Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          fOavaGoXd+49w7t6POLCD1WakCxHLajofjRDv2u9lLE=
Subject key identifier:   C2:9F:E5:D7:4F:70:39:09:FE:A3:6B:FE:81:20:5F:47:0A:40:77:39
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       0197575AF6E66145E821B0F9BD8D13D5900C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          1581
Signing time:             Tue 10 Jun 2025 01:01:08 +0000
Manifest this update:     Tue 10 Jun 2025 01:01:08 +0000
Manifest next update:     Wed 11 Jun 2025 01:01:08 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: sa1joPd+DxROBNJxYn5KbOtSpehhorrvqVTvfuNG4FE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:5a:f6:e6:61:45:e8:21:b0:f9:bd:8d:13:d5:90:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Jun 10 01:01:08 2025 GMT
            Not After : Jun 11 01:01:08 2025 GMT
        Subject: CN=c29fe5d74f703909fea36bfe81205f470a407739
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1b:41:d8:48:61:65:12:92:c3:81:24:d3:32:
                    03:bf:10:33:7c:86:8a:f7:0a:77:dc:5a:06:9f:4a:
                    db:8b:03:ff:ba:23:82:bd:e2:24:20:89:a3:be:17:
                    91:f7:2f:62:13:9f:91:fb:a3:a9:e4:0c:17:84:81:
                    c1:e5:72:84:51:f8:f2:a4:87:8c:14:52:bd:ef:80:
                    06:d7:65:14:2d:c2:26:6d:c8:03:98:e7:6a:57:39:
                    76:16:a7:1f:db:e0:a5:3d:7b:b2:e4:69:cb:5d:10:
                    b8:e4:0f:1b:f4:c9:6b:9c:3c:85:5f:8c:7b:5f:0b:
                    1b:52:f5:30:a9:4f:5f:92:44:b7:6e:29:1b:3a:ca:
                    9a:96:80:bd:77:c7:a6:2c:fe:03:2d:e0:f8:f7:fd:
                    6d:8b:74:34:1a:89:a6:cd:fc:3d:cf:57:36:8f:8d:
                    0e:a8:08:85:21:69:59:ee:1b:6d:c9:e0:45:41:3a:
                    35:53:c8:91:8a:fb:de:a5:ea:dd:7b:17:5f:16:b3:
                    19:b8:a8:90:0d:8b:32:e7:e5:c9:a0:64:cf:a5:33:
                    65:1a:b0:9b:ff:0a:2f:36:b5:fc:e7:4e:d7:4a:c4:
                    21:82:b1:17:98:ed:94:40:54:53:fe:06:eb:77:89:
                    1d:c6:b9:15:4e:3f:20:6b:34:a4:01:9b:3b:da:21:
                    b7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:9F:E5:D7:4F:70:39:09:FE:A3:6B:FE:81:20:5F:47:0A:40:77:39
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:23:6e:70:f9:a2:12:58:09:f2:f4:6c:59:41:53:0b:a1:81:
         be:fb:1a:dd:4b:49:29:fb:96:aa:5c:35:c2:3d:7e:d1:52:bc:
         20:d6:2b:8c:f5:49:4d:ac:ff:a0:ca:ae:06:d4:1d:b1:68:08:
         06:32:ce:11:54:8c:99:28:07:8a:a5:95:a3:1b:3f:31:63:a8:
         b0:f3:5d:f5:51:5b:8d:ba:a1:86:80:b2:c7:40:2c:cd:73:6b:
         71:38:62:de:b7:e5:89:c1:40:46:6f:d0:ba:72:d8:3a:9b:78:
         43:42:d3:28:20:a6:43:51:35:ae:5e:67:58:f1:eb:d1:e6:86:
         e4:14:20:32:70:e2:fa:37:38:c0:cb:5c:96:ce:2d:fe:a8:5d:
         84:c4:70:2d:50:6f:20:aa:e6:4a:3e:82:b7:14:9f:80:60:c1:
         49:11:17:f6:cb:f4:1b:58:18:cf:ee:f6:c7:99:c0:04:6c:8f:
         80:5f:f6:0a:72:cd:50:d4:a3:5f:45:f4:fe:d1:c0:72:be:c2:
         c5:7a:77:ac:61:34:5d:6e:f9:af:da:5a:19:d8:67:5e:c3:61:
         0c:40:c7:d9:da:da:27:79:7a:03:7c:ae:12:d8:c9:23:fc:48:
         0c:26:60:fb:37:ab:0f:c3:b0:de:22:09:3e:8e:f6:e0:76:f6:
         bc:82:ad:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXWvbmYUXoIbD5vY0T1ZAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwNjEwMDEwMTA4WhcNMjUwNjExMDEwMTA4WjAzMTEwLwYDVQQD
EyhjMjlmZTVkNzRmNzAzOTA5ZmVhMzZiZmU4MTIwNWY0NzBhNDA3NzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxtB2EhhZRKSw4Ek0zIDvxAzfIaK
9wp33FoGn0rbiwP/uiOCveIkIImjvheR9y9iE5+R+6Op5AwXhIHB5XKEUfjypIeM
FFK974AG12UULcImbcgDmOdqVzl2Fqcf2+ClPXuy5GnLXRC45A8b9MlrnDyFX4x7
XwsbUvUwqU9fkkS3bikbOsqaloC9d8emLP4DLeD49/1ti3Q0Gommzfw9z1c2j40O
qAiFIWlZ7httyeBFQTo1U8iRivveperdexdfFrMZuKiQDYsy5+XJoGTPpTNlGrCb
/wovNrX8507XSsQhgrEXmO2UQFRT/gbrd4kdxrkVTj8gazSkAZs72iG3sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKf5ddPcDkJ/qNr/oEgX0cKQHc5MB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdiNucPmi
ElgJ8vRsWUFTC6GBvvsa3UtJKfuWqlw1wj1+0VK8INYrjPVJTaz/oMquBtQdsWgI
BjLOEVSMmSgHiqWVoxs/MWOosPNd9VFbjbqhhoCyx0AszXNrcThi3rflicFARm/Q
unLYOpt4Q0LTKCCmQ1E1rl5nWPHr0eaG5BQgMnDi+jc4wMtcls4t/qhdhMRwLVBv
IKrmSj6CtxSfgGDBSREX9sv0G1gYz+72x5nABGyPgF/2CnLNUNSjX0X0/tHAcr7C
xXp3rGE0XW75r9paGdhnXsNhDEDH2draJ3l6A3yuEtjJI/xIDCZg+zerD8Ow3iIJ
Po724Hb2vIKtmg==
-----END CERTIFICATE-----