Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          t4mA04SUY8Q6qzjSTjm3yWEuC/h54ZBQZrli2zsrQKE=
Subject key identifier:   49:43:E7:B5:0C:6E:A5:DE:C9:7C:05:1B:48:8F:21:94:C5:25:9D:07
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       0196760CFD6646D0D88A5DA288746B83AB2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 07:01:24 +0000
Manifest this update:     Sun 27 Apr 2025 07:01:24 +0000
Manifest next update:     Mon 28 Apr 2025 07:01:24 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: ZP/evmPC3lwZfTdw3zJgKIc12Dur/GmBEwvTXFDbs0Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:fd:66:46:d0:d8:8a:5d:a2:88:74:6b:83:ab:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Apr 27 07:01:24 2025 GMT
            Not After : Apr 28 07:01:24 2025 GMT
        Subject: CN=4943e7b50c6ea5dec97c051b488f2194c5259d07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:14:24:8e:ce:ac:a4:1b:f8:48:d0:ce:c4:40:
                    aa:5e:d3:74:09:18:8e:2e:65:76:ca:96:b3:90:86:
                    1f:75:e3:d2:91:ca:b7:c4:f5:17:5a:39:4a:7c:4f:
                    67:f5:a4:d6:2c:e7:3f:f1:5b:1a:03:22:81:78:4c:
                    f1:da:2f:35:d0:19:05:a9:57:4c:8a:26:65:5a:b5:
                    fc:ee:3f:51:d6:07:04:cb:df:c3:a3:19:d8:28:16:
                    bc:d3:28:94:ae:c4:26:55:63:7d:da:1c:58:02:f6:
                    37:19:59:97:28:1f:84:da:01:b7:b8:cd:c7:0c:18:
                    d9:6f:bc:00:02:06:96:47:03:74:1d:05:eb:2c:90:
                    f1:b7:83:de:ec:03:95:3f:6b:d9:59:af:97:bb:59:
                    4e:01:14:8e:08:74:db:dc:d4:38:ed:e3:69:28:12:
                    e0:e2:7b:3a:dd:74:7f:8b:2b:26:55:73:49:de:1c:
                    e4:87:20:bd:71:0d:85:b0:eb:cd:92:e4:0e:87:67:
                    9a:16:7c:17:f3:49:0c:4e:29:3a:45:05:b9:a5:89:
                    5b:05:8b:23:ab:da:31:e3:a0:c1:b6:09:e1:91:0d:
                    c7:1f:88:f0:68:40:9e:d6:a0:17:ca:35:5e:ab:81:
                    94:52:80:4c:36:3a:5d:69:e9:77:64:a7:bc:cc:c3:
                    84:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:43:E7:B5:0C:6E:A5:DE:C9:7C:05:1B:48:8F:21:94:C5:25:9D:07
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:f0:10:ad:de:2a:87:52:cd:3f:2f:67:ef:2f:5f:05:39:9c:
         96:54:9d:0e:99:a8:5f:a7:33:60:28:aa:91:83:c0:bb:3a:f6:
         f6:79:dc:88:8f:e1:f3:e8:a3:20:ce:0a:3b:2e:e1:f9:a0:90:
         62:e6:eb:50:37:e2:7e:3b:bd:01:c6:d5:2d:c9:b9:97:76:2e:
         4e:ce:46:63:a2:70:cd:aa:e7:15:b8:75:a8:85:4b:aa:6c:e1:
         1b:2e:e8:e8:09:3b:ea:8b:78:13:f0:c5:d2:2b:55:d8:94:d6:
         da:0e:35:be:55:54:7b:e0:5f:25:24:ba:39:ab:de:56:2c:1a:
         b2:79:41:da:e2:2c:66:29:fb:43:ee:dc:00:a0:fe:49:56:69:
         cc:b2:48:99:38:18:05:bc:5b:a5:27:8e:be:6c:a6:43:82:7b:
         83:9f:c6:6b:f5:a9:92:80:3b:12:0c:9e:2b:a4:7b:34:5a:b3:
         da:ee:b7:dd:9c:a9:c9:b0:7b:e1:c9:8c:16:4e:10:b7:66:89:
         86:4d:2b:e0:8a:77:87:04:87:9b:4b:fe:c3:40:55:f2:bd:f9:
         03:c0:8e:fd:df:a5:9d:ca:d2:63:ef:0d:f0:a7:a2:f4:95:8a:
         31:7c:9c:da:d6:28:c1:b2:c9:0f:fc:83:0a:c0:e9:bd:a8:5c:
         48:20:4d:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DP1mRtDYil2iiHRrg6suMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjUwNDI3MDcwMTI0WhcNMjUwNDI4MDcwMTI0WjAzMTEwLwYDVQQD
Eyg0OTQzZTdiNTBjNmVhNWRlYzk3YzA1MWI0ODhmMjE5NGM1MjU5ZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRQkjs6spBv4SNDOxECqXtN0CRiO
LmV2ypazkIYfdePSkcq3xPUXWjlKfE9n9aTWLOc/8VsaAyKBeEzx2i810BkFqVdM
iiZlWrX87j9R1gcEy9/DoxnYKBa80yiUrsQmVWN92hxYAvY3GVmXKB+E2gG3uM3H
DBjZb7wAAgaWRwN0HQXrLJDxt4Pe7AOVP2vZWa+Xu1lOARSOCHTb3NQ47eNpKBLg
4ns63XR/iysmVXNJ3hzkhyC9cQ2FsOvNkuQOh2eaFnwX80kMTik6RQW5pYlbBYsj
q9ox46DBtgnhkQ3HH4jwaECe1qAXyjVeq4GUUoBMNjpdael3ZKe8zMOEvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElD57UMbqXeyXwFG0iPIZTFJZ0HMB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU/AQrd4q
h1LNPy9n7y9fBTmcllSdDpmoX6czYCiqkYPAuzr29nnciI/h8+ijIM4KOy7h+aCQ
YubrUDfifju9AcbVLcm5l3YuTs5GY6JwzarnFbh1qIVLqmzhGy7o6Ak76ot4E/DF
0itV2JTW2g41vlVUe+BfJSS6OaveViwasnlB2uIsZin7Q+7cAKD+SVZpzLJImTgY
BbxbpSeOvmymQ4J7g5/Ga/WpkoA7EgyeK6R7NFqz2u633ZypybB74cmMFk4Qt2aJ
hk0r4Ip3hwSHm0v+w0BV8r35A8CO/d+lncrSY+8N8Kei9JWKMXyc2tYowbLJD/yD
CsDpvahcSCBN0w==
-----END CERTIFICATE-----