Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          i1TLgsrzleN1pVjgtgdb/EXPgpwwxRdj/vFWwINp28E=
Subject key identifier:   0F:4D:1D:1E:D1:F2:72:F2:E4:57:1C:58:63:E4:AF:C5:C4:D1:F0:7B
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       0198D5BC54B20A3373D230DDCF373D112DCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 07:02:26 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:26 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:26 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: rcVtZfqy4hmS4IWUoMFiyWHk+HzI/QGn5ZNT/2De09k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:54:b2:0a:33:73:d2:30:dd:cf:37:3d:11:2d:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Aug 23 07:02:26 2025 GMT
            Not After : Aug 24 07:02:26 2025 GMT
        Subject: CN=0f4d1d1ed1f272f2e4571c5863e4afc5c4d1f07b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b5:97:87:05:ab:05:b9:a5:70:97:e7:7c:d0:
                    3c:76:dc:51:69:5a:c1:37:87:f1:48:31:8e:0c:24:
                    07:a8:b8:ca:8d:d5:0f:4a:7c:de:29:46:dd:68:55:
                    a9:95:e0:0e:22:cd:ed:c5:20:7c:ca:24:f8:f7:94:
                    7b:5d:06:13:0c:ad:d8:8b:4e:71:90:56:cd:be:4d:
                    e9:54:9b:3a:83:b2:6c:c4:eb:5b:fd:ef:a0:17:42:
                    00:9c:92:86:ec:03:c0:7e:44:50:ef:f1:1f:a9:39:
                    29:4a:bb:d2:a5:8d:13:02:8e:69:e7:5f:87:7a:a5:
                    06:6b:35:37:1f:a9:1a:0b:bd:ce:04:df:25:d1:a6:
                    af:87:34:e8:12:ed:8f:5e:c6:58:ae:93:0a:d3:d8:
                    72:36:2b:b2:64:fa:7f:46:87:a3:c8:46:6b:38:dc:
                    60:a7:f0:6b:f6:65:6c:bb:f0:64:3b:2a:c9:39:10:
                    6c:59:23:c8:c3:9a:26:4a:63:ec:16:0d:4e:80:f3:
                    58:5a:38:60:96:08:c9:3c:d3:cf:44:8e:fa:cb:1b:
                    5f:d3:73:66:b0:24:6c:f6:b9:d9:c4:a1:3f:84:40:
                    68:70:56:30:10:1d:61:41:cd:e1:82:8d:4b:dd:40:
                    c8:15:f9:01:5c:01:b6:cd:bd:13:dc:ff:ee:12:fe:
                    f6:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:4D:1D:1E:D1:F2:72:F2:E4:57:1C:58:63:E4:AF:C5:C4:D1:F0:7B
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:0a:98:11:c2:3b:1c:12:3a:f1:15:00:49:95:9a:e9:f2:30:
         0c:66:97:52:a0:03:ce:ce:e8:b2:56:f7:26:2e:b7:d1:d2:b0:
         2d:ed:3e:42:b9:3d:90:03:93:ed:31:17:c0:80:96:13:b8:95:
         52:c2:46:68:1c:23:eb:18:e1:7d:ee:ad:ab:d3:b4:47:94:d8:
         d7:df:a6:20:21:65:13:d0:9e:d1:55:ed:2a:83:b6:c9:0f:6a:
         2a:25:f7:6e:de:07:b5:5c:f4:a7:60:c9:4c:b9:b9:f0:9f:b9:
         92:55:f6:67:1a:0c:a9:00:f7:c0:05:d1:70:cd:56:a8:75:25:
         1a:ab:e7:de:48:de:ad:8f:4b:03:cf:6a:ca:18:0a:45:97:78:
         89:ed:d8:5f:51:00:2e:8f:98:ae:87:a4:73:0f:f6:7c:8d:7d:
         8d:89:4a:5c:6d:6d:1b:87:db:10:dd:31:8d:61:01:d2:60:dd:
         81:86:ec:72:29:b4:09:2d:90:59:da:02:3a:ea:71:0b:a0:08:
         61:52:66:4f:97:f2:e7:94:a5:95:70:30:2d:d6:9d:e2:e7:71:
         32:f2:15:9a:f0:64:fb:88:f0:38:c7:11:81:fe:b8:e1:68:b0:
         a3:f2:98:40:fb:13:a1:d2:f4:42:cd:b1:2a:ea:4c:28:70:75:
         e7:02:f1:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvFSyCjNz0jDdzzc9ES3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwODIzMDcwMjI2WhcNMjUwODI0MDcwMjI2WjAzMTEwLwYDVQQD
EygwZjRkMWQxZWQxZjI3MmYyZTQ1NzFjNTg2M2U0YWZjNWM0ZDFmMDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7WXhwWrBbmlcJfnfNA8dtxRaVrB
N4fxSDGODCQHqLjKjdUPSnzeKUbdaFWpleAOIs3txSB8yiT495R7XQYTDK3Yi05x
kFbNvk3pVJs6g7JsxOtb/e+gF0IAnJKG7APAfkRQ7/EfqTkpSrvSpY0TAo5p51+H
eqUGazU3H6kaC73OBN8l0aavhzToEu2PXsZYrpMK09hyNiuyZPp/RoejyEZrONxg
p/Br9mVsu/BkOyrJORBsWSPIw5omSmPsFg1OgPNYWjhglgjJPNPPRI76yxtf03Nm
sCRs9rnZxKE/hEBocFYwEB1hQc3hgo1L3UDIFfkBXAG2zb0T3P/uEv72JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9NHR7R8nLy5FccWGPkr8XE0fB7MB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKQqYEcI7
HBI68RUASZWa6fIwDGaXUqADzs7oslb3Ji630dKwLe0+Qrk9kAOT7TEXwICWE7iV
UsJGaBwj6xjhfe6tq9O0R5TY19+mICFlE9Ce0VXtKoO2yQ9qKiX3bt4HtVz0p2DJ
TLm58J+5klX2ZxoMqQD3wAXRcM1WqHUlGqvn3kjerY9LA89qyhgKRZd4ie3YX1EA
Lo+Yroekcw/2fI19jYlKXG1tG4fbEN0xjWEB0mDdgYbscim0CS2QWdoCOupxC6AI
YVJmT5fy55SllXAwLdad4udxMvIVmvBk+4jwOMcRgf644Wiwo/KYQPsTodL0Qs2x
KupMKHB15wLx7w==
-----END CERTIFICATE-----