Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          B2/2AFbGRBsx9BpBIXkk1QdFmHERhrMk9a4dv5KqlVs=
Subject key identifier:   D1:AD:A9:0A:5F:13:32:3F:22:07:2F:BD:85:9D:40:CB:E1:04:C6:61
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       0197B7EAD44582AFF035C8D83E2421A8FF14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 19:01:49 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:49 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:49 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: lHI5qSp1vyz+SDu+DmHEjemroIQLvFC9fsAWKzJZphw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:d4:45:82:af:f0:35:c8:d8:3e:24:21:a8:ff:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Jun 28 19:01:49 2025 GMT
            Not After : Jun 29 19:01:49 2025 GMT
        Subject: CN=d1ada90a5f13323f22072fbd859d40cbe104c661
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f7:58:37:f5:94:29:b5:60:67:d8:84:90:c7:
                    34:81:61:ba:75:21:5b:5e:09:21:93:0f:8b:44:29:
                    ab:ae:11:80:15:e4:60:8b:87:90:41:aa:5b:cd:eb:
                    fc:81:18:0a:74:8d:42:1d:60:3d:f6:f4:8b:43:e8:
                    9a:6c:a2:65:1f:68:80:b9:27:5b:f3:f1:d4:c8:3f:
                    dd:57:a9:54:c3:2b:2b:e5:56:64:d5:1f:04:b1:9e:
                    f9:ce:25:cb:85:28:75:ed:57:9c:c6:dd:f6:fa:c0:
                    be:0d:b6:67:ad:8b:7e:57:68:e0:bb:f6:99:05:8a:
                    06:18:12:ff:d3:a0:6f:0f:07:c2:c0:86:8f:2c:bf:
                    87:32:77:24:a8:35:86:ee:ec:f4:bb:67:7b:14:35:
                    5a:60:65:02:02:9e:2b:8c:5d:a4:8f:2a:13:de:97:
                    22:0c:43:60:66:64:21:b1:a7:0a:99:2f:62:70:0b:
                    3a:73:be:17:c1:b3:1d:55:8c:6c:e7:e4:40:4b:f9:
                    a2:b2:fe:e0:84:c3:49:d2:a1:97:51:06:b8:ea:46:
                    fa:cf:fd:08:5b:b8:a4:44:4d:52:36:4b:8c:84:a7:
                    3d:8e:a5:32:12:0c:05:d6:cd:59:02:9f:32:b9:03:
                    de:c5:62:7e:60:fd:da:14:61:9d:93:7c:4c:59:9d:
                    bf:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:AD:A9:0A:5F:13:32:3F:22:07:2F:BD:85:9D:40:CB:E1:04:C6:61
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:3e:06:e4:92:71:92:d5:80:c0:42:0f:6f:0a:0a:c2:d1:09:
         f1:86:d3:4b:6c:8d:27:b4:9a:a6:53:ab:d0:c7:bc:47:8c:ec:
         98:d6:de:2f:fc:27:6f:01:bc:8c:f7:9e:3f:1a:5c:62:3a:bf:
         85:6a:7c:6a:fd:ce:1f:e8:85:35:4c:96:ed:71:11:2c:8a:41:
         72:c3:8c:c6:1b:91:94:80:bb:cf:f5:b2:42:7e:01:0a:c0:75:
         f2:b4:04:51:a0:8c:30:27:e8:70:20:df:bf:96:b0:e8:3a:34:
         ba:57:c3:45:15:d2:a7:5b:6e:8d:06:36:65:57:b4:c2:a5:a3:
         97:68:0b:b1:13:25:44:77:13:22:43:88:cc:d4:8c:04:97:19:
         38:8d:5b:b6:27:b0:34:c7:a7:7f:ac:e9:f3:35:5e:49:61:58:
         9d:91:82:34:1a:8a:3d:5e:86:1b:eb:08:58:74:3e:aa:2e:8e:
         a4:61:d5:b9:b6:78:47:64:80:1c:58:b5:df:40:a4:da:13:8b:
         d7:8b:93:32:92:99:43:1f:49:5d:c3:bb:c0:32:14:9f:e8:67:
         c3:e1:31:11:97:e2:78:16:ee:91:89:d3:fe:9f:6a:d5:35:64:
         1e:19:e8:8e:e4:e1:51:89:a9:ac:eb:5d:d3:3c:03:82:26:4d:
         92:8d:13:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36tRFgq/wNcjYPiQhqP8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwNjI4MTkwMTQ5WhcNMjUwNjI5MTkwMTQ5WjAzMTEwLwYDVQQD
EyhkMWFkYTkwYTVmMTMzMjNmMjIwNzJmYmQ4NTlkNDBjYmUxMDRjNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/dYN/WUKbVgZ9iEkMc0gWG6dSFb
Xgkhkw+LRCmrrhGAFeRgi4eQQapbzev8gRgKdI1CHWA99vSLQ+iabKJlH2iAuSdb
8/HUyD/dV6lUwysr5VZk1R8EsZ75ziXLhSh17Vecxt32+sC+DbZnrYt+V2jgu/aZ
BYoGGBL/06BvDwfCwIaPLL+HMnckqDWG7uz0u2d7FDVaYGUCAp4rjF2kjyoT3pci
DENgZmQhsacKmS9icAs6c74XwbMdVYxs5+RAS/misv7ghMNJ0qGXUQa46kb6z/0I
W7ikRE1SNkuMhKc9jqUyEgwF1s1ZAp8yuQPexWJ+YP3aFGGdk3xMWZ2/RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGtqQpfEzI/IgcvvYWdQMvhBMZhMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAez4G5JJx
ktWAwEIPbwoKwtEJ8YbTS2yNJ7SaplOr0Me8R4zsmNbeL/wnbwG8jPeePxpcYjq/
hWp8av3OH+iFNUyW7XERLIpBcsOMxhuRlIC7z/WyQn4BCsB18rQEUaCMMCfocCDf
v5aw6Do0ulfDRRXSp1tujQY2ZVe0wqWjl2gLsRMlRHcTIkOIzNSMBJcZOI1btiew
NMenf6zp8zVeSWFYnZGCNBqKPV6GG+sIWHQ+qi6OpGHVubZ4R2SAHFi130Ck2hOL
14uTMpKZQx9JXcO7wDIUn+hnw+ExEZfieBbukYnT/p9q1TVkHhnojuThUYmprOtd
0zwDgiZNko0TLg==
-----END CERTIFICATE-----