Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
File:                     hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft (raw, json)
Hash identifier:          ALwT4xvF3Vbkzc6OoVjFf8XR3o9H6l9WjYrXX6O9h8Q=
Subject key identifier:   B6:0F:75:0C:1A:7C:F8:CA:AD:F7:F5:F8:9F:AB:63:C0:88:9F:D8:36
Authority key identifier: 87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F
Certificate issuer:       /CN=8738bf1cc1381678038ef5da67642398e3d9819f
Certificate serial:       0197B7457CE32767FC823C7F2A7CBC787669
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
Manifest number:          0101
Signing time:             Sat 28 Jun 2025 16:01:13 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:13 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:13 +0000
Files and hashes:         1: hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl (hash: BSaut4tQKYWY8lLMrLqNBn9+MjT06wbWTcd2dppK2vc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:7c:e3:27:67:fc:82:3c:7f:2a:7c:bc:78:76:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8738bf1cc1381678038ef5da67642398e3d9819f
        Validity
            Not Before: Jun 28 16:01:13 2025 GMT
            Not After : Jun 29 16:01:13 2025 GMT
        Subject: CN=b60f750c1a7cf8caadf7f5f89fab63c0889fd836
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f9:2d:7c:2d:76:26:1e:e8:d9:42:f6:87:d6:
                    be:a6:35:57:46:41:4f:c1:a1:3f:7f:b5:50:87:b2:
                    02:c8:81:ad:b7:9f:c6:3a:64:11:65:c6:e8:f9:ba:
                    be:ca:ef:a3:2a:cd:d5:bb:ee:32:f9:bd:38:e2:25:
                    42:b5:bf:3d:94:04:6d:46:2d:92:2a:06:83:40:ee:
                    dc:77:cb:9f:e8:d4:d3:4c:6f:91:bf:f8:f6:10:20:
                    22:5f:d7:27:62:c3:6a:d7:b6:06:1a:18:7e:db:24:
                    62:a9:92:93:fc:ec:3e:ba:a4:83:07:d0:42:ac:b3:
                    70:fe:6b:1f:9b:78:fe:f0:7a:7e:a3:10:8a:b4:ad:
                    6a:52:e7:66:39:ad:06:35:61:3f:27:05:0a:50:38:
                    32:6e:d9:e0:07:31:94:c8:25:e3:d9:24:31:b5:df:
                    0e:fe:03:74:57:1b:2e:23:2b:1d:a8:64:01:ad:61:
                    65:27:a3:fb:71:f8:5e:38:bf:98:03:5c:82:93:23:
                    ef:09:06:66:4e:d9:46:83:93:fd:64:5c:9e:9d:ce:
                    96:f4:40:cf:72:62:af:4b:4c:37:1b:ad:62:f4:fc:
                    11:41:87:2b:e7:53:c4:1c:9c:5d:d2:95:5a:e8:20:
                    75:d4:85:73:dc:f8:55:43:61:c6:52:53:04:8b:44:
                    38:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:0F:75:0C:1A:7C:F8:CA:AD:F7:F5:F8:9F:AB:63:C0:88:9F:D8:36
            X509v3 Authority Key Identifier:
                keyid:87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:fc:23:47:d2:4c:20:5d:03:98:3d:e9:a6:9f:c5:2a:d4:f8:
         7f:e5:9f:b6:6f:fa:5d:8a:94:66:61:16:be:56:0c:9b:24:86:
         5a:aa:88:da:80:0a:42:8e:ad:c4:57:22:18:c6:96:0c:2e:97:
         25:a0:2b:41:c2:03:34:2a:a3:04:0f:a3:8f:12:a1:de:9c:85:
         4b:28:c4:b1:95:e5:84:36:a9:01:ad:e6:39:d7:49:33:bc:a5:
         c7:03:e2:d5:55:81:9f:81:42:46:9b:cd:a1:da:c3:70:a7:8a:
         5b:f1:65:b2:f0:d2:15:3b:e2:ae:8c:7e:f0:ca:27:fd:0c:c4:
         dc:61:91:d7:c6:24:b3:de:c2:54:26:c4:10:ee:9f:b3:9c:91:
         b0:33:c6:f8:a0:17:44:18:7b:03:86:8c:1d:5f:06:72:52:34:
         04:a2:eb:49:dc:8d:f5:a7:a1:3b:d4:bc:ff:d2:55:14:e1:1f:
         a1:4d:72:cd:73:0d:a8:e2:c3:d7:29:38:c7:1a:c8:e5:b5:f0:
         01:08:6e:ca:69:51:d6:4e:ca:c2:74:43:97:8d:00:4a:3f:37:
         6d:5d:14:c4:d1:c4:86:31:58:08:f9:8f:76:93:42:be:e0:a2:
         3c:de:71:93:a5:c3:6b:0f:e4:a4:38:84:c9:a4:ca:71:8a:d2:
         0f:e3:6c:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RXzjJ2f8gjx/Kny8eHZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MzhiZjFjYzEzODE2NzgwMzhlZjVkYTY3NjQyMzk4ZTNk
OTgxOWYwHhcNMjUwNjI4MTYwMTEzWhcNMjUwNjI5MTYwMTEzWjAzMTEwLwYDVQQD
EyhiNjBmNzUwYzFhN2NmOGNhYWRmN2Y1Zjg5ZmFiNjNjMDg4OWZkODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfktfC12Jh7o2UL2h9a+pjVXRkFP
waE/f7VQh7ICyIGtt5/GOmQRZcbo+bq+yu+jKs3Vu+4y+b044iVCtb89lARtRi2S
KgaDQO7cd8uf6NTTTG+Rv/j2ECAiX9cnYsNq17YGGhh+2yRiqZKT/Ow+uqSDB9BC
rLNw/msfm3j+8Hp+oxCKtK1qUudmOa0GNWE/JwUKUDgybtngBzGUyCXj2SQxtd8O
/gN0VxsuIysdqGQBrWFlJ6P7cfheOL+YA1yCkyPvCQZmTtlGg5P9ZFyenc6W9EDP
cmKvS0w3G61i9PwRQYcr51PEHJxd0pVa6CB11IVz3PhVQ2HGUlMEi0Q4qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYPdQwafPjKrff1+J+rY8CIn9g2MB8GA1UdIwQY
MBaAFIc4vxzBOBZ4A4712mdkI5jj2YGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmIt
NTFmNzNjZDEyNWJmLzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmItNTFmNzNjZDEyNWJm
LzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHPwjR9JM
IF0DmD3ppp/FKtT4f+Wftm/6XYqUZmEWvlYMmySGWqqI2oAKQo6txFciGMaWDC6X
JaArQcIDNCqjBA+jjxKh3pyFSyjEsZXlhDapAa3mOddJM7ylxwPi1VWBn4FCRpvN
odrDcKeKW/FlsvDSFTvirox+8Mon/QzE3GGR18Yks97CVCbEEO6fs5yRsDPG+KAX
RBh7A4aMHV8GclI0BKLrSdyN9aehO9S8/9JVFOEfoU1yzXMNqOLD1yk4xxrI5bXw
AQhuymlR1k7KwnRDl40ASj83bV0UxNHEhjFYCPmPdpNCvuCiPN5xk6XDaw/kpDiE
yaTKcYrSD+Ns8A==
-----END CERTIFICATE-----