Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          uDUMqBkAQMcDKJw44sm4Y1/81AMzKQE+fb+1zrvWhe4=
Subject key identifier:   60:5D:F0:80:2B:33:3E:46:41:AE:B9:30:69:62:60:97:6B:56:49:B2
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       019A71B8AD70058767FE7DBB51157CDAA22A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0919
Signing time:             Tue 11 Nov 2025 07:01:59 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:59 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:59 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: gVHx2RxhQTE4fpm4nmeggNsp/qwtT8RdzTT16VOp2pM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:ad:70:05:87:67:fe:7d:bb:51:15:7c:da:a2:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Nov 11 07:01:59 2025 GMT
            Not After : Nov 12 07:01:59 2025 GMT
        Subject: CN=605df0802b333e4641aeb930696260976b5649b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c9:60:53:d0:4a:1f:92:d2:38:d5:e9:f2:b2:
                    9c:96:f6:4d:21:17:1f:ba:06:74:8d:1d:02:bf:87:
                    ba:61:b7:af:b7:30:62:57:06:55:f5:4a:39:a4:10:
                    61:10:23:18:0c:16:a2:b9:8a:ae:6c:76:30:83:7b:
                    9e:c0:a3:d4:b0:02:63:b8:de:2a:09:63:48:84:1e:
                    72:c5:6c:96:a6:94:97:c5:31:4f:81:f1:64:5b:23:
                    e0:f5:ec:24:09:f4:71:ee:96:ac:86:65:34:1e:b4:
                    c6:d2:02:ec:d9:f4:11:0b:7e:2d:ba:83:4c:4b:2f:
                    ef:9e:f5:57:af:b2:82:5e:aa:3c:97:84:36:e3:0c:
                    d6:d5:8c:58:42:03:ac:1d:eb:ab:49:74:56:d0:c4:
                    61:23:53:25:b9:ff:58:78:ba:bd:60:e9:10:34:18:
                    96:aa:6e:c8:ea:6d:0b:dc:7a:58:ab:d9:2a:15:a3:
                    14:46:e5:f6:25:e6:eb:c1:34:cf:bf:d4:f8:fe:05:
                    7c:4c:e7:80:d1:7d:40:0e:24:95:3a:50:69:bb:c0:
                    3f:74:ec:82:0b:6f:27:05:bc:cb:82:3e:02:62:d6:
                    5b:9e:6e:2c:b3:e3:e0:97:98:52:35:e5:d4:ed:36:
                    7b:6a:fb:e7:84:e0:a6:3f:55:77:cd:ef:cc:8a:ef:
                    6f:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:5D:F0:80:2B:33:3E:46:41:AE:B9:30:69:62:60:97:6B:56:49:B2
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:c6:28:54:72:5c:32:8a:1e:aa:5e:24:51:f1:5f:40:c6:38:
         52:42:7e:b1:d2:65:6b:5f:b6:42:8f:99:22:0c:c3:af:97:6a:
         93:72:f8:ad:a8:c2:0d:7c:dd:87:ed:47:48:79:8d:ed:3f:6f:
         3d:53:a5:bb:9b:99:4f:66:dc:66:be:fb:9b:95:9f:10:86:b9:
         12:2f:31:48:af:0a:7b:9e:a4:60:79:e5:13:c4:b4:ea:be:0b:
         0e:38:e6:c0:c7:bf:0f:a6:2e:c0:b0:ea:ff:77:c2:d0:73:ca:
         e1:82:cd:07:8c:13:e2:2a:12:df:2e:d6:5b:40:5d:59:d5:01:
         ca:f1:b6:fd:6e:9f:49:4a:bd:6f:f6:88:0e:91:1d:15:83:fd:
         76:03:59:30:f5:f0:36:fb:c7:f0:18:97:58:51:44:c4:ef:0a:
         45:5a:e4:2d:87:a7:68:f4:80:db:09:bb:01:e8:3b:65:cf:40:
         c0:3e:9b:5f:e5:90:34:d8:96:30:44:39:74:87:e0:4d:f8:cb:
         d5:39:32:2c:70:ff:6d:e7:71:a0:16:96:88:8b:35:7d:f8:65:
         79:9b:f5:46:b5:3e:cd:c2:80:79:5f:ab:fe:89:f4:e5:4b:6f:
         d3:f0:b8:ff:03:82:1a:c5:52:b5:40:ad:ae:09:d1:d3:fc:93:
         12:0f:f4:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuK1wBYdn/n27URV82qIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUxMTExMDcwMTU5WhcNMjUxMTEyMDcwMTU5WjAzMTEwLwYDVQQD
Eyg2MDVkZjA4MDJiMzMzZTQ2NDFhZWI5MzA2OTYyNjA5NzZiNTY0OWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0slgU9BKH5LSONXp8rKclvZNIRcf
ugZ0jR0Cv4e6YbevtzBiVwZV9Uo5pBBhECMYDBaiuYqubHYwg3uewKPUsAJjuN4q
CWNIhB5yxWyWppSXxTFPgfFkWyPg9ewkCfRx7pashmU0HrTG0gLs2fQRC34tuoNM
Sy/vnvVXr7KCXqo8l4Q24wzW1YxYQgOsHeurSXRW0MRhI1Mluf9YeLq9YOkQNBiW
qm7I6m0L3HpYq9kqFaMURuX2JebrwTTPv9T4/gV8TOeA0X1ADiSVOlBpu8A/dOyC
C28nBbzLgj4CYtZbnm4ss+Pgl5hSNeXU7TZ7avvnhOCmP1V3ze/Miu9vBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBd8IArMz5GQa65MGliYJdrVkmyMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArcYoVHJc
Mooeql4kUfFfQMY4UkJ+sdJla1+2Qo+ZIgzDr5dqk3L4rajCDXzdh+1HSHmN7T9v
PVOlu5uZT2bcZr77m5WfEIa5Ei8xSK8Ke56kYHnlE8S06r4LDjjmwMe/D6YuwLDq
/3fC0HPK4YLNB4wT4ioS3y7WW0BdWdUByvG2/W6fSUq9b/aIDpEdFYP9dgNZMPXw
NvvH8BiXWFFExO8KRVrkLYenaPSA2wm7Aeg7Zc9AwD6bX+WQNNiWMEQ5dIfgTfjL
1TkyLHD/bedxoBaWiIs1ffhleZv1RrU+zcKAeV+r/on05Utv0/C4/wOCGsVStUCt
rgnR0/yTEg/0gA==
-----END CERTIFICATE-----