5:71:f4:f9:62:34:2b:22:7c:48:
                    00:f3:fe:bc:f0:5a:f7:6d:a2:99:5e:f2:d8:d1:a3:
                    56:4d:a6:3a:06:0d:6a:bf:7a:ed:98:dd:e0:fb:eb:
                    5d:88:95:cc:b3:e1:71:f3:bd:93:b5:7f:04:64:9a:
                    ea:0d:78:f9:b7:d6:02:ae:cc:ba:e4:c5:e1:ca:8c:
                    2b:5c:e7:75:0a:9e:59:f1:a7:eb:b9:2c:64:34:cf:
                    0a:f8:ed:0d:48:49:45:b6:eb:dd:c0:e8:fe:cd:de:
                    0a:3d:28:49:0a:54:f9:b6:e4:44:51:10:82:25:bf:
                    1c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:29:C4:C0:64:9C:2F:69:C7:BC:A7:35:6B:A3:46:47:76:6A:A4:D4
            X509v3 Authority Key Identifier:
                keyid:87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:76:1f:58:48:5e:f3:6e:55:eb:ab:7f:14:d5:53:a1:a2:e7:
         bf:54:44:f5:04:b4:09:62:13:5a:3d:f1:24:2e:aa:b6:48:fe:
         33:e7:10:3d:32:67:16:21:f3:be:22:07:fe:42:d8:0d:6d:fe:
         10:60:de:04:41:07:d0:1b:b7:9c:11:7b:ac:13:91:fd:9a:d3:
         0e:21:f3:1d:4c:77:89:a6:31:ce:48:75:1d:b1:77:f8:fb:c2:
         6e:4c:3f:d1:19:93:db:c3:9d:a8:e4:0a:02:8b:5b:9d:89:64:
         75:bb:ba:c7:ed:be:a6:06:f2:59:5b:4b:38:4b:21:8a:0a:1a:
         b0:25:24:25:cd:8f:b2:03:34:71:5e:de:9f:61:24:1b:75:af:
         fe:c7:67:9f:8e:7e:4a:8b:bc:22:6b:85:43:b1:1b:b2:5b:53:
         c6:f9:51:ca:f4:f7:7e:b0:67:c5:78:52:0c:c4:68:ab:c5:24:
         7f:f6:a5:aa:de:8c:77:c8:78:c6:6c:84:cb:6e:25:4c:2c:a0:
         29:11:5b:e2:b9:08:a2:cc:72:75:8b:82:f8:10:b9:0e:ea:0c:
         3b:86:5d:72:9c:a9:0c:21:c6:9c:ab:8a:2c:fa:4d:a5:6e:1c:
         e5:52:37:6f:46:a7:dc:b4:0d:1b:5f:b9:c7:d7:a4:0f:58:33:
         82:cf:6d:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiRft+naSHr6+8fxi8t7u/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MzhiZjFjYzEzODE2NzgwMzhlZjVkYTY3NjQyMzk4ZTNk
OTgxOWYwHhcNMjUwODEwMDEwMTA3WhcNMjUwODExMDEwMTA3WjAzMTEwLwYDVQQD
EyhiODI5YzRjMDY0OWMyZjY5YzdiY2E3MzU2YmEzNDY0Nzc2NmFhNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+TaKe89LXC5U/m0arqlQPomvFhk
gft9lRD9igjAVMDCk4Pi4obaoJ1wH8wiAY1TRXUsPX4NNWUFAOeWs3pgmJJ/qz1j
OSI2PasWDIGg0mkAGmBJygmcvPJ0FoDtkqu7k9cpxamRfusaKpnlIoWtZywHhdCM
eXxJpPpZ23H9zKE0jaQdK862LxSdO+Vx9PliNCsifEgA8/688Fr3baKZXvLY0aNW
TaY6Bg1qv3rtmN3g++tdiJXMs+Fx872TtX8EZJrqDXj5t9YCrsy65MXhyowrXOd1
Cp5Z8afruSxkNM8K+O0NSElFtuvdwOj+zd4KPShJClT5tuREURCCJb8ciQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgpxMBknC9px7ynNWujRkd2aqTUMB8GA1UdIwQY
MBaAFIc4vxzBOBZ4A4712mdkI5jj2YGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmIt
NTFmNzNjZDEyNWJmLzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmItNTFmNzNjZDEyNWJm
LzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADXYfWEhe
825V66t/FNVToaLnv1RE9QS0CWITWj3xJC6qtkj+M+cQPTJnFiHzviIH/kLYDW3+
EGDeBEEH0Bu3nBF7rBOR/ZrTDiHzHUx3iaYxzkh1HbF3+PvCbkw/0RmT28OdqOQK
AotbnYlkdbu6x+2+pgbyWVtLOEshigoasCUkJc2PsgM0cV7en2EkG3Wv/sdnn45+
Sou8ImuFQ7EbsltTxvlRyvT3frBnxXhSDMRoq8Ukf/alqt6Md8h4xmyEy24lTCyg
KRFb4rkIosxydYuC+BC5DuoMO4ZdcpypDCHGnKuKLPpNpW4c5VI3b0an3LQNG1+5
x9ekD1gzgs9tBg==
-----END CERTIFICATE-----