Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          ieuaTgylGDh5taTq73SwP6LK7O61Uqm28KcVVLLIZuU=
Subject key identifier:   FD:78:CB:C7:6C:1C:80:85:71:BD:E4:8A:79:EB:A0:A1:60:4D:B5:8D
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019759493069C2094DD7F1616FCE1B0B3B83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          1582
Signing time:             Tue 10 Jun 2025 10:00:58 +0000
Manifest this update:     Tue 10 Jun 2025 10:00:58 +0000
Manifest next update:     Wed 11 Jun 2025 10:00:58 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: ruQ4vHFluFFcH4DyEJ8Vg7pUWyW+s4tu8r+twbrxSes=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 10:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:49:30:69:c2:09:4d:d7:f1:61:6f:ce:1b:0b:3b:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Jun 10 10:00:58 2025 GMT
            Not After : Jun 11 10:00:58 2025 GMT
        Subject: CN=fd78cbc76c1c808571bde48a79eba0a1604db58d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:c3:08:b0:70:cd:1a:5e:b6:29:dc:0e:59:c0:
                    ea:45:37:3b:2a:da:5d:57:4b:16:2d:78:07:11:8f:
                    73:0e:a7:1a:7a:65:67:9d:7c:ba:ba:a1:93:94:7d:
                    9d:d1:6a:72:6c:6c:ec:c6:01:e1:94:da:6d:f3:c6:
                    78:ea:4c:84:e3:1b:a6:42:6e:01:6e:63:68:94:db:
                    e0:e6:3f:64:b1:d3:6e:14:48:68:c0:9e:a5:e6:e4:
                    62:20:a8:1d:7e:71:46:01:c7:6a:e4:ea:2a:3e:cb:
                    b0:c0:15:e3:0c:6c:7d:05:d6:93:03:ce:b7:3e:b2:
                    95:65:d9:21:0f:3f:b4:75:f8:33:85:eb:65:fa:df:
                    f5:0f:0b:07:d1:a7:ce:7e:07:9f:60:5c:04:6d:c5:
                    14:30:98:72:a4:8e:11:44:e6:cc:17:ee:b9:44:68:
                    11:31:83:8d:4f:a3:94:37:6e:b1:74:f9:48:32:60:
                    7a:66:6e:55:7b:d0:0a:42:e8:e1:3c:ab:7f:1b:15:
                    bf:da:a8:df:6a:38:69:fb:bc:d0:3e:18:93:e4:38:
                    41:a2:32:4d:13:49:46:8f:9e:80:ab:06:94:99:9e:
                    69:28:c3:7f:ff:de:bd:18:de:00:85:7c:4e:73:f2:
                    5a:e9:62:7e:62:29:b5:4b:89:55:98:4f:86:dd:59:
                    8f:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:78:CB:C7:6C:1C:80:85:71:BD:E4:8A:79:EB:A0:A1:60:4D:B5:8D
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:e2:65:5d:b6:9d:32:c0:d3:b5:1e:b7:34:84:2c:06:e0:87:
         ad:c1:8a:07:15:c3:4f:40:b4:ee:6f:2a:6b:c5:29:0a:37:f2:
         ef:aa:b1:01:0b:02:25:b6:9d:af:b7:8f:57:eb:70:21:75:23:
         a6:b5:ee:4a:a0:91:89:f1:11:b3:6e:10:e4:e4:78:d9:95:08:
         ca:cf:25:60:71:16:90:39:cf:bf:1e:67:d1:a5:cd:bf:ad:86:
         d1:5c:78:41:a6:15:34:ea:57:6a:54:3b:d0:86:57:10:b3:89:
         17:2b:6f:43:03:9c:dd:0b:a3:52:0e:f6:e3:aa:58:5d:51:b2:
         ab:63:56:b9:28:88:35:47:5d:c7:d5:b7:a9:c1:5c:33:57:3d:
         f3:9c:cf:ca:f2:0b:3d:de:4d:e3:fd:84:49:26:c0:fe:9c:d4:
         f4:90:1f:cf:f5:22:74:cb:58:70:5d:22:1d:07:2f:d1:ee:05:
         64:b6:73:f2:c8:8a:a3:8d:5b:7a:44:77:99:c6:ca:57:e0:e0:
         f3:74:5c:36:d6:47:69:0f:ac:5e:7b:4d:7f:23:b4:e1:01:a2:
         0e:ca:7c:f5:76:eb:a3:87:ac:17:2b:fd:50:2e:f3:17:5a:a8:
         12:01:d0:14:e2:2f:6e:aa:24:59:b9:5f:53:90:df:b2:b5:a9:
         ee:8b:27:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZSTBpwglN1/Fhb84bCzuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwNjEwMTAwMDU4WhcNMjUwNjExMTAwMDU4WjAzMTEwLwYDVQQD
EyhmZDc4Y2JjNzZjMWM4MDg1NzFiZGU0OGE3OWViYTBhMTYwNGRiNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8MIsHDNGl62KdwOWcDqRTc7Ktpd
V0sWLXgHEY9zDqcaemVnnXy6uqGTlH2d0WpybGzsxgHhlNpt88Z46kyE4xumQm4B
bmNolNvg5j9ksdNuFEhowJ6l5uRiIKgdfnFGAcdq5OoqPsuwwBXjDGx9BdaTA863
PrKVZdkhDz+0dfgzhetl+t/1DwsH0afOfgefYFwEbcUUMJhypI4RRObMF+65RGgR
MYONT6OUN26xdPlIMmB6Zm5Ve9AKQujhPKt/GxW/2qjfajhp+7zQPhiT5DhBojJN
E0lGj56AqwaUmZ5pKMN//969GN4AhXxOc/Ja6WJ+Yim1S4lVmE+G3VmPOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP14y8dsHICFcb3kinnroKFgTbWNMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE+JlXbad
MsDTtR63NIQsBuCHrcGKBxXDT0C07m8qa8UpCjfy76qxAQsCJbadr7ePV+twIXUj
prXuSqCRifERs24Q5OR42ZUIys8lYHEWkDnPvx5n0aXNv62G0Vx4QaYVNOpXalQ7
0IZXELOJFytvQwOc3QujUg7246pYXVGyq2NWuSiINUddx9W3qcFcM1c985zPyvIL
Pd5N4/2ESSbA/pzU9JAfz/UidMtYcF0iHQcv0e4FZLZz8siKo41bekR3mcbKV+Dg
83RcNtZHaQ+sXntNfyO04QGiDsp89Xbro4esFyv9UC7zF1qoEgHQFOIvbqokWblf
U5DfsrWp7osnfw==
-----END CERTIFICATE-----