Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          ESjVwr4oRZQ4yhgvN/DDbj1NnfeH9Q3OjiNCb4ZQvng=
Subject key identifier:   9D:EE:12:7B:06:16:E1:A2:3C:B5:03:BE:4C:18:18:3A:93:A1:A9:35
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       01975611BB48DB7118CFA88BCD3DB392B0A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          077D
Signing time:             Mon 09 Jun 2025 19:01:31 +0000
Manifest this update:     Mon 09 Jun 2025 19:01:31 +0000
Manifest next update:     Tue 10 Jun 2025 19:01:31 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: sJ02dDKsJozs4EIWOBpm2rwHhBxIWGfcAJ6G8tuwzaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 19:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:56:11:bb:48:db:71:18:cf:a8:8b:cd:3d:b3:92:b0:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Jun  9 19:01:31 2025 GMT
            Not After : Jun 10 19:01:31 2025 GMT
        Subject: CN=9dee127b0616e1a23cb503be4c18183a93a1a935
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b8:8e:05:bc:5b:7d:cf:e5:eb:0b:f5:8f:8f:
                    9a:06:04:0f:1b:29:79:75:fb:8f:aa:f8:73:f1:bf:
                    7a:2c:38:0a:a6:c4:c7:3c:7f:70:49:df:1a:b6:02:
                    2e:dd:c4:72:76:d7:c5:08:85:87:26:a1:c4:5e:9f:
                    a9:f7:80:44:e8:52:56:45:63:a3:9f:73:04:1b:d5:
                    b7:cb:da:13:6d:5b:61:ae:63:5b:66:21:52:28:ed:
                    aa:30:ec:6d:0e:9d:d8:6d:4d:c7:c2:fd:17:e9:5f:
                    e8:b8:a3:d9:9b:73:7f:d2:42:26:57:f2:f8:cd:4d:
                    7c:39:db:fd:36:42:d7:b9:e1:84:94:34:f1:4a:2e:
                    f7:db:97:6e:9a:8f:f2:0e:14:27:96:c4:48:6e:54:
                    5f:df:4a:a4:a9:90:d0:bd:c8:c6:21:ec:2f:87:6e:
                    ef:ce:46:dc:91:84:12:4d:45:7f:c0:9c:ae:9e:4c:
                    c7:39:a3:e0:a9:50:2b:56:9d:43:be:38:64:9b:de:
                    db:b4:7d:b3:71:87:a3:4f:8b:75:c7:53:b7:44:8e:
                    ae:df:7b:ee:93:7b:ab:fb:b3:44:73:fd:34:99:a8:
                    26:b7:80:e8:2f:02:a2:24:6a:90:4f:a6:28:ac:12:
                    5b:0a:cc:a1:b0:3f:fe:5e:f2:40:82:c5:bf:f1:5d:
                    85:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:EE:12:7B:06:16:E1:A2:3C:B5:03:BE:4C:18:18:3A:93:A1:A9:35
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:0a:2f:10:c1:8c:aa:24:3a:5d:68:17:fe:13:d5:ed:78:22:
         0c:01:a9:20:8b:8e:75:c6:7a:f7:bd:c3:ea:59:cc:3d:56:63:
         2e:0f:cf:58:25:1a:44:96:c0:be:64:3b:ec:70:e1:f8:f6:22:
         98:b1:1d:b1:cb:6c:f2:bd:b0:75:3f:13:43:25:8b:bd:70:07:
         ab:06:78:de:0d:3a:84:81:bf:cb:e6:d6:98:5b:04:3a:d4:83:
         2e:c7:22:66:41:ee:55:75:7d:5c:fb:3a:51:b1:99:da:25:a1:
         45:66:bb:4d:46:b4:fd:cb:72:85:4c:e7:e3:88:2e:37:f8:e4:
         1a:23:d5:38:b2:1b:2a:3c:78:f3:31:d9:61:c0:76:d6:6d:87:
         0a:de:39:90:39:fa:71:ea:f4:a6:5b:d9:0d:72:ac:69:47:a4:
         16:1f:5d:86:fd:d7:db:41:50:92:60:26:b3:36:86:88:51:3b:
         ab:3b:79:11:e1:50:61:02:3e:0c:f1:22:3a:5e:a6:c1:54:e1:
         2c:13:bf:bc:fc:9a:e8:03:97:bf:fe:4e:28:b2:8e:3b:e2:06:
         02:d3:28:07:82:16:78:68:dd:e1:d0:fc:de:a8:1a:19:67:53:
         b8:ad:80:9c:7b:c7:9a:ce:bd:c8:02:00:38:4b:78:3d:3f:72:
         a0:4e:c9:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdWEbtI23EYz6iLzT2zkrCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUwNjA5MTkwMTMxWhcNMjUwNjEwMTkwMTMxWjAzMTEwLwYDVQQD
Eyg5ZGVlMTI3YjA2MTZlMWEyM2NiNTAzYmU0YzE4MTgzYTkzYTFhOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwriOBbxbfc/l6wv1j4+aBgQPGyl5
dfuPqvhz8b96LDgKpsTHPH9wSd8atgIu3cRydtfFCIWHJqHEXp+p94BE6FJWRWOj
n3MEG9W3y9oTbVthrmNbZiFSKO2qMOxtDp3YbU3Hwv0X6V/ouKPZm3N/0kImV/L4
zU18Odv9NkLXueGElDTxSi7325dumo/yDhQnlsRIblRf30qkqZDQvcjGIewvh27v
zkbckYQSTUV/wJyunkzHOaPgqVArVp1Dvjhkm97btH2zcYejT4t1x1O3RI6u33vu
k3ur+7NEc/00magmt4DoLwKiJGqQT6YorBJbCsyhsD/+XvJAgsW/8V2FEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3uEnsGFuGiPLUDvkwYGDqToak1MB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvgovEMGM
qiQ6XWgX/hPV7XgiDAGpIIuOdcZ6973D6lnMPVZjLg/PWCUaRJbAvmQ77HDh+PYi
mLEdscts8r2wdT8TQyWLvXAHqwZ43g06hIG/y+bWmFsEOtSDLsciZkHuVXV9XPs6
UbGZ2iWhRWa7TUa0/ctyhUzn44guN/jkGiPVOLIbKjx48zHZYcB21m2HCt45kDn6
cer0plvZDXKsaUekFh9dhv3X20FQkmAmszaGiFE7qzt5EeFQYQI+DPEiOl6mwVTh
LBO/vPya6AOXv/5OKLKOO+IGAtMoB4IWeGjd4dD83qgaGWdTuK2AnHvHms69yAIA
OEt4PT9yoE7Jhw==
-----END CERTIFICATE-----