Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          OO8HmpA8ZABk9fJwoTlEoVAm1qvVajGYNSYJwTfaVf4=
Subject key identifier:   A0:95:29:A9:74:00:02:82:09:5B:C2:83:27:43:53:53:C6:C9:3E:ED
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       0197726486D49A2CAB982D8516BD9F5A72FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          158F
Signing time:             Sun 15 Jun 2025 07:01:20 +0000
Manifest this update:     Sun 15 Jun 2025 07:01:20 +0000
Manifest next update:     Mon 16 Jun 2025 07:01:20 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: /O1JcSJWWi2S5ufd6CXiCdVO6IHMOZHVmHfGi43J7go=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 07:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:72:64:86:d4:9a:2c:ab:98:2d:85:16:bd:9f:5a:72:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Jun 15 07:01:20 2025 GMT
            Not After : Jun 16 07:01:20 2025 GMT
        Subject: CN=a09529a974000282095bc28327435353c6c93eed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c4:0b:4c:32:22:6a:f6:14:5c:f3:83:92:dd:
                    8b:11:cb:95:fd:a0:88:3c:6d:00:8a:a1:f9:c5:5c:
                    bf:aa:14:a6:94:0d:3e:4e:0a:79:95:08:a6:f5:9c:
                    dc:2a:bb:c5:a6:ee:a3:d0:32:c9:7c:da:d1:fe:d4:
                    8f:de:ee:d4:ed:92:b3:e2:f6:5c:4f:aa:6b:cd:51:
                    9a:8a:c8:fc:31:89:79:0c:b8:21:ce:df:91:42:bf:
                    ca:e3:19:62:1c:9b:93:b9:42:33:be:e5:e4:93:0b:
                    3d:f9:80:18:80:c6:45:3d:9f:e9:cc:03:d0:7f:e8:
                    65:4a:bb:56:4f:95:10:d9:e8:ac:53:d5:99:76:ab:
                    27:57:b7:3f:6a:1f:8b:32:2c:39:4a:71:0c:0f:0b:
                    96:e8:50:e4:f4:3e:10:9a:07:89:3a:de:0e:4a:f2:
                    12:55:62:bc:d5:0a:ce:de:e2:89:4b:1a:b3:ba:33:
                    3e:b2:ac:9a:d7:e7:7f:52:0f:25:3b:20:f6:15:b2:
                    93:ba:9b:b2:4d:37:5d:a4:26:a9:b3:db:3d:32:08:
                    f0:c4:19:96:53:4e:57:24:63:82:14:23:95:0e:8e:
                    48:7e:5b:1b:d8:13:0e:62:92:f2:ee:ae:ce:7e:af:
                    7b:f0:2d:22:58:3c:73:0a:06:1a:40:e8:79:b8:be:
                    b2:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:95:29:A9:74:00:02:82:09:5B:C2:83:27:43:53:53:C6:C9:3E:ED
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:fb:7b:0d:17:9c:6a:d3:3b:e7:8f:42:53:92:f9:a0:19:1f:
         eb:01:5a:3b:d2:7e:4a:ce:e0:54:c6:a7:9f:c8:8b:4f:14:e0:
         1f:ba:7f:1a:3a:6c:fd:10:c0:4f:fe:b6:75:21:7e:51:b6:c7:
         6c:0f:69:c2:76:47:f6:67:31:e1:12:d8:1c:a3:d4:55:ab:65:
         b8:95:d9:5e:ef:72:5a:0c:77:f0:ec:8b:d4:34:a7:f8:ad:49:
         67:84:db:3f:be:38:26:a1:b9:5d:b8:00:3e:57:a6:83:e9:65:
         7e:2d:fd:1a:1a:7f:7a:41:5b:97:62:10:8c:30:55:0d:6e:88:
         25:66:92:24:88:2d:51:84:6f:6a:fa:c8:a9:1b:26:ca:f5:a7:
         ea:42:85:26:03:3d:c8:1f:3b:32:6e:87:89:63:b9:67:ea:a6:
         ec:f6:f9:e1:bf:8e:35:73:33:c8:7f:5e:6f:d5:06:f4:be:ec:
         41:29:45:ef:e5:4e:91:11:87:5c:d2:8e:36:61:5f:00:37:cb:
         95:ee:f6:85:fb:35:e5:19:31:f5:17:32:08:cf:51:05:f2:69:
         89:8c:1e:90:7d:70:31:c5:d4:28:a9:3a:2a:7a:e2:68:9b:af:
         76:82:89:2f:f8:a6:55:bb:36:6b:8e:ae:5e:0c:9a:20:1b:52:
         8c:21:fe:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdyZIbUmiyrmC2FFr2fWnL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwNjE1MDcwMTIwWhcNMjUwNjE2MDcwMTIwWjAzMTEwLwYDVQQD
EyhhMDk1MjlhOTc0MDAwMjgyMDk1YmMyODMyNzQzNTM1M2M2YzkzZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8QLTDIiavYUXPODkt2LEcuV/aCI
PG0AiqH5xVy/qhSmlA0+Tgp5lQim9ZzcKrvFpu6j0DLJfNrR/tSP3u7U7ZKz4vZc
T6przVGaisj8MYl5DLghzt+RQr/K4xliHJuTuUIzvuXkkws9+YAYgMZFPZ/pzAPQ
f+hlSrtWT5UQ2eisU9WZdqsnV7c/ah+LMiw5SnEMDwuW6FDk9D4QmgeJOt4OSvIS
VWK81QrO3uKJSxqzujM+sqya1+d/Ug8lOyD2FbKTupuyTTddpCaps9s9MgjwxBmW
U05XJGOCFCOVDo5Iflsb2BMOYpLy7q7Ofq978C0iWDxzCgYaQOh5uL6yEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKCVKal0AAKCCVvCgydDU1PGyT7tMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj/t7DRec
atM7549CU5L5oBkf6wFaO9J+Ss7gVMann8iLTxTgH7p/Gjps/RDAT/62dSF+UbbH
bA9pwnZH9mcx4RLYHKPUVatluJXZXu9yWgx38OyL1DSn+K1JZ4TbP744JqG5XbgA
Plemg+llfi39Ghp/ekFbl2IQjDBVDW6IJWaSJIgtUYRvavrIqRsmyvWn6kKFJgM9
yB87Mm6HiWO5Z+qm7Pb54b+ONXMzyH9eb9UG9L7sQSlF7+VOkRGHXNKONmFfADfL
le72hfs15Rkx9RcyCM9RBfJpiYwekH1wMcXUKKk6KnriaJuvdoKJL/imVbs2a46u
XgyaIBtSjCH+Zw==
-----END CERTIFICATE-----