Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          tGphuLtMXeYTbaTYakkwNbAvLDktFmWdsWBPQgmM6BU=
Subject key identifier:   C7:9A:61:0F:5A:5B:F9:E6:8C:D4:5A:04:8D:65:EA:BD:13:88:F5:B7
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       01974AE82B1951C6B02F0D3F2E98B08239C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          1577
Signing time:             Sat 07 Jun 2025 15:00:18 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:18 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:18 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: n0J1pyY+FhKK4qKWMkAwjoY5fuq6ZOoja6DengdzuYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 15:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:2b:19:51:c6:b0:2f:0d:3f:2e:98:b0:82:39:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: Jun  7 15:00:18 2025 GMT
            Not After : Jun  8 15:00:18 2025 GMT
        Subject: CN=c79a610f5a5bf9e68cd45a048d65eabd1388f5b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b7:18:3e:bf:1b:59:23:ac:db:be:4b:74:ce:
                    79:a6:12:65:db:dc:10:68:5d:47:5f:25:ab:b6:d8:
                    ab:d2:9a:9b:a3:ec:f7:71:d1:5f:15:47:a3:16:6d:
                    8d:18:d3:5b:7e:c6:27:7a:3d:c5:7a:c8:d5:41:fa:
                    af:10:64:86:7f:90:a7:56:23:f3:16:37:77:fd:27:
                    07:36:8d:53:9e:e5:c7:1e:a4:87:d9:33:a8:8d:f3:
                    61:38:b2:b1:90:ee:64:4f:42:12:c2:85:a5:13:33:
                    8e:fa:a4:1b:5d:43:29:9c:4d:28:19:16:3a:c6:4e:
                    69:9e:7b:08:49:0d:2b:b8:d3:5e:37:40:bd:21:73:
                    4d:69:17:c0:81:53:95:4f:92:8e:34:6f:1c:a1:35:
                    8c:5e:fe:9b:a3:b2:ec:b6:92:c7:ab:e7:8a:42:18:
                    90:23:13:01:49:bb:53:d1:c2:a5:e8:70:53:92:9e:
                    82:43:d1:ec:ff:bb:c1:7b:61:3a:92:93:d2:ac:37:
                    33:af:af:cd:ca:32:41:95:21:a7:f3:cb:89:31:7d:
                    48:6a:5f:c0:c5:29:3e:38:98:dd:fe:9d:0e:1c:60:
                    f0:16:b1:e2:da:55:99:bd:93:eb:1b:a8:65:91:1d:
                    6b:db:b2:93:e0:61:d2:2d:1b:b9:d6:05:62:22:8a:
                    9c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:9A:61:0F:5A:5B:F9:E6:8C:D4:5A:04:8D:65:EA:BD:13:88:F5:B7
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:66:09:b4:f1:fe:4c:a7:49:ef:24:a8:ad:4d:6c:e8:11:0c:
         16:b0:62:d3:33:c2:32:ec:0e:b0:9f:c0:cd:53:64:d5:04:bf:
         aa:eb:cc:09:0b:bd:29:ab:30:73:78:5f:f5:dc:cd:62:8f:96:
         4a:b2:2a:5a:fd:ee:36:cb:4c:16:e8:cf:14:ab:a1:21:4e:00:
         0e:f3:33:e7:25:2f:d4:b0:33:75:34:1c:2b:5b:12:8f:b3:6e:
         73:f3:ab:93:24:f0:b4:20:04:c9:99:d8:c2:ea:48:c1:f6:09:
         db:04:20:cc:c0:bc:e7:c0:53:38:f5:d7:a5:ed:23:08:ce:c3:
         30:7d:2e:42:ee:29:bf:df:eb:c5:6b:b9:fd:f9:c0:fd:9d:15:
         02:81:79:58:6c:dc:ac:39:62:3a:f3:35:79:95:b8:a9:b6:c8:
         95:9f:9f:ff:fb:58:9f:0f:0f:93:bd:90:52:02:c2:11:93:fb:
         94:30:0b:25:af:18:75:12:95:5d:91:21:5f:5f:49:68:42:4e:
         df:1b:ff:ae:b8:d2:48:dc:a7:f1:87:76:b9:0d:c2:41:b8:73:
         5e:1c:9b:98:57:95:19:86:db:e8:3a:0a:67:9c:43:f9:fc:4b:
         54:5b:1e:21:c2:40:ff:0c:50:4d:73:bb:51:87:f9:d9:e1:05:
         43:42:02:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6CsZUcawLw0/LpiwgjnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjUwNjA3MTUwMDE4WhcNMjUwNjA4MTUwMDE4WjAzMTEwLwYDVQQD
EyhjNzlhNjEwZjVhNWJmOWU2OGNkNDVhMDQ4ZDY1ZWFiZDEzODhmNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrcYPr8bWSOs275LdM55phJl29wQ
aF1HXyWrttir0pqbo+z3cdFfFUejFm2NGNNbfsYnej3FesjVQfqvEGSGf5CnViPz
Fjd3/ScHNo1TnuXHHqSH2TOojfNhOLKxkO5kT0ISwoWlEzOO+qQbXUMpnE0oGRY6
xk5pnnsISQ0ruNNeN0C9IXNNaRfAgVOVT5KONG8coTWMXv6bo7LstpLHq+eKQhiQ
IxMBSbtT0cKl6HBTkp6CQ9Hs/7vBe2E6kpPSrDczr6/NyjJBlSGn88uJMX1Ial/A
xSk+OJjd/p0OHGDwFrHi2lWZvZPrG6hlkR1r27KT4GHSLRu51gViIoqciQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMeaYQ9aW/nmjNRaBI1l6r0TiPW3MB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmmYJtPH+
TKdJ7ySorU1s6BEMFrBi0zPCMuwOsJ/AzVNk1QS/quvMCQu9Kaswc3hf9dzNYo+W
SrIqWv3uNstMFujPFKuhIU4ADvMz5yUv1LAzdTQcK1sSj7Nuc/OrkyTwtCAEyZnY
wupIwfYJ2wQgzMC858BTOPXXpe0jCM7DMH0uQu4pv9/rxWu5/fnA/Z0VAoF5WGzc
rDliOvM1eZW4qbbIlZ+f//tYnw8Pk72QUgLCEZP7lDALJa8YdRKVXZEhX19JaEJO
3xv/rrjSSNyn8Yd2uQ3CQbhzXhybmFeVGYbb6DoKZ5xD+fxLVFseIcJA/wxQTXO7
UYf52eEFQ0IC3A==
-----END CERTIFICATE-----