Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          jT5bVm5BKTK7SomjU370aw28UMS088dYlPrmAeks+OU=
Subject key identifier:   99:D8:B3:11:97:E1:59:37:51:FC:C5:AB:DB:A3:35:37:40:44:21:A7
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019766CDFF67DA6C0DAE7FE4FEDEC949B916
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          1589
Signing time:             Fri 13 Jun 2025 01:01:05 +0000
Manifest this update:     Fri 13 Jun 2025 01:01:05 +0000
Manifest next update:     Sat 14 Jun 2025 01:01:05 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: foie2HBN8fuwfqkMEYTxFxiUOowHMALyPaFSc2sPkNI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:cd:ff:67:da:6c:0d:ae:7f:e4:fe:de:c9:49:b9:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Jun 13 01:01:05 2025 GMT
            Not After : Jun 14 01:01:05 2025 GMT
        Subject: CN=99d8b31197e1593751fcc5abdba33537404421a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a2:f5:44:e3:0f:dc:5a:b9:93:91:fc:96:2e:
                    e4:9f:ae:5f:1d:eb:dc:12:76:5b:cc:ec:79:09:79:
                    1b:f2:31:3a:7e:c1:2d:ed:8d:72:9c:7b:70:1f:4e:
                    c6:ef:35:5b:65:b9:aa:ad:65:bf:76:e8:77:0e:f9:
                    6f:94:a6:07:ee:b0:23:31:df:4b:36:74:1a:48:c0:
                    d8:5f:40:b6:17:8f:e4:79:d6:d4:55:a1:3e:5e:a2:
                    1b:c2:db:e7:66:06:82:ac:42:06:60:9c:77:98:f2:
                    e4:b5:d4:33:a5:6f:03:0d:bc:fd:f5:32:d5:df:d2:
                    35:c0:75:51:6d:9d:09:6f:42:24:f7:3c:4d:26:36:
                    ac:b2:f3:02:31:09:ee:ff:b3:b5:63:eb:2f:7e:b9:
                    0e:4e:90:9a:dd:ec:ab:da:06:e8:e3:cf:58:6a:d3:
                    e5:5d:6d:b1:f6:5f:28:b3:94:5d:25:5d:e5:d7:32:
                    77:e9:4e:99:f7:26:97:c5:8a:29:b7:37:86:df:62:
                    27:72:95:54:52:87:03:03:bf:63:42:1d:77:98:08:
                    07:fd:e0:4c:be:14:98:39:ea:7e:d4:b4:b1:9f:49:
                    2d:3e:9a:28:2f:61:d3:ed:34:ed:21:8e:67:a6:89:
                    78:6c:fb:cd:98:8b:81:45:59:2c:b1:e6:f8:66:c3:
                    21:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:D8:B3:11:97:E1:59:37:51:FC:C5:AB:DB:A3:35:37:40:44:21:A7
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:79:0b:cc:7d:75:81:d8:b5:b7:b9:9a:b7:7b:77:ed:19:d1:
         f4:cf:96:8f:8b:50:3d:28:9f:d8:2d:fd:b6:51:63:3c:f2:0f:
         13:c1:13:15:92:01:e0:05:ff:02:87:51:57:50:0f:e6:3b:7e:
         24:45:d9:5f:1a:55:a6:71:19:09:22:8c:67:39:08:c7:4e:e6:
         2c:de:42:81:c9:86:9a:cf:cb:d6:f6:3f:51:f9:a4:64:c0:df:
         66:65:83:7a:97:bf:ab:b9:41:6c:5f:2a:ea:51:71:f6:57:99:
         4a:16:4c:77:6b:3a:d0:34:a5:79:34:d8:3e:33:1d:7f:3a:8e:
         a3:67:cc:81:5d:46:ce:f3:11:9d:1b:16:0b:19:e7:5c:6c:1c:
         9a:6a:e6:56:eb:7f:c5:7e:4d:99:bd:2d:26:23:20:19:02:cb:
         2d:eb:8c:e5:65:e3:ac:55:18:1b:e8:64:af:9e:a8:8d:dc:19:
         75:87:67:79:58:2b:f1:ac:b8:2a:04:7e:4a:6f:3a:44:3c:ef:
         55:b2:92:9b:d1:94:5c:dd:ab:98:46:83:12:f1:41:ef:a3:df:
         d3:04:b0:bc:b7:8b:2a:6c:06:a2:88:2e:05:1d:bc:dc:e2:b4:
         d6:5e:93:67:a8:ec:95:58:12:9c:30:43:bf:4b:9c:cd:a1:fa:
         3e:e9:15:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmzf9n2mwNrn/k/t7JSbkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwNjEzMDEwMTA1WhcNMjUwNjE0MDEwMTA1WjAzMTEwLwYDVQQD
Eyg5OWQ4YjMxMTk3ZTE1OTM3NTFmY2M1YWJkYmEzMzUzNzQwNDQyMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKL1ROMP3Fq5k5H8li7kn65fHevc
EnZbzOx5CXkb8jE6fsEt7Y1ynHtwH07G7zVbZbmqrWW/duh3DvlvlKYH7rAjMd9L
NnQaSMDYX0C2F4/kedbUVaE+XqIbwtvnZgaCrEIGYJx3mPLktdQzpW8DDbz99TLV
39I1wHVRbZ0Jb0Ik9zxNJjassvMCMQnu/7O1Y+svfrkOTpCa3eyr2gbo489YatPl
XW2x9l8os5RdJV3l1zJ36U6Z9yaXxYoptzeG32IncpVUUocDA79jQh13mAgH/eBM
vhSYOep+1LSxn0ktPpooL2HT7TTtIY5npol4bPvNmIuBRVksseb4ZsMhzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnYsxGX4Vk3UfzFq9ujNTdARCGnMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApHkLzH11
gdi1t7mat3t37RnR9M+Wj4tQPSif2C39tlFjPPIPE8ETFZIB4AX/AodRV1AP5jt+
JEXZXxpVpnEZCSKMZzkIx07mLN5CgcmGms/L1vY/UfmkZMDfZmWDepe/q7lBbF8q
6lFx9leZShZMd2s60DSleTTYPjMdfzqOo2fMgV1GzvMRnRsWCxnnXGwcmmrmVut/
xX5Nmb0tJiMgGQLLLeuM5WXjrFUYG+hkr56ojdwZdYdneVgr8ay4KgR+Sm86RDzv
VbKSm9GUXN2rmEaDEvFB76Pf0wSwvLeLKmwGooguBR283OK01l6TZ6jslVgSnDBD
v0uczaH6PukVzQ==
-----END CERTIFICATE-----