Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          OLSX59LystkgLV3E40+j0xqrP+mROktmmKRxiCpSAWE=
Subject key identifier:   2F:BE:74:68:05:44:DA:F9:5B:CB:6D:55:F2:4B:2A:08:BC:97:F4:CA
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       01976AAAC4E1413B23977ACD4E20C27C946F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          158B
Signing time:             Fri 13 Jun 2025 19:01:05 +0000
Manifest this update:     Fri 13 Jun 2025 19:01:05 +0000
Manifest next update:     Sat 14 Jun 2025 19:01:05 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: 6nnEe3YL7TQ6GEXYhyyJ58ZaWei28wayS3eyCXMt7pY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:aa:c4:e1:41:3b:23:97:7a:cd:4e:20:c2:7c:94:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Jun 13 19:01:05 2025 GMT
            Not After : Jun 14 19:01:05 2025 GMT
        Subject: CN=2fbe74680544daf95bcb6d55f24b2a08bc97f4ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:2b:7d:54:7c:d9:2d:4e:6b:17:37:38:89:ef:
                    91:ef:8f:cb:cf:f1:d5:6c:0c:4d:ff:76:b5:04:b8:
                    25:c8:7b:0f:da:c8:7a:3f:cf:d9:07:5b:3b:d4:3a:
                    53:53:b2:36:ee:73:31:37:ce:41:d4:2c:9c:80:e3:
                    47:65:40:59:d7:40:81:a3:ce:af:f0:6a:1b:68:f1:
                    63:18:8d:2b:2b:87:aa:93:53:0f:e5:74:eb:3f:91:
                    83:23:54:6e:e7:f3:16:f8:b9:13:39:6e:07:01:04:
                    9b:34:9b:20:dd:50:b7:55:58:31:89:e3:c8:6e:8a:
                    c2:1c:9a:60:62:32:8c:0e:3d:8d:c7:40:0e:c8:ec:
                    a6:c0:a3:f9:06:d9:76:65:eb:bd:9e:dd:e3:70:bb:
                    35:88:be:ba:90:ad:ca:a8:fe:8c:21:b5:f2:83:ee:
                    8b:01:9f:16:60:8e:6a:7d:19:5d:cf:7a:9b:8e:b0:
                    0f:87:b0:d0:5b:ea:08:55:87:9d:a7:82:f1:0c:6b:
                    29:67:c9:78:84:0b:3d:25:7c:f3:fa:f6:e3:f6:02:
                    60:f9:4e:aa:4c:93:3a:1a:a2:28:c7:0b:c0:f7:a3:
                    5d:2a:e7:dc:28:fb:a8:73:40:3b:56:ce:93:d2:d3:
                    b1:15:69:0d:f2:23:b7:6e:51:14:c8:65:09:65:9c:
                    e4:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:BE:74:68:05:44:DA:F9:5B:CB:6D:55:F2:4B:2A:08:BC:97:F4:CA
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:06:7e:c4:6b:5e:81:bd:e9:37:d9:c6:6c:04:f4:a2:2a:f2:
         3d:c8:37:7d:bf:72:04:cf:2b:e3:02:be:d0:4f:91:65:52:7d:
         a7:63:a0:52:a3:14:0d:58:fa:7d:28:07:6d:73:ef:4c:a0:1f:
         45:78:01:5d:42:b6:ca:cc:47:8f:a7:b6:fd:2e:5e:6c:e1:0d:
         58:c5:e9:e9:87:86:e5:02:22:1a:2f:3e:00:6f:86:a0:b9:9e:
         a9:4f:e5:a7:75:6f:b8:8e:c3:d3:e2:5e:94:89:74:6a:6a:90:
         8c:a0:d6:37:17:24:83:b6:b6:5f:7a:91:5c:f9:27:5f:ea:ab:
         be:c7:d0:69:6f:bf:92:50:72:72:e8:47:09:cf:0c:bc:ec:26:
         3f:a2:17:1f:a7:ad:53:19:9b:65:0b:df:52:41:ac:6f:8c:70:
         69:49:c9:a9:93:1a:d5:34:a1:97:1f:c8:e7:86:af:47:90:1e:
         b2:6a:03:d5:73:75:54:5e:a8:70:97:e6:e1:19:22:3c:1c:bc:
         a8:37:33:74:ba:c8:06:38:dc:72:aa:7e:30:76:ce:5c:ac:53:
         f5:98:7e:6b:74:45:7f:3d:a7:71:79:81:2b:71:da:a7:cd:84:
         da:f5:1e:25:1c:d9:7c:4e:29:87:28:bb:9b:a8:cc:38:6e:e8:
         6d:66:5a:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqqsThQTsjl3rNTiDCfJRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwNjEzMTkwMTA1WhcNMjUwNjE0MTkwMTA1WjAzMTEwLwYDVQQD
EygyZmJlNzQ2ODA1NDRkYWY5NWJjYjZkNTVmMjRiMmEwOGJjOTdmNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Ct9VHzZLU5rFzc4ie+R74/Lz/HV
bAxN/3a1BLglyHsP2sh6P8/ZB1s71DpTU7I27nMxN85B1CycgONHZUBZ10CBo86v
8GobaPFjGI0rK4eqk1MP5XTrP5GDI1Ru5/MW+LkTOW4HAQSbNJsg3VC3VVgxiePI
borCHJpgYjKMDj2Nx0AOyOymwKP5Btl2Zeu9nt3jcLs1iL66kK3KqP6MIbXyg+6L
AZ8WYI5qfRldz3qbjrAPh7DQW+oIVYedp4LxDGspZ8l4hAs9JXzz+vbj9gJg+U6q
TJM6GqIoxwvA96NdKufcKPuoc0A7Vs6T0tOxFWkN8iO3blEUyGUJZZzk/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC++dGgFRNr5W8ttVfJLKgi8l/TKMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdAZ+xGte
gb3pN9nGbAT0oiryPcg3fb9yBM8r4wK+0E+RZVJ9p2OgUqMUDVj6fSgHbXPvTKAf
RXgBXUK2ysxHj6e2/S5ebOENWMXp6YeG5QIiGi8+AG+GoLmeqU/lp3VvuI7D0+Je
lIl0amqQjKDWNxckg7a2X3qRXPknX+qrvsfQaW+/klBycuhHCc8MvOwmP6IXH6et
UxmbZQvfUkGsb4xwaUnJqZMa1TShlx/I54avR5AesmoD1XN1VF6ocJfm4RkiPBy8
qDczdLrIBjjccqp+MHbOXKxT9Zh+a3RFfz2ncXmBK3Hap82E2vUeJRzZfE4phyi7
m6jMOG7obWZa7w==
-----END CERTIFICATE-----