Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          f0IVDeXKgs6p723mRNRV7CTwQCheyCD4LRXi7S1DDxY=
Subject key identifier:   AD:01:2B:E3:8E:3A:2B:68:4C:00:64:F1:99:FA:6A:19:5C:DD:58:8E
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       01965A5DDE19763A45949A4CA7781F8135CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          14FE
Signing time:             Mon 21 Apr 2025 22:00:23 +0000
Manifest this update:     Mon 21 Apr 2025 22:00:23 +0000
Manifest next update:     Tue 22 Apr 2025 22:00:23 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: p9bp2pyOViFjh6IbSXTHFeVWbCIyC3pwSmo4Aa9jbg8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5a:5d:de:19:76:3a:45:94:9a:4c:a7:78:1f:81:35:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Apr 21 22:00:23 2025 GMT
            Not After : Apr 22 22:00:23 2025 GMT
        Subject: CN=ad012be38e3a2b684c0064f199fa6a195cdd588e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:88:c7:06:10:9b:bf:c6:58:03:66:f7:1b:1c:
                    f3:42:23:8b:32:2c:20:cb:ab:c5:82:67:db:c0:a8:
                    2c:6e:1c:9d:8c:cb:1e:da:23:de:f4:28:d2:d4:d8:
                    e9:e4:b3:a1:55:0a:d8:a0:38:2d:95:da:d0:6a:09:
                    7c:06:cb:3c:94:42:6e:e6:5c:8a:5e:0b:e0:dc:bb:
                    e3:df:e0:f9:4a:95:5e:79:04:2a:82:7b:86:3b:d4:
                    ab:45:98:51:5b:ea:57:ab:cc:67:df:20:44:65:86:
                    4c:3e:29:30:15:9d:43:6b:4e:0e:ea:df:6d:c9:6b:
                    16:60:f4:a2:6c:ae:07:73:c7:7a:6b:e2:7f:88:1b:
                    04:66:79:6d:0c:09:2f:dd:4a:79:65:96:58:6a:69:
                    1d:9f:cc:14:ff:72:45:28:ed:48:35:5f:98:77:7f:
                    14:53:a6:cd:52:46:87:76:fd:c1:43:54:37:c5:e4:
                    6b:fa:ed:02:cf:d0:12:a8:ab:55:ad:be:ca:7d:4d:
                    81:c7:b6:b0:d1:ba:95:1b:be:49:cf:62:cf:e0:f7:
                    a1:27:6a:c7:82:b6:c4:01:a8:06:7c:74:1c:45:96:
                    b0:2c:08:62:34:89:b9:bb:dc:ac:de:86:13:33:1c:
                    fb:fa:6d:92:ab:ec:92:6e:f1:5b:84:7b:51:a1:79:
                    40:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:01:2B:E3:8E:3A:2B:68:4C:00:64:F1:99:FA:6A:19:5C:DD:58:8E
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:c5:3d:6e:63:13:b9:ef:f8:0d:29:27:6b:5e:6c:8a:8a:0b:
         d1:5b:d2:0c:56:c9:22:30:5b:83:c3:6a:5c:4c:2f:a5:20:1c:
         4f:fe:1b:2c:00:ce:81:be:8f:92:ee:6e:6b:a7:56:4c:40:28:
         87:ec:ad:a4:bd:a0:28:31:92:41:64:03:55:ce:e4:fb:b6:7a:
         09:f5:fb:6b:2c:ec:34:1f:08:88:dd:63:1c:d3:ff:8a:a2:45:
         e3:53:1b:8c:9d:9f:45:50:00:6a:49:0c:31:43:a2:e2:d6:0e:
         a7:fe:7e:2b:01:c6:8e:af:43:bb:cc:b1:2e:94:7e:f5:91:97:
         9c:33:6e:18:5c:3a:03:75:f0:fa:48:f1:89:c6:09:db:53:c9:
         7a:d9:0a:15:37:b8:18:cd:91:b9:11:05:30:fb:4e:c9:2a:60:
         36:1f:e7:42:a6:4f:b3:0b:c0:f6:e2:2b:bb:c1:c0:8a:c0:6b:
         e5:fb:e7:01:39:69:33:9e:55:76:ad:2d:1b:d0:33:d3:9f:1b:
         8a:36:93:b2:e5:47:0c:f4:bc:8b:5a:92:98:5b:16:77:c7:2e:
         23:26:a7:62:80:3b:b5:a3:b3:7c:87:83:1a:24:d4:d0:96:b6:
         78:74:30:dd:b6:fa:24:5d:02:82:18:3c:8f:1f:dc:3e:38:dd:
         f1:e0:f4:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZaXd4ZdjpFlJpMp3gfgTXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwNDIxMjIwMDIzWhcNMjUwNDIyMjIwMDIzWjAzMTEwLwYDVQQD
EyhhZDAxMmJlMzhlM2EyYjY4NGMwMDY0ZjE5OWZhNmExOTVjZGQ1ODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIjHBhCbv8ZYA2b3GxzzQiOLMiwg
y6vFgmfbwKgsbhydjMse2iPe9CjS1Njp5LOhVQrYoDgtldrQagl8Bss8lEJu5lyK
Xgvg3Lvj3+D5SpVeeQQqgnuGO9SrRZhRW+pXq8xn3yBEZYZMPikwFZ1Da04O6t9t
yWsWYPSibK4Hc8d6a+J/iBsEZnltDAkv3Up5ZZZYamkdn8wU/3JFKO1INV+Yd38U
U6bNUkaHdv3BQ1Q3xeRr+u0Cz9ASqKtVrb7KfU2Bx7aw0bqVG75Jz2LP4PehJ2rH
grbEAagGfHQcRZawLAhiNIm5u9ys3oYTMxz7+m2Sq+ySbvFbhHtRoXlAywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0BK+OOOitoTABk8Zn6ahlc3ViOMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn8U9bmMT
ue/4DSkna15siooL0VvSDFbJIjBbg8NqXEwvpSAcT/4bLADOgb6Pku5ua6dWTEAo
h+ytpL2gKDGSQWQDVc7k+7Z6CfX7ayzsNB8IiN1jHNP/iqJF41MbjJ2fRVAAakkM
MUOi4tYOp/5+KwHGjq9Du8yxLpR+9ZGXnDNuGFw6A3Xw+kjxicYJ21PJetkKFTe4
GM2RuREFMPtOySpgNh/nQqZPswvA9uIru8HAisBr5fvnATlpM55Vdq0tG9Az058b
ijaTsuVHDPS8i1qSmFsWd8cuIyanYoA7taOzfIeDGiTU0Ja2eHQw3bb6JF0Cghg8
jx/cPjjd8eD0ww==
-----END CERTIFICATE-----