Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          sLCH7egLYhSpNlcw/I6RS+qH+H8iLrYqfVsU9W0wQdE=
Subject key identifier:   DD:E9:AE:2B:D3:B3:46:B3:01:96:D0:B2:B9:4B:F0:B5:B4:CB:1E:00
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       0197658502DDBE8FFD3EA135C063EE5F4676
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0785
Signing time:             Thu 12 Jun 2025 19:01:44 +0000
Manifest this update:     Thu 12 Jun 2025 19:01:44 +0000
Manifest next update:     Fri 13 Jun 2025 19:01:44 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: YO9VumKLmQRwah2/x7Vs/AkwVlb9yYYr6fIGkLRrvO4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 19:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:85:02:dd:be:8f:fd:3e:a1:35:c0:63:ee:5f:46:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Jun 12 19:01:44 2025 GMT
            Not After : Jun 13 19:01:44 2025 GMT
        Subject: CN=dde9ae2bd3b346b30196d0b2b94bf0b5b4cb1e00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:89:12:7d:36:17:99:58:32:0a:6e:f7:bb:6d:
                    70:7c:9a:f6:e4:37:55:e6:3c:a1:2e:33:86:92:a4:
                    d3:c9:00:fb:59:d3:48:7b:8a:03:57:dc:eb:a2:00:
                    22:55:89:35:58:b5:b8:a1:61:ed:b0:de:f4:4b:a7:
                    a6:c8:f1:c1:4e:b3:04:18:45:75:5e:53:2c:26:d7:
                    90:8b:a3:5e:3b:37:ea:f3:c6:f1:a2:31:8f:fc:ec:
                    5c:ec:45:f7:9b:e5:53:1d:86:22:f7:c2:96:09:a0:
                    ef:c6:4c:9b:b6:16:cd:d9:56:68:27:6b:61:0a:e1:
                    b1:b4:c5:3c:c8:07:dc:bc:a3:fa:54:27:40:14:d2:
                    f5:07:cb:ef:eb:09:d4:57:a2:13:6a:3a:62:13:d8:
                    fc:26:c6:9c:8e:76:af:a3:5b:04:5b:b1:09:3b:0d:
                    7a:2b:a3:35:98:cc:39:b0:4f:77:d3:1b:76:1c:8d:
                    a6:1d:59:f2:8b:1f:32:24:66:2f:b4:8d:1e:a7:45:
                    71:b2:c7:bd:1d:c6:10:83:c4:2a:40:ab:1f:cd:72:
                    7e:99:50:28:15:b6:20:5f:01:86:1c:bf:31:a8:2f:
                    bf:c2:a4:bf:d7:50:ab:8b:b8:b0:bd:a5:a0:0d:ae:
                    b8:42:ed:05:49:85:c3:cc:10:28:73:e8:c9:95:71:
                    aa:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:E9:AE:2B:D3:B3:46:B3:01:96:D0:B2:B9:4B:F0:B5:B4:CB:1E:00
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:d6:8e:07:47:ae:7b:6b:49:d1:31:7b:1e:a4:05:40:41:61:
         1f:e0:13:ff:8c:7f:42:ec:de:4c:fd:ae:9e:f3:f7:0c:a7:43:
         1d:50:ad:b1:ff:35:de:c1:86:14:d5:d8:47:90:4e:a4:0d:31:
         74:e0:8b:24:3d:28:ab:31:19:b5:ca:ed:00:5b:d9:3a:41:04:
         72:93:5b:e1:9a:9e:c6:91:79:95:52:49:ee:83:ae:0e:6a:3f:
         44:b2:1d:98:77:a6:5e:9d:5a:7c:a6:f7:69:49:2f:3e:80:62:
         20:e1:8f:fc:df:11:18:c2:10:12:ab:ce:83:21:5f:87:98:5c:
         0d:fd:13:cc:5a:ad:c2:0e:87:d5:0a:67:9b:05:2c:0a:62:b0:
         7b:7a:7f:fd:37:76:19:35:6d:98:68:de:f6:8b:45:c0:ef:ad:
         d9:85:b0:30:06:46:da:8f:a3:1a:30:45:0a:cf:36:6a:4a:5c:
         52:79:81:5d:a4:79:44:d1:2b:c2:dd:c0:8d:5d:31:50:c5:8e:
         16:ff:6e:5e:7e:7e:22:1e:a2:f7:0f:c8:41:bb:85:91:cb:cc:
         73:0e:de:06:29:9c:42:89:a4:b8:b8:c1:67:c8:a9:39:3b:79:
         b0:df:51:38:5b:d8:8a:61:24:46:0f:9a:a4:19:66:ba:aa:4d:
         36:9c:c6:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlhQLdvo/9PqE1wGPuX0Z2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUwNjEyMTkwMTQ0WhcNMjUwNjEzMTkwMTQ0WjAzMTEwLwYDVQQD
EyhkZGU5YWUyYmQzYjM0NmIzMDE5NmQwYjJiOTRiZjBiNWI0Y2IxZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYkSfTYXmVgyCm73u21wfJr25DdV
5jyhLjOGkqTTyQD7WdNIe4oDV9zrogAiVYk1WLW4oWHtsN70S6emyPHBTrMEGEV1
XlMsJteQi6NeOzfq88bxojGP/Oxc7EX3m+VTHYYi98KWCaDvxkybthbN2VZoJ2th
CuGxtMU8yAfcvKP6VCdAFNL1B8vv6wnUV6ITajpiE9j8Jsacjnavo1sEW7EJOw16
K6M1mMw5sE930xt2HI2mHVnyix8yJGYvtI0ep0Vxsse9HcYQg8QqQKsfzXJ+mVAo
FbYgXwGGHL8xqC+/wqS/11Cri7iwvaWgDa64Qu0FSYXDzBAoc+jJlXGqZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3privTs0azAZbQsrlL8LW0yx4AMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGdaOB0eu
e2tJ0TF7HqQFQEFhH+AT/4x/QuzeTP2unvP3DKdDHVCtsf813sGGFNXYR5BOpA0x
dOCLJD0oqzEZtcrtAFvZOkEEcpNb4ZqexpF5lVJJ7oOuDmo/RLIdmHemXp1afKb3
aUkvPoBiIOGP/N8RGMIQEqvOgyFfh5hcDf0TzFqtwg6H1QpnmwUsCmKwe3p//Td2
GTVtmGje9otFwO+t2YWwMAZG2o+jGjBFCs82akpcUnmBXaR5RNErwt3AjV0xUMWO
Fv9uXn5+Ih6i9w/IQbuFkcvMcw7eBimcQomkuLjBZ8ipOTt5sN9ROFvYimEkRg+a
pBlmuqpNNpzG9A==
-----END CERTIFICATE-----