Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          63MetVRg5Z0qSkNt8sFkPW8GQCw1ofifxglLS2vO9P8=
Subject key identifier:   29:8F:62:30:B0:BB:7E:E4:53:87:53:2C:8C:0F:C6:85:58:7D:B4:29
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       019674F97C3A18AC87F84E14C209DB36E6DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          01E5
Signing time:             Sun 27 Apr 2025 02:00:29 +0000
Manifest this update:     Sun 27 Apr 2025 02:00:29 +0000
Manifest next update:     Mon 28 Apr 2025 02:00:29 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: 79ruD8UIkV+2zw50BEFJV2fhO91mcXnQmMI7yncrzbA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 02:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:f9:7c:3a:18:ac:87:f8:4e:14:c2:09:db:36:e6:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Apr 27 02:00:29 2025 GMT
            Not After : Apr 28 02:00:29 2025 GMT
        Subject: CN=298f6230b0bb7ee45387532c8c0fc685587db429
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:c4:a0:50:dc:f5:5d:c3:82:24:32:fa:ed:97:
                    2b:60:dc:de:2f:33:b7:93:a8:47:06:98:ae:df:4d:
                    c1:c5:bf:cf:56:16:14:b6:dd:ce:21:51:a4:ed:74:
                    6b:22:7f:bf:97:a0:fe:53:b1:90:76:6e:fd:d4:12:
                    29:eb:49:4d:bd:56:10:e4:b8:59:3e:83:f3:ae:66:
                    72:e7:0c:5f:8e:96:2f:13:2e:b2:44:e2:3c:15:16:
                    64:8b:d1:c9:44:fe:eb:85:57:8d:71:44:89:d7:ba:
                    7c:85:8e:49:9d:ad:ad:74:40:ed:22:43:d6:c5:57:
                    04:54:0a:c2:c0:10:67:64:41:37:48:6c:17:41:55:
                    48:e8:de:62:21:f3:5f:35:1f:35:38:1c:ef:f6:de:
                    b4:4d:31:f0:2d:5f:72:fe:f1:91:09:a1:29:4c:ab:
                    93:bb:c8:b5:ae:61:c0:35:45:d0:68:f8:66:90:21:
                    88:99:ae:84:11:a8:1b:d8:00:e4:c2:54:69:ec:1a:
                    a3:73:59:4f:73:75:66:86:e6:73:62:87:16:ab:da:
                    ad:9d:06:4b:4b:ed:ee:15:bf:1c:39:8c:c5:49:11:
                    6e:06:c9:02:b2:73:5a:6d:3c:09:d0:0b:2e:88:a7:
                    d5:4f:3b:a6:dc:34:a9:bf:84:0a:72:aa:54:07:44:
                    b4:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:8F:62:30:B0:BB:7E:E4:53:87:53:2C:8C:0F:C6:85:58:7D:B4:29
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:ac:f0:6d:cf:37:04:a9:e6:a3:35:aa:be:ac:1f:77:f8:18:
         e4:76:fd:b5:b8:72:fa:32:1d:02:7a:ab:e4:eb:68:cc:f0:49:
         ce:14:db:11:1c:87:5d:1d:25:33:f6:c5:7b:32:ef:ba:16:9c:
         6c:df:51:8f:d9:76:ba:56:28:97:95:9b:0b:be:4e:95:bf:df:
         5c:fa:94:49:51:49:0a:db:ed:4a:dc:d4:a0:22:33:d6:04:1c:
         bc:c5:e2:82:5c:5e:e7:aa:eb:0e:61:26:b1:0f:26:b8:4a:87:
         bf:35:52:09:a1:ab:ae:67:ba:5a:6f:2f:6f:fa:bb:56:29:a2:
         4f:6b:fa:80:2b:88:4d:4d:94:99:16:e3:01:ae:76:e1:60:eb:
         80:4f:f6:c2:df:9e:cb:0e:19:62:86:64:53:cb:2e:c0:af:89:
         a4:e4:7d:25:04:4e:18:2c:d6:0c:bd:f9:4c:0f:fe:34:32:4f:
         0d:7a:92:14:d8:86:8a:0c:48:b1:e2:2a:07:0e:28:f2:ea:e4:
         e3:91:fe:37:bf:3b:80:a5:39:4d:2c:f7:17:7a:b7:db:9a:e9:
         65:11:17:6d:6a:e4:a4:0b:72:ab:48:d4:fe:5d:4c:e6:25:f3:
         0a:d0:3c:b8:ed:5a:95:bf:95:5c:2f:29:2e:7d:0c:83:b9:ed:
         ca:25:f1:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0+Xw6GKyH+E4UwgnbNubeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjUwNDI3MDIwMDI5WhcNMjUwNDI4MDIwMDI5WjAzMTEwLwYDVQQD
EygyOThmNjIzMGIwYmI3ZWU0NTM4NzUzMmM4YzBmYzY4NTU4N2RiNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMSgUNz1XcOCJDL67ZcrYNzeLzO3
k6hHBpiu303Bxb/PVhYUtt3OIVGk7XRrIn+/l6D+U7GQdm791BIp60lNvVYQ5LhZ
PoPzrmZy5wxfjpYvEy6yROI8FRZki9HJRP7rhVeNcUSJ17p8hY5Jna2tdEDtIkPW
xVcEVArCwBBnZEE3SGwXQVVI6N5iIfNfNR81OBzv9t60TTHwLV9y/vGRCaEpTKuT
u8i1rmHANUXQaPhmkCGIma6EEagb2ADkwlRp7Bqjc1lPc3VmhuZzYocWq9qtnQZL
S+3uFb8cOYzFSRFuBskCsnNabTwJ0AsuiKfVTzum3DSpv4QKcqpUB0S0KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmPYjCwu37kU4dTLIwPxoVYfbQpMB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArqzwbc83
BKnmozWqvqwfd/gY5Hb9tbhy+jIdAnqr5OtozPBJzhTbERyHXR0lM/bFezLvuhac
bN9Rj9l2ulYol5WbC75Olb/fXPqUSVFJCtvtStzUoCIz1gQcvMXiglxe56rrDmEm
sQ8muEqHvzVSCaGrrme6Wm8vb/q7VimiT2v6gCuITU2UmRbjAa524WDrgE/2wt+e
yw4ZYoZkU8suwK+JpOR9JQROGCzWDL35TA/+NDJPDXqSFNiGigxIseIqBw4o8urk
45H+N787gKU5TSz3F3q325rpZREXbWrkpAtyq0jU/l1M5iXzCtA8uO1alb+VXC8p
Ln0Mg7ntyiXxXw==
-----END CERTIFICATE-----