Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
File:                     HzkK-DPX1CaQQsJJvPSWSFcglbY.mft (raw, json)
Hash identifier:          cSMSR6oZihMbj8tHEzr+qD9ymoSqYLc28BYX7Ytwdig=
Subject key identifier:   0A:FD:84:ED:0D:C6:16:AD:C3:D2:A9:B7:68:A6:D1:ED:D5:02:62:56
Authority key identifier: 1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6
Certificate issuer:       /CN=1f390af833d7d4269042c249bcf49648572095b6
Certificate serial:       01958C611195A74ABA38AA1390E8BEADB846
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
Manifest number:          0F35
Signing time:             Wed 12 Mar 2025 22:02:06 +0000
Manifest this update:     Wed 12 Mar 2025 22:02:06 +0000
Manifest next update:     Thu 13 Mar 2025 22:02:06 +0000
Files and hashes:         1: HzkK-DPX1CaQQsJJvPSWSFcglbY.crl (hash: upnrT2qybS2YunFgx0koMKvIgMBCtVGQIegiCx+CCPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:61:11:95:a7:4a:ba:38:aa:13:90:e8:be:ad:b8:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f390af833d7d4269042c249bcf49648572095b6
        Validity
            Not Before: Mar 12 22:02:06 2025 GMT
            Not After : Mar 13 22:02:06 2025 GMT
        Subject: CN=0afd84ed0dc616adc3d2a9b768a6d1edd5026256
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:58:96:47:c8:4a:f3:f8:c4:ef:1d:82:70:fa:
                    c4:1a:5e:71:89:3f:a3:dc:8e:6d:ee:b9:7e:b9:ad:
                    32:83:18:b6:d1:59:52:e8:40:f0:5f:74:8f:d1:2e:
                    61:6b:4f:40:04:52:95:41:bb:8b:d4:65:02:55:b5:
                    56:8e:7e:e1:c2:c0:67:ef:b6:2e:2e:3e:98:94:40:
                    80:9a:9f:1d:70:d8:09:89:73:f7:bc:6c:65:5d:75:
                    3a:bb:a1:ac:22:b4:9a:e5:fe:70:fa:b7:1d:a4:c7:
                    a4:ba:00:fa:ed:58:ef:db:3a:44:bc:38:a9:97:63:
                    5e:5a:68:65:86:45:85:80:3e:cd:d1:67:58:51:5b:
                    8d:aa:a9:98:5f:92:1b:bc:be:8a:5d:8c:2d:12:7c:
                    65:db:e4:ae:89:55:61:84:69:57:0a:91:ac:fe:5e:
                    3b:55:3f:b8:17:4a:45:4b:67:a1:30:fc:73:d7:ec:
                    16:10:01:69:f3:52:33:91:20:da:d0:62:5f:8d:46:
                    95:4f:8d:6a:16:37:39:7d:cb:c5:69:49:5e:d4:7f:
                    a8:13:e5:0b:fa:d7:1e:2c:1a:b0:2e:90:45:07:8d:
                    3d:44:62:e9:56:43:21:b6:ca:b9:6e:46:fb:8e:0b:
                    4e:10:0d:c1:bf:58:cc:b6:49:62:19:f0:8c:9c:e0:
                    ec:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:FD:84:ED:0D:C6:16:AD:C3:D2:A9:B7:68:A6:D1:ED:D5:02:62:56
            X509v3 Authority Key Identifier:
                keyid:1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:8d:8b:be:eb:01:1e:09:90:a8:cf:56:97:8c:45:ec:2a:ad:
         df:84:ec:82:11:06:b3:35:dd:11:f3:ef:37:80:36:80:6d:2f:
         4f:76:f6:07:81:36:7b:24:2f:b1:c1:18:64:19:f5:86:a9:db:
         d5:84:1b:fd:5b:b5:f6:5a:f2:a4:99:39:3c:6f:44:1d:cf:2c:
         fc:19:f0:a1:d4:5e:d7:35:30:4f:f8:59:c2:25:53:3b:af:33:
         f3:d5:3b:68:de:94:ed:1e:a2:26:77:58:b7:48:31:f2:75:04:
         27:32:d3:ee:44:ff:88:c6:62:b0:c8:0e:9c:df:04:28:3a:42:
         0f:01:87:a2:7e:0f:fd:b1:74:f1:26:c5:e3:da:d0:a9:49:cc:
         c6:8e:bb:d2:ec:27:8f:2f:cc:57:3b:a7:e7:b1:85:d8:00:57:
         80:e3:c7:b4:05:3e:2f:98:fd:4d:58:43:99:16:e5:2c:a6:90:
         da:2b:c5:c4:2e:97:8b:4f:65:7c:8f:69:75:7d:c9:e4:35:0f:
         8e:d6:85:7f:e7:47:64:16:8d:b0:99:1f:51:e4:ff:35:6c:55:
         09:c2:44:b7:29:30:ae:b9:f9:85:46:4c:64:5a:2c:8c:eb:da:
         2c:9a:db:11:1a:81:06:96:59:30:04:ff:96:b5:ba:49:af:1e:
         6b:69:94:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMYRGVp0q6OKoTkOi+rbhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzkwYWY4MzNkN2Q0MjY5MDQyYzI0OWJjZjQ5NjQ4NTcy
MDk1YjYwHhcNMjUwMzEyMjIwMjA2WhcNMjUwMzEzMjIwMjA2WjAzMTEwLwYDVQQD
EygwYWZkODRlZDBkYzYxNmFkYzNkMmE5Yjc2OGE2ZDFlZGQ1MDI2MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmViWR8hK8/jE7x2CcPrEGl5xiT+j
3I5t7rl+ua0ygxi20VlS6EDwX3SP0S5ha09ABFKVQbuL1GUCVbVWjn7hwsBn77Yu
Lj6YlECAmp8dcNgJiXP3vGxlXXU6u6GsIrSa5f5w+rcdpMekugD67Vjv2zpEvDip
l2NeWmhlhkWFgD7N0WdYUVuNqqmYX5IbvL6KXYwtEnxl2+SuiVVhhGlXCpGs/l47
VT+4F0pFS2ehMPxz1+wWEAFp81IzkSDa0GJfjUaVT41qFjc5fcvFaUle1H+oE+UL
+tceLBqwLpBFB409RGLpVkMhtsq5bkb7jgtOEA3Bv1jMtkliGfCMnODseQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAr9hO0Nxhatw9Kpt2im0e3VAmJWMB8GA1UdIwQY
MBaAFB85Cvgz19QmkELCSbz0lkhXIJW2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEt
ZDc1ODM3MmNmOGYwLzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEtZDc1ODM3MmNmOGYw
LzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYI2LvusB
HgmQqM9Wl4xF7Cqt34TsghEGszXdEfPvN4A2gG0vT3b2B4E2eyQvscEYZBn1hqnb
1YQb/Vu19lrypJk5PG9EHc8s/BnwodRe1zUwT/hZwiVTO68z89U7aN6U7R6iJndY
t0gx8nUEJzLT7kT/iMZisMgOnN8EKDpCDwGHon4P/bF08SbF49rQqUnMxo670uwn
jy/MVzun57GF2ABXgOPHtAU+L5j9TVhDmRblLKaQ2ivFxC6Xi09lfI9pdX3J5DUP
jtaFf+dHZBaNsJkfUeT/NWxVCcJEtykwrrn5hUZMZFosjOvaLJrbERqBBpZZMAT/
lrW6Sa8ea2mUWw==
-----END CERTIFICATE-----