Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
File:                     HzjUsMuomcJPTjQHOE1tP6jVGl8.mft (raw, json)
Hash identifier:          iLqjLKvkq5ofwLE5w3wWFAURmpaXkcu3CUNIfyC4YTw=
Subject key identifier:   86:4C:16:5F:B8:70:5A:CF:47:E5:41:BE:A2:17:F2:F2:F2:37:6F:B0
Authority key identifier: 1F:38:D4:B0:CB:A8:99:C2:4F:4E:34:07:38:4D:6D:3F:A8:D5:1A:5F
Certificate issuer:       /CN=1f38d4b0cba899c24f4e3407384d6d3fa8d51a5f
Certificate serial:       01974AE8ECFEA89DC8987A91BC54FBC82A9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
Manifest number:          0347
Signing time:             Sat 07 Jun 2025 15:01:08 +0000
Manifest this update:     Sat 07 Jun 2025 15:01:08 +0000
Manifest next update:     Sun 08 Jun 2025 15:01:08 +0000
Files and hashes:         1: HzjUsMuomcJPTjQHOE1tP6jVGl8.crl (hash: yx4cC7yDkOiCS+HpKF4XZ3F1cSyLMAhOEw3UukJroc4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:ec:fe:a8:9d:c8:98:7a:91:bc:54:fb:c8:2a:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f38d4b0cba899c24f4e3407384d6d3fa8d51a5f
        Validity
            Not Before: Jun  7 15:01:08 2025 GMT
            Not After : Jun  8 15:01:08 2025 GMT
        Subject: CN=864c165fb8705acf47e541bea217f2f2f2376fb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8a:42:40:d2:ed:9a:35:4b:61:e9:4a:fe:d3:
                    d2:0e:90:1c:f0:cb:13:f7:ae:08:43:ca:cc:70:42:
                    76:27:f6:34:23:99:45:08:ea:71:76:1c:49:39:5a:
                    12:72:94:0d:ca:5b:d2:82:25:95:ee:7a:b9:f2:96:
                    f1:8f:a8:ad:38:20:fa:a5:27:30:e8:86:33:48:e9:
                    8c:50:79:7a:2d:db:e6:fa:6b:7f:e1:25:7b:92:5d:
                    5e:79:1b:18:c4:aa:f3:8e:4c:25:e2:37:d9:0b:44:
                    31:87:9a:0a:58:12:25:3b:e8:e9:6d:1b:44:14:6a:
                    c9:d5:81:f6:cd:38:5b:1d:f2:a3:2d:b8:d2:79:8e:
                    12:82:20:5f:23:2e:83:1c:80:53:62:fd:66:08:19:
                    6b:db:ec:35:e5:4a:dd:ab:f9:2f:fe:45:16:ac:34:
                    f1:21:70:78:95:34:a7:9a:b0:cd:e9:7e:70:36:6e:
                    6e:c6:ee:f5:1c:c6:ea:65:96:22:38:c9:7a:16:58:
                    a8:d6:ab:3c:b6:9f:65:fb:45:ec:fb:f4:86:98:b8:
                    b9:d9:5d:d3:85:dd:c5:be:98:8d:04:49:14:c7:d9:
                    da:09:fb:bf:47:dc:95:37:66:c4:28:02:de:b8:67:
                    96:5e:63:e8:6c:7e:19:b3:3f:77:0f:32:e9:d6:6a:
                    be:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:4C:16:5F:B8:70:5A:CF:47:E5:41:BE:A2:17:F2:F2:F2:37:6F:B0
            X509v3 Authority Key Identifier:
                keyid:1F:38:D4:B0:CB:A8:99:C2:4F:4E:34:07:38:4D:6D:3F:A8:D5:1A:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:a5:ab:69:b5:b3:83:5c:3c:98:12:03:92:7b:3d:b6:83:76:
         4b:db:be:e9:f6:38:9c:d4:5e:3e:1e:40:6e:9e:25:63:fd:ce:
         38:53:bd:a5:c0:1d:b1:8c:bd:40:e9:5a:f3:ac:29:f0:38:7d:
         6f:d3:7b:bc:f2:d3:59:5a:80:ae:f9:36:82:24:71:59:6c:cb:
         e2:e7:c0:43:d2:23:fe:f1:4b:80:28:7b:c3:64:58:0f:ba:12:
         d1:d8:78:48:34:81:43:9f:86:88:32:df:92:09:18:b1:1f:fd:
         1f:56:b9:81:e3:5c:65:94:b5:3e:db:2a:44:8c:b0:02:92:90:
         e6:e1:82:16:e3:8c:84:f2:46:49:97:21:d0:8d:51:ae:4b:42:
         2b:79:a5:2e:b2:1f:bc:71:0a:bf:e3:58:2b:95:34:ea:40:97:
         55:9b:51:3a:90:b9:e6:7a:83:e3:ba:7b:5b:de:ca:29:da:97:
         fd:e3:bf:b8:00:ef:59:7d:03:cd:29:2d:3b:ee:15:5b:a4:0c:
         2f:d8:04:e7:ce:b7:ad:96:31:c4:7e:f6:fd:c9:f5:be:ec:2c:
         63:60:2b:b3:e0:d5:4b:97:af:dd:0e:e9:57:e2:fa:ab:31:03:
         04:ad:be:65:c6:e2:cf:47:65:28:33:d3:59:29:12:3f:e2:ef:
         3b:e1:d3:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6Oz+qJ3ImHqRvFT7yCqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzhkNGIwY2JhODk5YzI0ZjRlMzQwNzM4NGQ2ZDNmYThk
NTFhNWYwHhcNMjUwNjA3MTUwMTA4WhcNMjUwNjA4MTUwMTA4WjAzMTEwLwYDVQQD
Eyg4NjRjMTY1ZmI4NzA1YWNmNDdlNTQxYmVhMjE3ZjJmMmYyMzc2ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4pCQNLtmjVLYelK/tPSDpAc8MsT
964IQ8rMcEJ2J/Y0I5lFCOpxdhxJOVoScpQNylvSgiWV7nq58pbxj6itOCD6pScw
6IYzSOmMUHl6Ldvm+mt/4SV7kl1eeRsYxKrzjkwl4jfZC0Qxh5oKWBIlO+jpbRtE
FGrJ1YH2zThbHfKjLbjSeY4SgiBfIy6DHIBTYv1mCBlr2+w15Urdq/kv/kUWrDTx
IXB4lTSnmrDN6X5wNm5uxu71HMbqZZYiOMl6Flio1qs8tp9l+0Xs+/SGmLi52V3T
hd3FvpiNBEkUx9naCfu/R9yVN2bEKALeuGeWXmPobH4Zsz93DzLp1mq+RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZMFl+4cFrPR+VBvqIX8vLyN2+wMB8GA1UdIwQY
MBaAFB841LDLqJnCT040BzhNbT+o1RpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8xNmNmN2QtYTE1MS00OWVjLThkOGEt
M2EyODhjMmM4NTJjLzEvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8xNmNmN2QtYTE1MS00OWVjLThkOGEtM2EyODhjMmM4NTJj
LzEvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfaWrabWz
g1w8mBIDkns9toN2S9u+6fY4nNRePh5Abp4lY/3OOFO9pcAdsYy9QOla86wp8Dh9
b9N7vPLTWVqArvk2giRxWWzL4ufAQ9Ij/vFLgCh7w2RYD7oS0dh4SDSBQ5+GiDLf
kgkYsR/9H1a5geNcZZS1PtsqRIywApKQ5uGCFuOMhPJGSZch0I1RrktCK3mlLrIf
vHEKv+NYK5U06kCXVZtROpC55nqD47p7W97KKdqX/eO/uADvWX0DzSktO+4VW6QM
L9gE5863rZYxxH72/cn1vuwsY2Ars+DVS5ev3Q7pV+L6qzEDBK2+Zcbiz0dlKDPT
WSkSP+LvO+HT4w==
-----END CERTIFICATE-----