Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          vGpZZnFmccKbxSWmCWiFSTu7PvTynWD9uKOPKkAsv4s=
Subject key identifier:   3C:33:E4:B8:6A:66:D1:38:66:A9:E7:1A:9B:FC:E1:5F:D6:5A:3C:4F
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       01987C77771527DA3F4B0DD0CCA0730CD86E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          02F2
Signing time:             Tue 05 Aug 2025 23:01:00 +0000
Manifest this update:     Tue 05 Aug 2025 23:01:00 +0000
Manifest next update:     Wed 06 Aug 2025 23:01:00 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: jfK2j/ns/WU8NZAQq99bkM2XI3ypM6FPBFqNvplDdRg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 23:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:77:77:15:27:da:3f:4b:0d:d0:cc:a0:73:0c:d8:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Aug  5 23:01:00 2025 GMT
            Not After : Aug  6 23:01:00 2025 GMT
        Subject: CN=3c33e4b86a66d13866a9e71a9bfce15fd65a3c4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c7:b0:82:15:db:ce:db:dc:25:c1:25:2f:bb:
                    6b:86:c6:b9:57:a9:b6:1a:97:74:7e:4a:8d:ee:5f:
                    3a:ef:3c:6a:60:0d:5b:aa:ed:0e:09:f5:22:67:f7:
                    4f:2a:40:a7:25:39:ef:ff:a9:96:e4:7b:27:df:af:
                    47:53:ab:f3:2f:89:84:79:87:6f:a9:c1:91:93:b8:
                    ca:9c:73:8c:ab:d1:bf:ab:97:f8:a6:49:11:18:be:
                    a9:18:f7:b6:ce:79:8f:23:71:fa:32:be:71:02:21:
                    72:c9:c0:2d:e3:2a:be:a6:b3:01:5a:b1:7a:f9:b4:
                    67:5d:87:f7:2b:ff:74:08:fe:1f:09:2d:84:f1:ee:
                    40:95:79:e4:3f:01:ca:74:30:56:ae:46:93:5c:ea:
                    50:fb:4b:18:35:4c:70:03:43:e7:c1:4d:88:1d:1a:
                    a8:b0:36:72:ba:88:cd:c7:d4:8b:6d:4d:31:f8:6c:
                    68:64:72:9e:ad:8c:53:e9:d2:cf:6e:7d:07:df:fc:
                    90:0d:a8:15:2a:c4:56:c8:ed:0d:29:f7:cb:10:b2:
                    be:44:cc:b7:0d:0d:de:f1:46:36:9f:fb:47:0d:98:
                    ca:6d:6f:d2:be:01:c6:43:31:83:43:b9:e1:f1:bd:
                    a4:c8:b2:10:70:8e:40:50:99:f2:fe:61:4b:68:af:
                    66:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:33:E4:B8:6A:66:D1:38:66:A9:E7:1A:9B:FC:E1:5F:D6:5A:3C:4F
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:eb:f9:1d:8a:84:62:3b:49:d9:2c:34:0f:ce:ef:e9:7c:fb:
         d8:7e:e5:4d:d7:79:6e:07:c1:a6:34:4d:e5:02:f5:24:46:17:
         b7:7b:9a:78:32:cd:1d:bd:b3:22:10:4e:80:5a:35:2c:5b:7b:
         78:9d:3f:de:f1:03:0b:39:47:9c:2c:b3:d6:4d:6d:c6:33:36:
         cf:ae:77:74:f1:a9:39:de:df:d7:b6:ba:cb:23:33:b3:24:b4:
         ab:60:18:6f:93:8d:db:50:8c:67:81:28:ef:c5:cc:b0:a0:89:
         38:a3:9a:39:7e:18:3e:8b:6b:55:e0:95:71:e7:92:e2:1c:4c:
         8b:55:8a:09:65:e5:46:be:81:82:1c:39:d2:94:b8:f1:d2:b9:
         8d:37:c0:05:8e:bf:5c:e2:db:a3:f2:ea:63:d3:e4:78:23:2a:
         f4:87:6e:cf:79:3c:55:15:ad:aa:30:b4:76:c8:61:8f:6a:e9:
         e5:06:27:6e:42:5a:1e:dd:90:29:80:5f:d1:8d:c7:3a:bc:ff:
         6f:2f:2a:aa:22:ca:70:7d:d3:d1:cf:c6:1c:65:84:9a:e7:6f:
         8f:bc:2d:a5:0c:43:83:d9:b5:23:6c:af:1c:c3:ce:4b:da:52:
         65:c4:55:1e:01:e6:98:98:30:16:60:bf:42:e4:77:6e:84:c1:
         da:32:80:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8d3cVJ9o/Sw3QzKBzDNhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjUwODA1MjMwMTAwWhcNMjUwODA2MjMwMTAwWjAzMTEwLwYDVQQD
EygzYzMzZTRiODZhNjZkMTM4NjZhOWU3MWE5YmZjZTE1ZmQ2NWEzYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusewghXbztvcJcElL7trhsa5V6m2
Gpd0fkqN7l867zxqYA1bqu0OCfUiZ/dPKkCnJTnv/6mW5Hsn369HU6vzL4mEeYdv
qcGRk7jKnHOMq9G/q5f4pkkRGL6pGPe2znmPI3H6Mr5xAiFyycAt4yq+prMBWrF6
+bRnXYf3K/90CP4fCS2E8e5AlXnkPwHKdDBWrkaTXOpQ+0sYNUxwA0PnwU2IHRqo
sDZyuojNx9SLbU0x+GxoZHKerYxT6dLPbn0H3/yQDagVKsRWyO0NKffLELK+RMy3
DQ3e8UY2n/tHDZjKbW/SvgHGQzGDQ7nh8b2kyLIQcI5AUJny/mFLaK9mGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwz5LhqZtE4ZqnnGpv84V/WWjxPMB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU+v5HYqE
YjtJ2Sw0D87v6Xz72H7lTdd5bgfBpjRN5QL1JEYXt3uaeDLNHb2zIhBOgFo1LFt7
eJ0/3vEDCzlHnCyz1k1txjM2z653dPGpOd7f17a6yyMzsyS0q2AYb5ON21CMZ4Eo
78XMsKCJOKOaOX4YPotrVeCVceeS4hxMi1WKCWXlRr6Bghw50pS48dK5jTfABY6/
XOLbo/LqY9PkeCMq9Iduz3k8VRWtqjC0dshhj2rp5QYnbkJaHt2QKYBf0Y3HOrz/
by8qqiLKcH3T0c/GHGWEmudvj7wtpQxDg9m1I2yvHMPOS9pSZcRVHgHmmJgwFmC/
QuR3boTB2jKAkA==
-----END CERTIFICATE-----