Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          YgYPohhObbVY2oLa5vib4W7ANyWFv3lflh3YNDidB8k=
Subject key identifier:   2C:62:05:48:D4:E3:13:D2:F8:AE:33:29:70:62:67:1E:23:B2:48:92
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       019761A7B5DD12A1B2D40DAB27CFBA49058D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0783
Signing time:             Thu 12 Jun 2025 01:01:10 +0000
Manifest this update:     Thu 12 Jun 2025 01:01:10 +0000
Manifest next update:     Fri 13 Jun 2025 01:01:10 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: r77PKM/aWob5A4GwiJ7q84sYlHWDwPQMRIiDbhpr3MY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:a7:b5:dd:12:a1:b2:d4:0d:ab:27:cf:ba:49:05:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Jun 12 01:01:10 2025 GMT
            Not After : Jun 13 01:01:10 2025 GMT
        Subject: CN=2c620548d4e313d2f8ae33297062671e23b24892
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:1b:2e:6d:45:cc:74:e4:9a:50:83:87:43:18:
                    6b:bf:69:b4:56:8f:b1:8e:3d:7f:bc:47:b9:98:a1:
                    4e:ee:42:1c:38:ed:a3:f8:57:15:0f:71:d1:61:8c:
                    ef:17:f7:29:90:ee:96:e7:63:10:71:ee:9b:be:d5:
                    d3:97:fa:8c:a1:34:b9:b0:86:73:56:5b:2f:8c:d3:
                    c8:85:02:31:d5:d5:e8:14:64:b8:81:82:30:56:dd:
                    2c:b4:5c:f6:ea:65:7d:9b:31:1d:0d:21:e9:ec:0d:
                    eb:77:79:f6:63:44:f5:89:7b:e1:5f:88:c4:ea:1f:
                    da:7e:dc:91:14:40:0c:2e:92:55:0f:27:68:b3:36:
                    f0:1b:e0:62:ba:fa:bc:4f:97:d8:b1:9d:c6:61:5d:
                    94:ea:8c:f7:cc:f8:d3:97:b8:6e:60:ba:21:72:1f:
                    25:1a:92:99:59:a9:50:64:ef:b9:ce:39:eb:03:7e:
                    b3:29:5a:65:ab:e0:68:eb:ed:56:73:1b:b7:76:20:
                    3d:c9:52:16:c0:fa:c6:15:6e:28:54:b4:6e:66:55:
                    85:35:87:ab:cc:03:59:1d:91:be:58:e3:5a:ae:ed:
                    bb:a4:7f:51:67:19:87:14:b6:a2:39:2d:3f:26:5f:
                    83:18:62:86:81:14:af:3d:4e:2e:34:36:04:be:ec:
                    c2:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:62:05:48:D4:E3:13:D2:F8:AE:33:29:70:62:67:1E:23:B2:48:92
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:43:a9:65:07:56:ac:a9:1c:94:56:08:eb:60:0b:07:d8:fa:
         70:f6:af:46:36:94:e0:53:e7:35:ba:04:f0:7d:df:d0:6d:7c:
         50:e5:30:2d:b9:de:2b:ec:ff:3f:f8:c5:28:0f:50:90:67:44:
         ab:7e:32:d0:bc:1a:8d:3a:fb:fc:e6:84:8d:98:92:e0:77:a9:
         17:aa:9c:31:e3:13:ce:d8:ec:56:95:d8:7e:a9:f9:a7:54:fe:
         9e:e0:43:10:fd:91:2b:5f:52:bf:c0:31:c3:f9:fc:ac:7d:dc:
         5a:a1:07:04:e7:4a:47:63:9f:d0:a6:e4:13:bc:eb:5c:65:7a:
         39:bf:16:02:bf:6a:de:21:cb:d1:8c:18:c0:75:d4:2e:34:44:
         48:b1:a4:cd:57:1f:20:40:71:f8:ba:a8:d2:24:8b:1c:3b:e4:
         db:17:8f:ee:13:bd:29:98:4e:35:2d:b9:3f:04:44:4c:1a:d4:
         d0:ae:db:ec:1e:35:97:6b:46:aa:33:b8:98:d6:88:e6:61:2c:
         c0:d1:ba:23:43:53:46:39:e5:87:73:27:f7:84:c8:2b:fa:b1:
         84:e6:2b:58:4b:c6:da:c4:42:69:fb:f6:90:f0:fa:14:13:92:
         88:49:97:83:29:0e:b5:18:fc:8d:a5:ea:f5:a9:63:d7:67:31:
         00:33:aa:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhp7XdEqGy1A2rJ8+6SQWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUwNjEyMDEwMTEwWhcNMjUwNjEzMDEwMTEwWjAzMTEwLwYDVQQD
EygyYzYyMDU0OGQ0ZTMxM2QyZjhhZTMzMjk3MDYyNjcxZTIzYjI0ODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxsubUXMdOSaUIOHQxhrv2m0Vo+x
jj1/vEe5mKFO7kIcOO2j+FcVD3HRYYzvF/cpkO6W52MQce6bvtXTl/qMoTS5sIZz
VlsvjNPIhQIx1dXoFGS4gYIwVt0stFz26mV9mzEdDSHp7A3rd3n2Y0T1iXvhX4jE
6h/aftyRFEAMLpJVDydoszbwG+Biuvq8T5fYsZ3GYV2U6oz3zPjTl7huYLohch8l
GpKZWalQZO+5zjnrA36zKVplq+Bo6+1Wcxu3diA9yVIWwPrGFW4oVLRuZlWFNYer
zANZHZG+WONaru27pH9RZxmHFLaiOS0/Jl+DGGKGgRSvPU4uNDYEvuzCvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxiBUjU4xPS+K4zKXBiZx4jskiSMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQkOpZQdW
rKkclFYI62ALB9j6cPavRjaU4FPnNboE8H3f0G18UOUwLbneK+z/P/jFKA9QkGdE
q34y0LwajTr7/OaEjZiS4HepF6qcMeMTztjsVpXYfqn5p1T+nuBDEP2RK19Sv8Ax
w/n8rH3cWqEHBOdKR2Of0KbkE7zrXGV6Ob8WAr9q3iHL0YwYwHXULjRESLGkzVcf
IEBx+Lqo0iSLHDvk2xeP7hO9KZhONS25PwRETBrU0K7b7B41l2tGqjO4mNaI5mEs
wNG6I0NTRjnlh3Mn94TIK/qxhOYrWEvG2sRCafv2kPD6FBOSiEmXgykOtRj8jaXq
9alj12cxADOq0Q==
-----END CERTIFICATE-----