Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          mcXurQQvO9aU1gXwuC2Nv63t4auxlq7dzN6255oazzs=
Subject key identifier:   99:D2:48:83:BF:00:68:F3:92:05:26:0F:7A:BE:93:9D:5A:C7:AD:3B
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       01967B324F277D7CE65F02D97C7380F9B6C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          1510
Signing time:             Mon 28 Apr 2025 07:00:16 +0000
Manifest this update:     Mon 28 Apr 2025 07:00:16 +0000
Manifest next update:     Tue 29 Apr 2025 07:00:16 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: y1gpH5j975hREMnBXZMNRQXBF1vtyYwEqmRsdzmm5zA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 07:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:32:4f:27:7d:7c:e6:5f:02:d9:7c:73:80:f9:b6:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Apr 28 07:00:16 2025 GMT
            Not After : Apr 29 07:00:16 2025 GMT
        Subject: CN=99d24883bf0068f39205260f7abe939d5ac7ad3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:1b:f6:8b:46:93:68:13:c6:bc:b2:ff:0c:32:
                    a1:50:f1:d2:9e:e7:30:36:79:0f:33:fb:bc:b6:4f:
                    6f:d7:f5:2c:bb:bc:67:7b:f3:5a:06:f2:9f:7e:4f:
                    b0:b6:41:04:69:42:4f:1e:81:42:0d:9d:6c:7d:7d:
                    21:70:9b:60:30:fa:be:e0:96:2f:95:88:76:bd:13:
                    38:23:4e:0e:b3:46:57:7d:34:74:f8:06:3d:64:39:
                    2a:07:dc:f1:e8:94:62:aa:59:50:c7:33:d6:30:45:
                    16:01:2a:c0:96:d9:af:8b:85:3a:ae:a7:21:18:7d:
                    26:0b:0e:2c:1b:9b:8c:0e:c8:27:ef:0f:ba:98:eb:
                    b5:a2:cb:e9:55:ca:c2:86:98:8c:21:91:c1:b8:7d:
                    3c:8f:d2:06:a6:0e:9c:b7:01:52:53:5e:b0:ac:07:
                    84:e2:69:e4:13:8b:a5:8a:f5:0b:7e:2d:38:d1:66:
                    c9:7b:d0:b4:ad:7c:ab:86:d7:70:e6:6a:83:8f:21:
                    1f:43:09:13:18:00:e3:ff:d1:6b:20:05:c6:86:b0:
                    ff:31:11:e6:3f:10:81:92:dc:f6:1f:39:41:62:a4:
                    b9:88:f4:35:4b:a7:6e:4a:de:3c:c9:29:d1:53:e7:
                    04:2d:44:ab:28:c2:9e:bf:90:13:3c:8f:1c:22:db:
                    df:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:D2:48:83:BF:00:68:F3:92:05:26:0F:7A:BE:93:9D:5A:C7:AD:3B
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:57:94:81:ff:2f:94:5e:1e:05:17:e3:44:aa:e6:48:ab:ed:
         a1:25:5b:92:8c:4e:e8:76:6c:0c:1c:06:82:43:81:c8:1a:9a:
         f6:68:df:97:9a:2d:65:d3:ef:54:a4:cd:7d:5b:82:a7:53:20:
         52:9c:94:be:30:bb:8a:a9:c0:a8:92:a5:3a:09:bd:80:fb:67:
         7c:23:59:bc:6b:53:cb:32:9e:fd:37:5d:40:61:ab:36:15:e6:
         85:0a:05:55:35:2e:b1:c5:ec:b5:cf:00:b6:bf:d8:ea:18:cc:
         0a:df:e1:3a:7a:42:f0:4f:3f:21:e1:49:62:40:54:fb:46:47:
         93:b7:bc:3c:56:c0:48:e7:13:78:1e:e5:55:4a:7f:36:93:82:
         32:61:2d:02:6e:10:35:29:98:da:ae:c5:68:ae:f3:07:00:fd:
         99:dd:ba:46:70:22:ec:af:59:d6:03:d7:26:ee:f9:22:c0:10:
         66:0e:8a:f8:66:bd:f2:66:f6:f4:67:6d:f4:0b:ca:61:64:0a:
         14:06:39:58:1d:a8:8e:eb:6f:15:21:99:4a:23:7b:6a:3c:8b:
         d6:43:5e:a1:2f:0f:87:f2:40:21:ee:86:17:62:6c:47:e2:81:
         43:12:89:cd:ba:40:da:7f:f5:28:80:56:6a:d8:cc:6d:54:78:
         57:e2:94:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ7Mk8nfXzmXwLZfHOA+bbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjUwNDI4MDcwMDE2WhcNMjUwNDI5MDcwMDE2WjAzMTEwLwYDVQQD
Eyg5OWQyNDg4M2JmMDA2OGYzOTIwNTI2MGY3YWJlOTM5ZDVhYzdhZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxv2i0aTaBPGvLL/DDKhUPHSnucw
NnkPM/u8tk9v1/Usu7xne/NaBvKffk+wtkEEaUJPHoFCDZ1sfX0hcJtgMPq+4JYv
lYh2vRM4I04Os0ZXfTR0+AY9ZDkqB9zx6JRiqllQxzPWMEUWASrAltmvi4U6rqch
GH0mCw4sG5uMDsgn7w+6mOu1osvpVcrChpiMIZHBuH08j9IGpg6ctwFSU16wrAeE
4mnkE4ulivULfi040WbJe9C0rXyrhtdw5mqDjyEfQwkTGADj/9FrIAXGhrD/MRHm
PxCBktz2HzlBYqS5iPQ1S6duSt48ySnRU+cELUSrKMKev5ATPI8cItvfywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnSSIO/AGjzkgUmD3q+k51ax607MB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJleUgf8v
lF4eBRfjRKrmSKvtoSVbkoxO6HZsDBwGgkOByBqa9mjfl5otZdPvVKTNfVuCp1Mg
UpyUvjC7iqnAqJKlOgm9gPtnfCNZvGtTyzKe/TddQGGrNhXmhQoFVTUuscXstc8A
tr/Y6hjMCt/hOnpC8E8/IeFJYkBU+0ZHk7e8PFbASOcTeB7lVUp/NpOCMmEtAm4Q
NSmY2q7FaK7zBwD9md26RnAi7K9Z1gPXJu75IsAQZg6K+Ga98mb29Gdt9AvKYWQK
FAY5WB2ojutvFSGZSiN7ajyL1kNeoS8Ph/JAIe6GF2JsR+KBQxKJzbpA2n/1KIBW
atjMbVR4V+KUaA==
-----END CERTIFICATE-----