Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
File:                     HzkK-DPX1CaQQsJJvPSWSFcglbY.mft (raw, json)
Hash identifier:          TB7e9KQsxft1hT5S11mrXTIHar9qZcIh1TAKSoYCDi8=
Subject key identifier:   E8:EF:BB:09:B4:66:62:9F:F6:5D:96:96:6B:6E:BD:BF:78:45:3E:29
Authority key identifier: 1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6
Certificate issuer:       /CN=1f390af833d7d4269042c249bcf49648572095b6
Certificate serial:       01974E5809F766C4E46AC1607AC69D4F191E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
Manifest number:          101E
Signing time:             Sun 08 Jun 2025 07:01:21 +0000
Manifest this update:     Sun 08 Jun 2025 07:01:21 +0000
Manifest next update:     Mon 09 Jun 2025 07:01:21 +0000
Files and hashes:         1: HzkK-DPX1CaQQsJJvPSWSFcglbY.crl (hash: tfB5UyAXMEppG5iD1vnWQ3T5yEUFrTCmb02AqSV2Zek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:58:09:f7:66:c4:e4:6a:c1:60:7a:c6:9d:4f:19:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f390af833d7d4269042c249bcf49648572095b6
        Validity
            Not Before: Jun  8 07:01:21 2025 GMT
            Not After : Jun  9 07:01:21 2025 GMT
        Subject: CN=e8efbb09b466629ff65d96966b6ebdbf78453e29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:80:47:cb:a7:52:51:bd:d7:09:c0:b0:bd:4f:
                    01:bb:6e:1d:a4:aa:c0:e8:e7:08:bd:ee:dc:50:06:
                    a8:2e:94:ec:12:52:1c:41:10:26:55:fb:b4:9c:c5:
                    e6:05:c2:ca:e5:0a:68:df:2a:fd:0d:73:ac:da:f5:
                    88:f0:6b:22:68:e0:13:cb:1b:4c:5b:63:59:4f:59:
                    88:d3:f6:f4:13:7c:7a:18:e5:c8:3a:fb:f0:d8:f3:
                    7a:c3:77:f9:52:a0:ce:0a:c2:db:9e:95:33:b6:eb:
                    19:a2:2f:7a:1b:cf:b2:cd:45:d2:bb:dd:b6:4d:9e:
                    d8:13:51:cf:07:74:71:19:ba:35:bf:ea:61:13:47:
                    a9:82:92:b6:5c:d2:9f:58:aa:1b:82:9e:1e:c4:e8:
                    24:96:a8:36:90:e5:38:a0:0f:86:18:30:fb:2d:c4:
                    fc:67:71:b6:df:d2:a9:3f:fb:82:03:a9:6e:89:c2:
                    2c:9f:37:79:4d:bc:90:e0:28:da:6c:80:b8:ce:2f:
                    ab:2d:5d:15:63:fe:ba:96:c3:d7:ac:b9:c2:2a:52:
                    f4:b1:e2:83:e4:7f:59:fa:f9:05:f3:b5:90:8e:0e:
                    10:85:ed:60:b3:75:8e:1c:09:e9:21:68:2a:cb:73:
                    10:88:63:45:a1:db:b5:f6:69:78:ce:28:55:45:9b:
                    32:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:EF:BB:09:B4:66:62:9F:F6:5D:96:96:6B:6E:BD:BF:78:45:3E:29
            X509v3 Authority Key Identifier:
                keyid:1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:60:48:d9:c8:06:a1:db:cb:a1:75:6e:70:a9:44:a2:59:c4:
         ad:19:fe:e3:5f:73:6b:57:25:0c:08:39:69:6f:6a:71:8d:56:
         bc:23:e8:ad:d7:da:5c:62:04:b6:47:09:94:bd:71:95:0c:c8:
         cb:eb:ae:67:6f:51:e1:c0:56:7c:20:f1:bd:5a:97:ab:e9:86:
         7f:58:b9:a9:a3:ce:b3:21:85:20:40:00:87:c7:95:1a:d8:f3:
         e5:09:91:aa:68:86:48:35:b6:36:20:13:1a:03:79:13:25:7e:
         f7:ee:95:77:6d:4e:61:0b:56:bd:3c:d9:14:44:c8:e6:ea:e3:
         9a:cc:cb:00:96:f2:59:71:d3:4b:5c:f3:3b:3a:12:41:a5:c6:
         1b:e1:ed:03:1f:53:25:1f:8c:df:c3:fa:6c:54:21:ab:27:4d:
         90:e8:6b:f3:fc:be:e1:93:c8:e3:75:7c:8f:f3:b0:42:3e:27:
         44:a6:ae:34:0d:a6:c8:e8:e3:1f:84:d1:78:b1:e6:90:c3:ca:
         2b:8c:5d:89:c2:48:3e:eb:f0:08:0b:c0:20:d4:b0:4d:84:cb:
         43:5b:55:b2:0e:89:3a:01:1d:0d:ea:18:01:eb:56:26:ed:bd:
         74:65:7b:ec:7c:4f:a2:c1:30:20:a1:2d:e7:85:bb:f1:fa:f2:
         42:35:4b:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOWAn3ZsTkasFgesadTxkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzkwYWY4MzNkN2Q0MjY5MDQyYzI0OWJjZjQ5NjQ4NTcy
MDk1YjYwHhcNMjUwNjA4MDcwMTIxWhcNMjUwNjA5MDcwMTIxWjAzMTEwLwYDVQQD
EyhlOGVmYmIwOWI0NjY2MjlmZjY1ZDk2OTY2YjZlYmRiZjc4NDUzZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IBHy6dSUb3XCcCwvU8Bu24dpKrA
6OcIve7cUAaoLpTsElIcQRAmVfu0nMXmBcLK5Qpo3yr9DXOs2vWI8GsiaOATyxtM
W2NZT1mI0/b0E3x6GOXIOvvw2PN6w3f5UqDOCsLbnpUztusZoi96G8+yzUXSu922
TZ7YE1HPB3RxGbo1v+phE0epgpK2XNKfWKobgp4exOgklqg2kOU4oA+GGDD7LcT8
Z3G239KpP/uCA6luicIsnzd5TbyQ4CjabIC4zi+rLV0VY/66lsPXrLnCKlL0seKD
5H9Z+vkF87WQjg4Qhe1gs3WOHAnpIWgqy3MQiGNFodu19ml4zihVRZsywwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjvuwm0ZmKf9l2Wlmtuvb94RT4pMB8GA1UdIwQY
MBaAFB85Cvgz19QmkELCSbz0lkhXIJW2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEt
ZDc1ODM3MmNmOGYwLzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEtZDc1ODM3MmNmOGYw
LzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABWBI2cgG
odvLoXVucKlEolnErRn+419za1clDAg5aW9qcY1WvCPordfaXGIEtkcJlL1xlQzI
y+uuZ29R4cBWfCDxvVqXq+mGf1i5qaPOsyGFIEAAh8eVGtjz5QmRqmiGSDW2NiAT
GgN5EyV+9+6Vd21OYQtWvTzZFETI5urjmszLAJbyWXHTS1zzOzoSQaXGG+HtAx9T
JR+M38P6bFQhqydNkOhr8/y+4ZPI43V8j/OwQj4nRKauNA2myOjjH4TReLHmkMPK
K4xdicJIPuvwCAvAINSwTYTLQ1tVsg6JOgEdDeoYAetWJu29dGV77HxPosEwIKEt
54W78fryQjVLTw==
-----END CERTIFICATE-----