Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          25nT12C/Io8oJ51KLYsybVwAuYGdpktGQ2NIQigSfpo=
Subject key identifier:   AB:1A:5E:E6:68:28:38:D1:43:E1:F6:97:00:8E:F7:7A:C8:00:FA:9E
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019768BBF8E900066BF156BA30160534B362
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 10:00:38 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:38 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:38 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: J405YtLMHqURofN/rHE+1UexhOAdPKxEE/PSETRCaZY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bb:f8:e9:00:06:6b:f1:56:ba:30:16:05:34:b3:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Jun 13 10:00:38 2025 GMT
            Not After : Jun 14 10:00:38 2025 GMT
        Subject: CN=ab1a5ee6682838d143e1f697008ef77ac800fa9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e8:9f:22:9f:a7:38:64:bf:37:64:19:f5:fb:
                    73:0b:00:ca:7f:06:80:a4:d0:31:78:44:c2:99:35:
                    89:fe:56:c9:e5:7d:70:5e:b5:2e:81:2c:cf:6c:ad:
                    bf:46:62:42:b3:dd:66:df:60:1a:ce:1d:59:3a:e7:
                    37:9f:c6:66:5b:1a:b5:f4:41:d1:fb:73:6b:e5:8d:
                    87:12:c6:82:31:e3:d2:41:1d:73:e2:fb:d8:87:89:
                    e5:cd:40:a6:cc:09:df:03:76:f7:03:6a:97:87:56:
                    f5:56:c5:67:cd:b4:69:27:de:59:97:70:1e:e6:59:
                    da:74:29:a9:4d:f7:28:97:1e:ef:c5:7d:6c:dc:af:
                    ce:a7:69:ba:20:bc:fe:1d:a1:6b:1e:3e:53:40:68:
                    1b:0a:e3:ff:2f:cb:0f:9e:b1:71:c6:06:18:94:90:
                    bb:77:2b:5b:15:20:fd:7d:e1:81:9b:30:fc:94:ff:
                    16:97:2c:e4:90:c8:64:2a:57:5b:a7:05:21:90:84:
                    ab:ef:35:d9:fb:30:60:3c:32:92:24:43:15:9c:b6:
                    a0:3f:b1:13:60:b0:c6:94:34:ce:86:88:28:95:20:
                    65:fe:87:a1:d1:cc:ba:fb:48:56:c0:dd:0f:86:3d:
                    c9:8b:f5:ab:61:fd:c7:77:a6:83:46:ea:a1:d3:61:
                    ed:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:1A:5E:E6:68:28:38:D1:43:E1:F6:97:00:8E:F7:7A:C8:00:FA:9E
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:e3:76:d4:20:36:09:e1:10:98:0b:f7:6c:e5:f9:c9:6f:3a:
         c6:20:0f:12:a5:1e:70:ad:e9:f9:c0:41:45:85:a3:6c:2a:86:
         63:56:c9:d6:fa:ff:1c:0a:f9:5c:9a:03:0d:82:cd:17:cc:f5:
         d1:6d:d5:8a:e7:87:f4:c8:22:1e:31:f4:3f:9b:7a:01:15:2f:
         fb:f2:04:b3:57:b9:47:b3:62:7d:c4:aa:9c:fd:27:30:0c:c5:
         a5:e7:99:68:0f:0f:03:00:19:71:1c:f6:d5:9d:7e:26:8c:6d:
         80:e6:e8:15:d5:83:27:29:be:2b:89:d4:1b:34:d4:84:56:db:
         9e:54:75:22:77:44:67:84:f0:57:2d:f9:b9:96:80:6c:59:af:
         45:12:32:bd:2f:74:3f:bd:8b:e0:fc:39:33:d2:ac:4d:5e:37:
         cd:37:9f:ed:2a:2e:c7:8b:9c:4e:a6:25:31:90:33:3c:2c:98:
         98:4a:71:0c:8a:5f:f2:33:cf:ca:e6:02:d2:1d:94:6f:61:a1:
         84:8e:43:a2:bd:80:65:97:fe:36:9c:cc:b6:c8:29:74:bf:71:
         76:2e:44:e5:13:73:16:05:b9:7f:1e:a6:15:f5:48:b2:78:7f:
         cb:de:31:75:84:93:4d:e9:06:85:c9:e6:be:5f:73:80:4b:8c:
         aa:a9:d0:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdou/jpAAZr8Va6MBYFNLNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwNjEzMTAwMDM4WhcNMjUwNjE0MTAwMDM4WjAzMTEwLwYDVQQD
EyhhYjFhNWVlNjY4MjgzOGQxNDNlMWY2OTcwMDhlZjc3YWM4MDBmYTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+ifIp+nOGS/N2QZ9ftzCwDKfwaA
pNAxeETCmTWJ/lbJ5X1wXrUugSzPbK2/RmJCs91m32Aazh1ZOuc3n8ZmWxq19EHR
+3Nr5Y2HEsaCMePSQR1z4vvYh4nlzUCmzAnfA3b3A2qXh1b1VsVnzbRpJ95Zl3Ae
5lnadCmpTfcolx7vxX1s3K/Op2m6ILz+HaFrHj5TQGgbCuP/L8sPnrFxxgYYlJC7
dytbFSD9feGBmzD8lP8WlyzkkMhkKldbpwUhkISr7zXZ+zBgPDKSJEMVnLagP7ET
YLDGlDTOhogolSBl/oeh0cy6+0hWwN0Phj3Ji/WrYf3Hd6aDRuqh02Ht7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKsaXuZoKDjRQ+H2lwCO93rIAPqeMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjuN21CA2
CeEQmAv3bOX5yW86xiAPEqUecK3p+cBBRYWjbCqGY1bJ1vr/HAr5XJoDDYLNF8z1
0W3ViueH9MgiHjH0P5t6ARUv+/IEs1e5R7NifcSqnP0nMAzFpeeZaA8PAwAZcRz2
1Z1+JoxtgOboFdWDJym+K4nUGzTUhFbbnlR1IndEZ4TwVy35uZaAbFmvRRIyvS90
P72L4Pw5M9KsTV43zTef7Soux4ucTqYlMZAzPCyYmEpxDIpf8jPPyuYC0h2Ub2Gh
hI5Dor2AZZf+NpzMtsgpdL9xdi5E5RNzFgW5fx6mFfVIsnh/y94xdYSTTekGhcnm
vl9zgEuMqqnQwA==
-----END CERTIFICATE-----