Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          u//VqWSd78vyJD23t8in+YQOgSY433rhh5xZY6xCMhM=
Subject key identifier:   DD:2D:7D:D4:AE:5D:94:6D:A1:93:66:40:B1:6A:27:7F:FE:74:63:59
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       01976D3E3AF0F1CED52FD5F1A365E3DF6956
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0789
Signing time:             Sat 14 Jun 2025 07:01:24 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:24 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:24 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: +XJl+VcbTAC2J6QfGL0QNkz4SVzxPTO7I9HDMxi/Ad4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:3a:f0:f1:ce:d5:2f:d5:f1:a3:65:e3:df:69:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Jun 14 07:01:24 2025 GMT
            Not After : Jun 15 07:01:24 2025 GMT
        Subject: CN=dd2d7dd4ae5d946da1936640b16a277ffe746359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:0e:b1:c5:7c:b5:be:cf:9b:06:d6:f3:74:1f:
                    14:90:d4:35:1e:80:26:7a:d6:d8:14:00:9b:de:9b:
                    a6:94:ec:32:9c:07:9f:c8:4e:ea:ad:aa:e5:d3:52:
                    5f:6f:a1:70:65:d5:b4:0d:ec:55:1d:34:18:9d:ce:
                    b7:35:b4:c7:0b:bc:49:4c:7e:04:10:8e:13:13:e6:
                    ac:0b:17:74:3e:e9:51:26:8e:43:5a:9e:6f:2f:be:
                    3d:31:cd:3f:dc:f6:e8:ae:94:11:4b:25:c9:5c:25:
                    dd:12:4e:29:30:bf:e1:00:4d:03:85:db:0c:d4:7d:
                    b9:cd:49:b0:d3:88:8c:9c:7a:cc:d8:c0:ae:f2:39:
                    83:95:a8:51:32:f7:ec:69:40:c6:e8:98:d3:db:76:
                    fa:6a:a5:e2:f7:39:fe:a5:a7:cb:2d:0f:17:c2:a5:
                    11:8e:9a:ff:77:b5:64:f8:89:74:a9:40:20:c9:fd:
                    63:d3:f2:bd:4e:9e:51:68:8b:a4:41:cc:51:d6:c0:
                    5a:dd:4c:94:51:f5:63:f9:bd:2c:df:9e:ab:eb:02:
                    3b:7e:ec:c9:9a:21:ad:52:58:cb:6d:9b:30:b3:07:
                    39:9b:8d:90:3b:28:b2:af:2c:66:01:1c:a6:75:1b:
                    57:a9:31:30:5e:0b:4e:65:db:33:8e:49:91:87:e0:
                    65:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:2D:7D:D4:AE:5D:94:6D:A1:93:66:40:B1:6A:27:7F:FE:74:63:59
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:01:e9:6b:85:78:ff:67:6c:a8:22:61:25:af:a9:e8:f8:54:
         92:74:ce:58:0a:78:9c:79:b1:3a:d7:d0:da:26:29:eb:07:54:
         e8:8b:29:2f:0d:0f:03:b4:60:f5:d0:a5:4b:ed:9b:87:f7:c4:
         f7:e4:6f:74:8b:d0:a7:74:01:f2:2e:9c:7c:68:51:a3:33:20:
         98:91:dc:3a:71:e4:8b:8f:6f:5e:20:ab:ef:3b:f8:5a:f1:ba:
         ee:b9:ff:90:f2:b4:3a:fd:15:cb:96:ff:f7:81:d1:0b:47:42:
         40:8e:5c:71:db:97:e5:7e:3c:db:d3:5e:77:21:e9:34:cc:fb:
         60:b0:62:ae:9c:82:11:d7:fd:b3:97:86:34:f2:fb:6b:1b:2b:
         39:ee:17:18:75:31:f2:d1:1b:c6:b5:ef:86:fe:da:cd:68:a5:
         e3:23:24:04:0a:c3:c4:8a:97:30:0d:c7:d3:dc:c2:d4:52:b1:
         0c:47:d8:57:53:12:39:b9:31:ae:d4:41:90:b6:08:ea:a0:f2:
         cd:13:ca:48:77:06:50:aa:50:1c:8f:08:49:0a:61:eb:2b:97:
         e7:6a:8f:4a:7b:df:1a:d0:3e:07:03:33:b1:2b:3e:8e:75:b8:
         84:29:4d:f7:3d:5b:73:f7:84:ea:64:bd:6b:28:68:58:01:35:
         a6:94:65:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPjrw8c7VL9Xxo2Xj32lWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUwNjE0MDcwMTI0WhcNMjUwNjE1MDcwMTI0WjAzMTEwLwYDVQQD
EyhkZDJkN2RkNGFlNWQ5NDZkYTE5MzY2NDBiMTZhMjc3ZmZlNzQ2MzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4w6xxXy1vs+bBtbzdB8UkNQ1HoAm
etbYFACb3pumlOwynAefyE7qrarl01Jfb6FwZdW0DexVHTQYnc63NbTHC7xJTH4E
EI4TE+asCxd0PulRJo5DWp5vL749Mc0/3PborpQRSyXJXCXdEk4pML/hAE0DhdsM
1H25zUmw04iMnHrM2MCu8jmDlahRMvfsaUDG6JjT23b6aqXi9zn+pafLLQ8XwqUR
jpr/d7Vk+Il0qUAgyf1j0/K9Tp5RaIukQcxR1sBa3UyUUfVj+b0s356r6wI7fuzJ
miGtUljLbZswswc5m42QOyiyryxmARymdRtXqTEwXgtOZdszjkmRh+BlXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0tfdSuXZRtoZNmQLFqJ3/+dGNZMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlwHpa4V4
/2dsqCJhJa+p6PhUknTOWAp4nHmxOtfQ2iYp6wdU6IspLw0PA7Rg9dClS+2bh/fE
9+RvdIvQp3QB8i6cfGhRozMgmJHcOnHki49vXiCr7zv4WvG67rn/kPK0Ov0Vy5b/
94HRC0dCQI5ccduX5X4829NedyHpNMz7YLBirpyCEdf9s5eGNPL7axsrOe4XGHUx
8tEbxrXvhv7azWil4yMkBArDxIqXMA3H09zC1FKxDEfYV1MSObkxrtRBkLYI6qDy
zRPKSHcGUKpQHI8ISQph6yuX52qPSnvfGtA+BwMzsSs+jnW4hClN9z1bc/eE6mS9
ayhoWAE1ppRlrw==
-----END CERTIFICATE-----