Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          wfmuvDmfElzunId4WJO4IgDEjiRz3kn6StjQr5QTIlQ=
Subject key identifier:   DB:7E:34:F6:01:C9:74:28:E8:24:85:23:00:86:E6:0C:19:C8:AE:0A
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       0196CC4EF4C3F20AC36721282E43294B2670
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          1539
Signing time:             Wed 14 May 2025 01:00:48 +0000
Manifest this update:     Wed 14 May 2025 01:00:48 +0000
Manifest next update:     Thu 15 May 2025 01:00:48 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: 4hhwWo6M8rQY1gNfk2Qt9yChOsVBfpmX7R3Ob9PemzE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 22:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cc:4e:f4:c3:f2:0a:c3:67:21:28:2e:43:29:4b:26:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: May 14 01:00:48 2025 GMT
            Not After : May 15 01:00:48 2025 GMT
        Subject: CN=db7e34f601c97428e82485230086e60c19c8ae0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:a0:f8:1b:82:d4:db:21:75:a0:cd:8d:07:69:
                    48:11:19:e7:4a:83:e4:f5:00:f2:2a:00:82:73:a3:
                    38:72:7d:ee:5c:f7:cd:82:89:75:b8:06:94:d6:4c:
                    cb:48:52:49:17:6d:de:5d:50:12:4b:37:df:33:3b:
                    db:0a:a7:a3:8e:fe:3f:38:94:17:39:8a:d1:5f:98:
                    82:77:57:b7:4a:65:86:2e:4d:06:75:89:b7:53:e4:
                    55:61:54:78:51:64:b8:27:33:70:8d:a6:35:06:98:
                    d8:3f:6b:9e:45:57:d1:2f:78:47:e4:5d:b5:42:f2:
                    c9:ed:4e:8a:1d:dd:c4:60:cb:6b:d2:15:96:4b:9d:
                    c8:95:53:e4:8e:70:c4:63:d5:f9:b8:fe:e2:a2:b1:
                    2d:e9:f2:b0:e8:c8:0e:9e:7c:17:13:d4:be:d3:94:
                    f9:76:c3:5d:c7:31:1d:0f:20:f8:d6:35:5f:f8:d1:
                    b2:61:45:49:bc:9c:b9:ce:7d:93:af:fc:c5:2a:e9:
                    e1:19:72:42:da:de:63:f2:e7:25:e4:43:3c:ed:a9:
                    84:88:8a:41:3e:37:0a:9a:68:bd:c8:88:7f:12:c0:
                    7a:f7:a0:44:8d:ca:7f:e5:43:b0:0a:83:ee:5d:1a:
                    cf:62:07:c7:32:3b:cf:6e:da:bb:f5:aa:22:aa:2d:
                    53:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:7E:34:F6:01:C9:74:28:E8:24:85:23:00:86:E6:0C:19:C8:AE:0A
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:d9:c3:23:8a:02:9f:62:a4:16:cd:d3:86:73:fd:f7:8f:a5:
         94:de:7d:58:d1:ce:ed:28:d8:81:7f:a6:9e:97:f5:41:1e:00:
         84:7a:e4:00:74:07:85:4a:86:29:fe:c8:71:6b:ba:3c:02:13:
         d6:4c:ae:ee:cf:54:67:53:e2:ac:d1:48:6d:7d:dc:81:6a:c6:
         b6:f4:a9:4b:b4:7c:c1:45:85:33:ca:cf:a4:c1:b2:8a:2d:7f:
         8c:3c:aa:19:7d:79:64:f7:11:9a:40:67:c8:e5:57:bb:99:d5:
         5f:8c:6c:07:c6:05:ff:73:0d:b3:8e:48:73:f4:c7:91:19:3b:
         d8:3a:b0:7b:32:0c:8b:0a:47:b6:6e:30:1e:a5:3e:2a:a0:29:
         90:da:10:c9:44:6a:57:ca:78:3a:23:3c:ac:b2:73:69:ef:99:
         89:ff:f7:7f:c0:0b:58:18:a9:1b:5a:5c:1d:a7:73:6e:c4:db:
         a5:76:0b:aa:9a:db:22:5c:28:8d:df:13:5d:c3:27:b8:35:58:
         4d:7f:30:80:40:0b:cb:8a:54:c3:33:74:2f:c7:c1:da:f5:7b:
         55:3e:a5:af:a1:b4:25:5f:73:9f:ff:12:8c:65:8b:4d:2e:ce:
         57:8e:71:80:a4:89:13:eb:0e:dd:a8:10:24:e8:1e:39:70:93:
         26:c4:45:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbMTvTD8grDZyEoLkMpSyZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwNTE0MDEwMDQ4WhcNMjUwNTE1MDEwMDQ4WjAzMTEwLwYDVQQD
EyhkYjdlMzRmNjAxYzk3NDI4ZTgyNDg1MjMwMDg2ZTYwYzE5YzhhZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaD4G4LU2yF1oM2NB2lIERnnSoPk
9QDyKgCCc6M4cn3uXPfNgol1uAaU1kzLSFJJF23eXVASSzffMzvbCqejjv4/OJQX
OYrRX5iCd1e3SmWGLk0GdYm3U+RVYVR4UWS4JzNwjaY1BpjYP2ueRVfRL3hH5F21
QvLJ7U6KHd3EYMtr0hWWS53IlVPkjnDEY9X5uP7iorEt6fKw6MgOnnwXE9S+05T5
dsNdxzEdDyD41jVf+NGyYUVJvJy5zn2Tr/zFKunhGXJC2t5j8ucl5EM87amEiIpB
PjcKmmi9yIh/EsB696BEjcp/5UOwCoPuXRrPYgfHMjvPbtq79aoiqi1TdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNt+NPYByXQo6CSFIwCG5gwZyK4KMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAadnDI4oC
n2KkFs3ThnP994+llN59WNHO7SjYgX+mnpf1QR4AhHrkAHQHhUqGKf7IcWu6PAIT
1kyu7s9UZ1PirNFIbX3cgWrGtvSpS7R8wUWFM8rPpMGyii1/jDyqGX15ZPcRmkBn
yOVXu5nVX4xsB8YF/3MNs45Ic/THkRk72DqwezIMiwpHtm4wHqU+KqApkNoQyURq
V8p4OiM8rLJzae+Zif/3f8ALWBipG1pcHadzbsTbpXYLqprbIlwojd8TXcMnuDVY
TX8wgEALy4pUwzN0L8fB2vV7VT6lr6G0JV9zn/8SjGWLTS7OV45xgKSJE+sO3agQ
JOgeOXCTJsRFrw==
-----END CERTIFICATE-----