Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.mft
File:                     HZGUbJzTuATxrX507zS_U7u6gws.mft (raw, json)
Hash identifier:          goJzmOjw3qWDRfKcj87D6tJF42CBj8BVV2Nnf09GtaI=
Subject key identifier:   F9:62:29:D9:8A:FE:84:57:BD:AB:44:C8:12:1C:60:A1:BF:91:77:CF
Authority key identifier: 1D:91:94:6C:9C:D3:B8:04:F1:AD:7E:74:EF:34:BF:53:BB:BA:83:0B
Certificate issuer:       /CN=1d91946c9cd3b804f1ad7e74ef34bf53bbba830b
Certificate serial:       019A71EECD012267159B434E47695C6D67E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HZGUbJzTuATxrX507zS_U7u6gws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.mft
Manifest number:          77
Signing time:             Tue 11 Nov 2025 08:01:06 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:06 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:06 +0000
Files and hashes:         1: HZGUbJzTuATxrX507zS_U7u6gws.crl (hash: 9GLsmjfUe/3Y3PLy6H4xL8aYM5kzQx/MO/9zjP9eOnY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HZGUbJzTuATxrX507zS_U7u6gws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:cd:01:22:67:15:9b:43:4e:47:69:5c:6d:67:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d91946c9cd3b804f1ad7e74ef34bf53bbba830b
        Validity
            Not Before: Nov 11 08:01:06 2025 GMT
            Not After : Nov 12 08:01:06 2025 GMT
        Subject: CN=f96229d98afe8457bdab44c8121c60a1bf9177cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:10:89:95:31:9d:85:38:a1:5e:d7:0c:e8:d1:
                    f4:3c:a6:c3:2e:1e:cc:cc:ca:4e:3b:3d:31:5e:eb:
                    69:ff:5e:bb:e9:6e:94:e9:fb:6f:34:7d:0e:0a:5b:
                    4c:88:fb:fd:c2:e4:39:e7:64:6f:59:23:59:f4:25:
                    80:a6:c7:d8:b4:ef:ee:c0:f1:fc:93:66:85:a3:a0:
                    ad:38:39:1c:d8:55:52:bb:1d:96:21:05:ac:e2:f9:
                    68:a6:33:61:90:63:14:1f:87:7b:56:20:24:5a:d1:
                    92:ed:d5:d9:c5:c1:e9:10:5e:02:d1:af:c9:49:4e:
                    1c:e0:c0:da:1a:bd:dd:74:72:d6:8b:64:e0:90:e8:
                    32:d9:44:f9:8a:99:e0:76:dd:53:2f:02:4a:38:27:
                    9b:46:57:9f:44:ad:09:aa:01:32:af:15:cc:6e:0c:
                    00:27:c9:e2:c3:2a:6e:70:5a:cc:c0:56:29:a1:23:
                    44:63:3a:14:c0:ad:48:a2:10:64:a9:85:be:53:4f:
                    cf:d4:c7:65:3e:a1:cf:5a:52:b4:69:9c:95:98:5c:
                    93:94:4d:50:d5:6f:4c:e2:1b:2e:41:03:06:85:54:
                    ea:1a:52:2c:94:6b:e1:77:17:f8:bb:62:80:7f:37:
                    40:50:74:6d:2d:3e:2c:2a:53:05:c3:d6:aa:45:94:
                    08:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:62:29:D9:8A:FE:84:57:BD:AB:44:C8:12:1C:60:A1:BF:91:77:CF
            X509v3 Authority Key Identifier:
                keyid:1D:91:94:6C:9C:D3:B8:04:F1:AD:7E:74:EF:34:BF:53:BB:BA:83:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZGUbJzTuATxrX507zS_U7u6gws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/2f0b9b-0629-4382-9389-82d6adb6c918/1/HZGUbJzTuATxrX507zS_U7u6gws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:ca:12:8e:6d:41:69:54:02:50:f6:a8:56:7e:d8:68:d7:4d:
         db:23:43:ed:cc:2e:f3:2f:c3:c6:88:72:7a:fa:a0:6b:97:27:
         fe:d9:cb:bd:2e:1e:cd:51:5a:bd:9b:18:6f:7e:7d:70:6e:d5:
         43:cc:2c:6e:a7:21:8b:69:10:59:2f:92:66:db:3a:34:8d:4e:
         67:8c:43:25:8b:1a:fe:4a:3c:b4:e6:e6:f8:5a:90:bc:c0:1f:
         b4:63:9e:9c:61:f7:c4:14:18:f3:d4:da:f0:9b:a5:bf:36:7e:
         cb:a6:a7:06:a8:53:3b:3a:a7:e4:9a:5b:3d:8c:7a:7c:47:49:
         e7:c8:6e:35:d6:9b:5b:1d:a8:72:b6:6c:6c:b5:fd:3c:85:73:
         56:92:bc:2c:e4:89:2a:e3:d2:ec:95:34:9d:6d:14:ba:c5:2c:
         0e:89:39:7f:b3:65:be:2a:aa:52:82:90:6c:8c:b0:15:25:e6:
         5f:ab:eb:77:20:9f:28:af:d5:4b:b1:cc:67:de:6d:21:90:a1:
         57:25:70:ea:40:09:92:f0:4a:21:f2:8c:34:5b:61:44:87:ed:
         a4:d4:ab:62:91:6e:d6:9c:c7:67:d7:bb:9d:02:e9:98:8f:7a:
         3a:a7:88:a5:1e:bf:97:9a:28:8e:07:b1:3b:06:8a:c1:b2:dc:
         c4:66:16:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7s0BImcVm0NOR2lcbWfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOTE5NDZjOWNkM2I4MDRmMWFkN2U3NGVmMzRiZjUzYmJi
YTgzMGIwHhcNMjUxMTExMDgwMTA2WhcNMjUxMTEyMDgwMTA2WjAzMTEwLwYDVQQD
EyhmOTYyMjlkOThhZmU4NDU3YmRhYjQ0YzgxMjFjNjBhMWJmOTE3N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BCJlTGdhTihXtcM6NH0PKbDLh7M
zMpOOz0xXutp/1676W6U6ftvNH0OCltMiPv9wuQ552RvWSNZ9CWApsfYtO/uwPH8
k2aFo6CtODkc2FVSux2WIQWs4vlopjNhkGMUH4d7ViAkWtGS7dXZxcHpEF4C0a/J
SU4c4MDaGr3ddHLWi2TgkOgy2UT5ipngdt1TLwJKOCebRlefRK0JqgEyrxXMbgwA
J8niwypucFrMwFYpoSNEYzoUwK1IohBkqYW+U0/P1MdlPqHPWlK0aZyVmFyTlE1Q
1W9M4hsuQQMGhVTqGlIslGvhdxf4u2KAfzdAUHRtLT4sKlMFw9aqRZQIBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPliKdmK/oRXvatEyBIcYKG/kXfPMB8GA1UdIwQY
MBaAFB2RlGyc07gE8a1+dO80v1O7uoMLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFpHVWJKelR1QVR4clg1MDd6U19VN3U2Z3dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8yZjBiOWItMDYyOS00MzgyLTkzODkt
ODJkNmFkYjZjOTE4LzEvSFpHVWJKelR1QVR4clg1MDd6U19VN3U2Z3dzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8yZjBiOWItMDYyOS00MzgyLTkzODktODJkNmFkYjZjOTE4
LzEvSFpHVWJKelR1QVR4clg1MDd6U19VN3U2Z3dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACsoSjm1B
aVQCUPaoVn7YaNdN2yND7cwu8y/Dxohyevqga5cn/tnLvS4ezVFavZsYb359cG7V
Q8wsbqchi2kQWS+SZts6NI1OZ4xDJYsa/ko8tObm+FqQvMAftGOenGH3xBQY89Ta
8JulvzZ+y6anBqhTOzqn5JpbPYx6fEdJ58huNdabWx2ocrZsbLX9PIVzVpK8LOSJ
KuPS7JU0nW0UusUsDok5f7NlviqqUoKQbIywFSXmX6vrdyCfKK/VS7HMZ95tIZCh
VyVw6kAJkvBKIfKMNFthRIftpNSrYpFu1pzHZ9e7nQLpmI96OqeIpR6/l5oojgex
OwaKwbLcxGYWbw==
-----END CERTIFICATE-----