Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
File:                     HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft (raw, json)
Hash identifier:          yXsTp/8P9N2OR9RhMG2jMr67Oc8nHkiUMUYDcwCPzvI=
Subject key identifier:   CE:53:20:D4:D0:8E:47:87:38:20:88:3F:86:F5:EA:73:FD:6C:CB:B0
Authority key identifier: 1F:3B:F2:37:56:C6:E7:D6:4D:68:22:F5:97:B1:D5:80:49:BD:48:F1
Certificate issuer:       /CN=1f3bf23756c6e7d64d6822f597b1d58049bd48f1
Certificate serial:       0197499F3573C4B311F77B61055AA3BD6D05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
Manifest number:          01C7
Signing time:             Sat 07 Jun 2025 09:00:59 +0000
Manifest this update:     Sat 07 Jun 2025 09:00:59 +0000
Manifest next update:     Sun 08 Jun 2025 09:00:59 +0000
Files and hashes:         1: HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl (hash: gKXY+5YfGvWBKx5KIwSyXsgbWSTIk7Aeujz96PHSG1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:9f:35:73:c4:b3:11:f7:7b:61:05:5a:a3:bd:6d:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3bf23756c6e7d64d6822f597b1d58049bd48f1
        Validity
            Not Before: Jun  7 09:00:59 2025 GMT
            Not After : Jun  8 09:00:59 2025 GMT
        Subject: CN=ce5320d4d08e47873820883f86f5ea73fd6ccbb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:0d:ca:04:3c:5a:7f:9f:91:d3:56:c3:d9:65:
                    73:1a:ef:cf:a5:84:1e:f7:83:f5:f3:f6:d4:54:fa:
                    8f:3e:31:4b:73:24:74:28:28:0e:0d:1c:2a:1f:c2:
                    c9:59:7f:12:28:3f:74:1d:ab:cb:ee:a3:64:7b:a4:
                    3f:63:8e:b1:50:8e:e6:42:ae:29:39:40:8d:b2:64:
                    96:89:f8:3a:7a:2f:a2:14:f3:2d:92:27:e0:60:cc:
                    34:e3:c4:c3:02:03:8a:97:06:b8:51:f8:67:97:3b:
                    fb:a9:d1:f1:53:b5:17:56:e9:d2:08:5f:32:f0:07:
                    f6:c4:41:b8:b8:d4:b9:6b:40:82:1f:6b:f0:5e:43:
                    d0:88:e5:aa:cb:53:7f:67:fd:a8:fc:dd:0f:15:25:
                    f1:43:b0:36:aa:3b:5f:e6:d0:3f:ed:71:73:a7:ee:
                    e1:ad:19:7d:65:f3:57:08:6d:65:8d:e7:ed:3d:b3:
                    c7:96:da:2c:2b:89:09:60:9d:54:f6:c4:91:bb:6d:
                    67:57:a0:fd:b1:17:64:c3:69:7c:93:eb:9f:a1:92:
                    2c:a8:ea:54:27:f0:3f:26:02:38:33:fa:45:42:f6:
                    d5:19:0c:75:b5:27:f6:eb:53:9f:e6:77:b6:32:02:
                    c1:ea:a9:3c:a0:2e:05:7c:a8:b1:e7:bd:96:1b:61:
                    02:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:53:20:D4:D0:8E:47:87:38:20:88:3F:86:F5:EA:73:FD:6C:CB:B0
            X509v3 Authority Key Identifier:
                keyid:1F:3B:F2:37:56:C6:E7:D6:4D:68:22:F5:97:B1:D5:80:49:BD:48:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzvyN1bG59ZNaCL1l7HVgEm9SPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1bce2-f6d8-48aa-9632-43dc2dbcab77/1/HzvyN1bG59ZNaCL1l7HVgEm9SPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:d4:89:53:79:96:ef:af:cf:50:1b:d3:30:3f:55:48:41:b1:
         8b:a3:d5:30:d7:19:19:64:cb:0c:b3:64:08:15:e6:06:60:62:
         92:87:2c:4d:b2:06:53:8e:86:96:23:b4:15:63:31:e1:9d:69:
         cf:53:2f:93:be:4c:59:ab:82:0f:f0:bf:33:ca:2b:f9:2b:bd:
         f3:57:f2:9a:e5:e7:47:af:51:d1:5a:94:5b:74:bf:1d:48:d6:
         45:a6:c1:9b:ce:22:49:98:7a:a7:1a:ff:33:c2:bc:9f:38:2b:
         c8:77:a3:0a:18:29:0c:7b:09:fc:4f:07:e5:2c:eb:e2:30:27:
         be:0d:b9:b0:8c:37:37:89:05:ee:07:76:14:2f:f4:6d:e6:de:
         f7:ec:5d:e7:af:5a:73:4c:e5:20:74:ad:c3:a8:01:bd:c1:de:
         db:c5:70:2b:20:34:0f:55:d6:52:28:92:18:c8:e7:b5:31:8c:
         70:30:2a:78:bb:64:ec:bd:e9:58:1d:1b:bd:53:0f:61:bd:03:
         d5:3b:6d:5e:d4:b8:28:b1:ba:86:9a:09:67:82:d7:d1:84:3e:
         b7:54:5f:99:79:93:45:77:67:ea:05:be:cc:22:56:29:ec:35:
         37:e2:51:3e:74:23:b1:3e:d5:9f:f6:c8:ed:0d:cd:90:73:d9:
         6f:09:71:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJnzVzxLMR93thBVqjvW0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2JmMjM3NTZjNmU3ZDY0ZDY4MjJmNTk3YjFkNTgwNDli
ZDQ4ZjEwHhcNMjUwNjA3MDkwMDU5WhcNMjUwNjA4MDkwMDU5WjAzMTEwLwYDVQQD
EyhjZTUzMjBkNGQwOGU0Nzg3MzgyMDg4M2Y4NmY1ZWE3M2ZkNmNjYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0w3KBDxaf5+R01bD2WVzGu/PpYQe
94P18/bUVPqPPjFLcyR0KCgODRwqH8LJWX8SKD90HavL7qNke6Q/Y46xUI7mQq4p
OUCNsmSWifg6ei+iFPMtkifgYMw048TDAgOKlwa4Ufhnlzv7qdHxU7UXVunSCF8y
8Af2xEG4uNS5a0CCH2vwXkPQiOWqy1N/Z/2o/N0PFSXxQ7A2qjtf5tA/7XFzp+7h
rRl9ZfNXCG1ljeftPbPHltosK4kJYJ1U9sSRu21nV6D9sRdkw2l8k+ufoZIsqOpU
J/A/JgI4M/pFQvbVGQx1tSf261Of5ne2MgLB6qk8oC4FfKix572WG2ECyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5TINTQjkeHOCCIP4b16nP9bMuwMB8GA1UdIwQY
MBaAFB878jdWxufWTWgi9Zex1YBJvUjxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kMWJjZTItZjZkOC00OGFhLTk2MzIt
NDNkYzJkYmNhYjc3LzEvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9kMWJjZTItZjZkOC00OGFhLTk2MzItNDNkYzJkYmNhYjc3
LzEvSHp2eU4xYkc1OVpOYUNMMWw3SFZnRW05U1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAidSJU3mW
76/PUBvTMD9VSEGxi6PVMNcZGWTLDLNkCBXmBmBikocsTbIGU46GliO0FWMx4Z1p
z1Mvk75MWauCD/C/M8or+Su981fymuXnR69R0VqUW3S/HUjWRabBm84iSZh6pxr/
M8K8nzgryHejChgpDHsJ/E8H5Szr4jAnvg25sIw3N4kF7gd2FC/0bebe9+xd569a
c0zlIHStw6gBvcHe28VwKyA0D1XWUiiSGMjntTGMcDAqeLtk7L3pWB0bvVMPYb0D
1TttXtS4KLG6hpoJZ4LX0YQ+t1RfmXmTRXdn6gW+zCJWKew1N+JRPnQjsT7Vn/bI
7Q3NkHPZbwlxDg==
-----END CERTIFICATE-----