Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
File:                     hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft (raw, json)
Hash identifier:          7eR7LMJlLdGCnic3HzT0DjygyvP7JwhjoyzfSu+PgRo=
Subject key identifier:   50:36:E0:9B:C1:6A:41:86:47:4C:37:B1:3C:4C:13:D4:A9:73:7D:6D
Authority key identifier: 87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F
Certificate issuer:       /CN=8738bf1cc1381678038ef5da67642398e3d9819f
Certificate serial:       0196C20247CB95028B0AB17783C4B2E3A508
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
Manifest number:          82
Signing time:             Mon 12 May 2025 01:00:51 +0000
Manifest this update:     Mon 12 May 2025 01:00:51 +0000
Manifest next update:     Tue 13 May 2025 01:00:51 +0000
Files and hashes:         1: hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl (hash: sa+y9cw3YR6J7UaREIIprfh+HAs/LpfQx+AIa/sKDdk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:02:47:cb:95:02:8b:0a:b1:77:83:c4:b2:e3:a5:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8738bf1cc1381678038ef5da67642398e3d9819f
        Validity
            Not Before: May 12 01:00:51 2025 GMT
            Not After : May 13 01:00:51 2025 GMT
        Subject: CN=5036e09bc16a4186474c37b13c4c13d4a9737d6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:99:9c:46:07:ea:f4:c0:5a:43:65:82:0b:b5:
                    60:7d:24:a1:a5:f9:e6:bc:06:d3:a6:55:d2:af:f5:
                    eb:34:dc:85:52:70:79:27:63:f2:15:9d:1d:3a:ce:
                    59:61:66:4b:d0:0c:37:0b:70:83:a1:92:46:67:7d:
                    cc:1a:b8:e2:51:02:e4:94:8c:05:ca:26:32:9a:16:
                    21:7d:60:b0:b6:d4:48:3f:d4:23:38:16:ac:ec:21:
                    17:36:68:5a:6b:af:83:ea:0c:29:f9:9d:56:d3:db:
                    82:f2:48:e6:ab:39:99:6f:0c:dd:d2:d9:fa:a2:27:
                    46:44:69:94:30:15:d9:c0:34:49:25:39:16:fb:82:
                    fc:92:d3:8a:d3:36:f3:bb:2d:19:f7:05:1b:95:f5:
                    af:0f:a7:6b:78:23:13:38:4a:7a:9b:60:95:db:ad:
                    0f:55:64:12:e4:6d:4e:89:2a:a0:11:e1:6a:ac:17:
                    92:fb:9c:5a:96:95:25:5c:9b:0d:09:54:1c:ee:da:
                    e0:98:2f:b7:ef:4e:87:ef:f8:fe:2c:41:79:1b:42:
                    93:ff:2c:59:15:50:31:61:66:e5:7f:70:09:4c:9b:
                    44:e0:15:66:46:cd:b5:5c:ea:8d:79:8c:f4:b2:a0:
                    fb:fc:d4:2a:5f:d1:26:9c:81:f9:4a:1d:c1:ce:e6:
                    bd:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:36:E0:9B:C1:6A:41:86:47:4C:37:B1:3C:4C:13:D4:A9:73:7D:6D
            X509v3 Authority Key Identifier:
                keyid:87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:39:12:45:36:44:43:6f:ba:ae:43:b0:f6:05:18:ff:bc:8d:
         83:9b:c3:15:1c:8b:35:49:15:8e:f9:28:77:34:ff:12:cd:f1:
         c4:2b:68:74:91:fe:cd:c5:c6:28:a1:c4:8e:84:86:15:c4:d8:
         bd:0e:40:bb:6f:c5:ba:57:b1:9b:87:aa:b6:6f:71:61:28:ad:
         cf:b5:e5:5a:c4:94:1f:3b:21:8b:ac:1d:cb:8b:94:79:b5:2a:
         21:62:78:b6:8b:6e:0d:88:2c:c5:51:cd:f0:7c:a5:e0:b7:52:
         0a:35:b7:bd:96:4d:d9:6b:42:d8:18:e9:c4:c4:c1:c1:ae:1a:
         f3:68:06:4a:f2:f2:9e:5b:47:8f:e0:25:0c:46:97:e7:b2:9c:
         c6:b0:9b:ab:09:43:1b:78:ea:f5:75:6e:7c:96:6d:a0:d9:56:
         24:da:f0:a2:29:18:0f:ca:e4:11:1d:3c:1c:7d:7a:29:a4:12:
         f8:00:27:a6:17:63:9e:c8:b6:b0:da:4c:06:17:76:1a:e4:97:
         ff:08:68:23:d2:fb:25:3d:b1:04:0a:44:82:e6:d8:94:bf:91:
         b9:6f:c0:7a:95:dc:13:71:b3:ca:77:42:13:ba:18:0a:d0:76:
         26:13:94:27:e4:a5:da:65:ef:5f:03:79:61:68:54:7c:8d:66:
         1e:dd:cb:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCAkfLlQKLCrF3g8Sy46UIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MzhiZjFjYzEzODE2NzgwMzhlZjVkYTY3NjQyMzk4ZTNk
OTgxOWYwHhcNMjUwNTEyMDEwMDUxWhcNMjUwNTEzMDEwMDUxWjAzMTEwLwYDVQQD
Eyg1MDM2ZTA5YmMxNmE0MTg2NDc0YzM3YjEzYzRjMTNkNGE5NzM3ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZmcRgfq9MBaQ2WCC7VgfSShpfnm
vAbTplXSr/XrNNyFUnB5J2PyFZ0dOs5ZYWZL0Aw3C3CDoZJGZ33MGrjiUQLklIwF
yiYymhYhfWCwttRIP9QjOBas7CEXNmhaa6+D6gwp+Z1W09uC8kjmqzmZbwzd0tn6
oidGRGmUMBXZwDRJJTkW+4L8ktOK0zbzuy0Z9wUblfWvD6dreCMTOEp6m2CV260P
VWQS5G1OiSqgEeFqrBeS+5xalpUlXJsNCVQc7trgmC+3706H7/j+LEF5G0KT/yxZ
FVAxYWblf3AJTJtE4BVmRs21XOqNeYz0sqD7/NQqX9EmnIH5Sh3Bzua9HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFA24JvBakGGR0w3sTxME9Spc31tMB8GA1UdIwQY
MBaAFIc4vxzBOBZ4A4712mdkI5jj2YGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmIt
NTFmNzNjZDEyNWJmLzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmItNTFmNzNjZDEyNWJm
LzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASzkSRTZE
Q2+6rkOw9gUY/7yNg5vDFRyLNUkVjvkodzT/Es3xxCtodJH+zcXGKKHEjoSGFcTY
vQ5Au2/Fulexm4eqtm9xYSitz7XlWsSUHzshi6wdy4uUebUqIWJ4totuDYgsxVHN
8Hyl4LdSCjW3vZZN2WtC2BjpxMTBwa4a82gGSvLynltHj+AlDEaX57KcxrCbqwlD
G3jq9XVufJZtoNlWJNrwoikYD8rkER08HH16KaQS+AAnphdjnsi2sNpMBhd2GuSX
/whoI9L7JT2xBApEgubYlL+RuW/AepXcE3GzyndCE7oYCtB2JhOUJ+Sl2mXvXwN5
YWhUfI1mHt3LpA==
-----END CERTIFICATE-----