Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          C1I+YdzMlaj6EuRd7etnd8K4uhvdv7XH+vTRVHRvfRo=
Subject key identifier:   0C:23:C3:DF:9C:6C:2B:F2:89:31:92:B6:94:8C:9B:AE:55:70:B9:B1
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       019921B18A62CBC328882D415E4D7B8A8EAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          086B
Signing time:             Sun 07 Sep 2025 01:01:47 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:47 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:47 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: oBmlugNZIJOvSITSIEYtA6PO64lrpP4rvcKT3bBFppQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:8a:62:cb:c3:28:88:2d:41:5e:4d:7b:8a:8e:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Sep  7 01:01:47 2025 GMT
            Not After : Sep  8 01:01:47 2025 GMT
        Subject: CN=0c23c3df9c6c2bf2893192b6948c9bae5570b9b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:63:b1:38:c3:79:d0:af:e3:ce:ff:a2:9d:e9:
                    42:d9:6e:a2:58:f9:62:56:1f:58:67:dc:c3:08:9b:
                    f4:90:b8:1c:19:a8:63:3e:15:6f:6f:4e:8a:d1:e8:
                    a3:84:6e:66:1f:1e:21:9a:07:6a:81:96:c2:e5:16:
                    68:32:c3:bf:56:25:cd:44:6b:dd:4d:9d:d7:52:eb:
                    44:36:db:4f:a4:ae:3f:1c:23:39:63:89:6a:4c:c3:
                    13:e0:3b:a7:d1:7a:53:96:50:bc:d7:c7:71:a8:ac:
                    43:ec:a3:60:a6:89:91:fa:7d:57:cd:cf:1e:ea:95:
                    b6:f2:f3:2f:af:2a:f5:a8:31:37:32:52:39:d6:c5:
                    34:45:80:91:05:f8:9c:d7:f0:93:2a:08:ed:ab:e4:
                    ba:94:8a:0c:19:90:77:35:80:8b:9b:39:d8:9f:ef:
                    ad:ee:32:ea:9b:67:f4:23:92:ca:aa:d2:1c:2e:89:
                    98:12:9a:f6:25:7f:12:2b:58:70:dc:34:1a:bf:81:
                    e5:94:3d:8e:ad:e3:e9:d7:80:b3:de:f2:b8:a0:d3:
                    88:d9:f0:9a:2f:12:9a:32:11:2e:fc:c4:fc:24:3f:
                    b5:5b:92:13:61:2c:d1:9b:4d:d3:97:0f:c3:10:0d:
                    3d:0c:05:a7:2d:35:72:7f:56:a4:8b:24:ea:2b:07:
                    7a:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:23:C3:DF:9C:6C:2B:F2:89:31:92:B6:94:8C:9B:AE:55:70:B9:B1
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:b6:aa:48:1d:99:06:52:25:ea:f4:a1:e1:f0:55:f7:eb:ea:
         c2:81:41:e0:0a:c0:d7:03:1d:90:b1:df:e1:63:a3:d4:01:57:
         87:8b:a9:c5:82:1a:fe:b5:15:c6:5c:a7:d7:fa:87:38:08:ee:
         8b:b3:8e:df:03:a9:9e:81:6e:36:ac:01:44:14:26:57:dc:c6:
         f2:c0:0f:bc:51:58:94:38:7c:40:fa:11:c2:40:35:0f:3b:c1:
         31:2f:99:9f:93:33:24:96:0b:39:d2:d2:d4:1d:d9:0c:51:aa:
         6e:58:4a:96:51:88:6a:0c:97:2d:92:b8:43:32:51:d0:17:98:
         72:2f:ef:af:ec:2f:7d:7c:59:c6:36:b2:77:0f:29:4e:9f:0b:
         a0:a3:f9:f1:e9:3a:dc:fd:ee:28:a9:b2:2e:9f:74:bc:e4:dd:
         11:be:09:f5:3d:17:fb:c4:0b:10:63:f3:66:18:13:94:cc:19:
         ca:aa:95:ae:cd:44:de:97:89:19:dc:3a:cf:67:44:98:04:f7:
         38:14:25:10:82:19:19:ea:aa:f1:fd:5a:24:de:d3:d7:14:45:
         ed:7f:aa:14:29:bb:64:6e:61:55:e1:01:df:0f:9f:e6:75:bf:
         2a:a6:51:a5:69:8c:e9:26:4b:52:30:3c:eb:76:da:c8:cd:61:
         42:55:2c:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsYpiy8MoiC1BXk17io6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUwOTA3MDEwMTQ3WhcNMjUwOTA4MDEwMTQ3WjAzMTEwLwYDVQQD
EygwYzIzYzNkZjljNmMyYmYyODkzMTkyYjY5NDhjOWJhZTU1NzBiOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2OxOMN50K/jzv+inelC2W6iWPli
Vh9YZ9zDCJv0kLgcGahjPhVvb06K0eijhG5mHx4hmgdqgZbC5RZoMsO/ViXNRGvd
TZ3XUutENttPpK4/HCM5Y4lqTMMT4Dun0XpTllC818dxqKxD7KNgpomR+n1Xzc8e
6pW28vMvryr1qDE3MlI51sU0RYCRBfic1/CTKgjtq+S6lIoMGZB3NYCLmznYn++t
7jLqm2f0I5LKqtIcLomYEpr2JX8SK1hw3DQav4HllD2OrePp14Cz3vK4oNOI2fCa
LxKaMhEu/MT8JD+1W5ITYSzRm03Tlw/DEA09DAWnLTVyf1akiyTqKwd6sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwjw9+cbCvyiTGStpSMm65VcLmxMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf7aqSB2Z
BlIl6vSh4fBV9+vqwoFB4ArA1wMdkLHf4WOj1AFXh4upxYIa/rUVxlyn1/qHOAju
i7OO3wOpnoFuNqwBRBQmV9zG8sAPvFFYlDh8QPoRwkA1DzvBMS+Zn5MzJJYLOdLS
1B3ZDFGqblhKllGIagyXLZK4QzJR0BeYci/vr+wvfXxZxjaydw8pTp8LoKP58ek6
3P3uKKmyLp90vOTdEb4J9T0X+8QLEGPzZhgTlMwZyqqVrs1E3peJGdw6z2dEmAT3
OBQlEIIZGeqq8f1aJN7T1xRF7X+qFCm7ZG5hVeEB3w+f5nW/KqZRpWmM6SZLUjA8
63bayM1hQlUsAQ==
-----END CERTIFICATE-----