Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          RIVR20IucE//tL8OOM8zG6F7RMFlnulCgTyhEF9Tugg=
Subject key identifier:   D9:40:8F:0D:50:FF:9B:51:BF:70:C1:0E:76:A7:81:82:A1:F6:84:1E
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019917647D9821F93B0999A7FBB8126D3CE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          1669
Signing time:             Fri 05 Sep 2025 01:01:25 +0000
Manifest this update:     Fri 05 Sep 2025 01:01:25 +0000
Manifest next update:     Sat 06 Sep 2025 01:01:25 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: 5F4Z6m2DbjAA1k54SYxyI05Z5GSMoR55E8y1KGxfYb8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:64:7d:98:21:f9:3b:09:99:a7:fb:b8:12:6d:3c:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Sep  5 01:01:25 2025 GMT
            Not After : Sep  6 01:01:25 2025 GMT
        Subject: CN=d9408f0d50ff9b51bf70c10e76a78182a1f6841e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f6:cc:6c:c9:c9:94:34:4b:0d:a8:ee:a7:ac:
                    56:88:81:97:0e:5d:cc:d4:32:0a:38:23:eb:6b:df:
                    0c:b9:7b:96:02:4d:15:2d:51:c5:d9:8c:3a:53:70:
                    4e:cc:f2:e0:37:ee:2e:bf:ae:ce:57:5c:fa:7c:1f:
                    64:c4:99:eb:e9:fa:c1:46:7e:ec:9a:a6:2b:41:6e:
                    1a:e4:ab:0c:84:53:1f:1a:c8:24:9b:21:ed:ac:ef:
                    22:97:47:d8:8f:68:13:31:53:06:c7:74:66:ae:3e:
                    39:b0:70:e4:15:3b:e3:47:6d:fd:d9:8f:9b:e4:d1:
                    f7:32:ca:08:70:32:eb:45:a1:f9:64:17:a1:e4:94:
                    2a:a9:f5:0f:06:55:38:ba:9b:f2:ec:f3:d8:fd:e6:
                    d4:07:1c:e7:d1:c1:fc:ed:34:82:b9:0d:b6:4a:c3:
                    78:c5:11:6f:50:1a:35:28:21:dd:6b:69:66:c3:bd:
                    25:75:a9:1e:13:6e:68:ac:1c:e6:b1:18:f7:70:90:
                    6a:bb:92:78:98:f3:82:3d:00:33:ea:32:4b:6e:80:
                    87:90:3e:fa:da:c1:23:a9:11:84:65:1c:1b:9d:12:
                    14:a2:f9:cc:02:6b:e2:5d:a7:30:5b:cb:40:62:01:
                    c0:db:fc:68:de:dd:69:98:54:57:43:99:22:e4:5f:
                    97:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:40:8F:0D:50:FF:9B:51:BF:70:C1:0E:76:A7:81:82:A1:F6:84:1E
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:b4:58:7c:bb:96:8c:68:c1:6c:94:06:51:ec:fa:f5:03:af:
         82:d5:a1:d9:30:b4:7e:1a:20:d2:5b:40:55:61:e2:30:22:75:
         09:14:ad:65:7f:bb:bf:1e:69:f6:d8:3e:a7:94:9c:5e:9a:28:
         4d:3f:3a:63:89:30:52:55:ba:e9:46:18:00:0e:01:68:6c:e4:
         6d:36:28:d6:e5:91:c2:a2:36:04:00:8c:77:77:57:9b:1b:a6:
         48:c0:58:5b:51:4d:33:2e:e5:cd:10:eb:4e:a2:94:c8:e6:66:
         c9:53:6f:1a:4d:29:eb:0e:f7:54:48:f6:db:81:fb:bc:06:00:
         57:f6:9f:f3:8f:64:51:32:9f:97:3d:97:d7:f9:97:68:bc:23:
         4f:30:8a:69:5a:6d:57:89:e0:d1:4a:60:fd:57:ab:2b:25:39:
         d7:65:bf:b8:da:29:aa:88:24:fc:79:07:69:88:c1:be:0d:c8:
         68:3a:f8:bc:7f:80:7b:50:e9:90:6b:1f:33:da:26:06:99:86:
         fb:65:d6:da:25:02:ff:ee:06:f6:de:a7:94:18:b5:f5:75:54:
         15:3f:9b:e3:e2:ce:83:a7:f6:f0:bd:e4:46:9e:fd:37:53:2e:
         87:cf:5f:22:30:dc:7e:15:a8:16:5c:f2:95:0a:70:70:25:f2:
         39:16:ca:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXZH2YIfk7CZmn+7gSbTzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwOTA1MDEwMTI1WhcNMjUwOTA2MDEwMTI1WjAzMTEwLwYDVQQD
EyhkOTQwOGYwZDUwZmY5YjUxYmY3MGMxMGU3NmE3ODE4MmExZjY4NDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPbMbMnJlDRLDajup6xWiIGXDl3M
1DIKOCPra98MuXuWAk0VLVHF2Yw6U3BOzPLgN+4uv67OV1z6fB9kxJnr6frBRn7s
mqYrQW4a5KsMhFMfGsgkmyHtrO8il0fYj2gTMVMGx3Rmrj45sHDkFTvjR2392Y+b
5NH3MsoIcDLrRaH5ZBeh5JQqqfUPBlU4upvy7PPY/ebUBxzn0cH87TSCuQ22SsN4
xRFvUBo1KCHda2lmw70ldakeE25orBzmsRj3cJBqu5J4mPOCPQAz6jJLboCHkD76
2sEjqRGEZRwbnRIUovnMAmviXacwW8tAYgHA2/xo3t1pmFRXQ5ki5F+X6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNlAjw1Q/5tRv3DBDnangYKh9oQeMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAibRYfLuW
jGjBbJQGUez69QOvgtWh2TC0fhog0ltAVWHiMCJ1CRStZX+7vx5p9tg+p5ScXpoo
TT86Y4kwUlW66UYYAA4BaGzkbTYo1uWRwqI2BACMd3dXmxumSMBYW1FNMy7lzRDr
TqKUyOZmyVNvGk0p6w73VEj224H7vAYAV/af849kUTKflz2X1/mXaLwjTzCKaVpt
V4ng0Upg/VerKyU512W/uNopqogk/HkHaYjBvg3IaDr4vH+Ae1DpkGsfM9omBpmG
+2XW2iUC/+4G9t6nlBi19XVUFT+b4+LOg6f28L3kRp79N1Muh89fIjDcfhWoFlzy
lQpwcCXyORbKfg==
-----END CERTIFICATE-----