Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
File:                     hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft (raw, json)
Hash identifier:          FT8sKGsL4P0Y+wQC9dbLFUIomk+Si+mCAqiM5SyVerE=
Subject key identifier:   3B:C7:1A:DC:71:84:93:75:F9:6F:0E:04:23:66:B4:63:10:4C:17:D1
Authority key identifier: 87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F
Certificate issuer:       /CN=8738bf1cc1381678038ef5da67642398e3d9819f
Certificate serial:       019A006BFC9FB9497CB9E04145FF12C6D572
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
Manifest number:          0230
Signing time:             Mon 20 Oct 2025 07:01:08 +0000
Manifest this update:     Mon 20 Oct 2025 07:01:08 +0000
Manifest next update:     Tue 21 Oct 2025 07:01:08 +0000
Files and hashes:         1: hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl (hash: F/MnO/T4VWZIiMGMYprDJy8j0ZT0d2sna/8HqwLFRvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 07:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:6b:fc:9f:b9:49:7c:b9:e0:41:45:ff:12:c6:d5:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8738bf1cc1381678038ef5da67642398e3d9819f
        Validity
            Not Before: Oct 20 07:01:08 2025 GMT
            Not After : Oct 21 07:01:08 2025 GMT
        Subject: CN=3bc71adc71849375f96f0e042366b463104c17d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e9:4e:51:31:e3:1c:d0:d5:ed:0f:2d:e9:fb:
                    f9:f3:5c:7d:cd:3f:e8:a0:40:7e:d1:b8:7b:36:5b:
                    14:29:cb:15:f7:e7:5c:ee:ea:1a:5e:8a:c3:a9:4b:
                    e2:f6:6d:9b:ca:c0:52:ea:8c:d7:ca:bd:7c:9f:2a:
                    b4:4c:c8:74:1b:e8:34:85:74:8f:8d:f9:47:5d:c2:
                    76:12:87:3a:3d:17:90:eb:66:76:1e:f3:55:66:68:
                    19:e6:d6:f7:c7:d7:0c:98:ca:4a:33:96:94:a0:76:
                    e7:45:e7:d7:33:c4:b6:33:33:c0:ac:2f:19:3b:29:
                    b9:a5:90:d8:93:d1:62:17:8c:c8:0e:3d:7d:f3:c7:
                    b8:f3:53:d3:9e:4e:05:b1:da:b0:8e:2f:f3:bd:71:
                    54:10:11:b8:c0:18:d1:fa:95:64:45:bb:8c:84:fb:
                    67:30:81:db:96:0d:ac:15:96:83:27:b2:1b:68:f6:
                    62:c5:5f:e7:6c:40:de:6c:0b:7b:96:02:75:76:8f:
                    94:e2:96:f2:c4:37:70:32:f0:e2:42:a3:74:2a:e9:
                    7c:8d:8d:70:8b:11:02:24:05:87:40:ac:68:50:86:
                    f4:c7:92:c9:8c:aa:43:e8:29:13:79:97:d2:46:d6:
                    3d:13:67:35:7c:f8:00:9c:07:7c:76:b0:2d:a0:60:
                    33:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:C7:1A:DC:71:84:93:75:F9:6F:0E:04:23:66:B4:63:10:4C:17:D1
            X509v3 Authority Key Identifier:
                keyid:87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:0c:71:9a:a9:15:13:e0:d1:09:ed:ad:e3:1c:4d:b3:a4:70:
         0d:6e:c2:b8:d7:8e:7e:4f:b3:f0:69:c8:8e:fa:6b:52:49:07:
         04:43:02:35:dc:c2:b8:25:62:49:2f:91:00:b3:3f:a5:8e:5b:
         25:05:4c:67:c7:f0:7f:82:d2:f6:6c:24:7c:a6:ed:16:ba:7e:
         ac:1b:4b:c7:80:f2:68:f5:64:92:06:b7:f1:74:a4:d6:d2:85:
         4a:01:4b:00:b3:af:f2:72:6c:ce:e5:fb:43:81:41:93:80:28:
         f4:a8:98:6f:af:3d:68:1d:3c:10:03:7c:6f:63:45:7b:a8:ab:
         8f:8e:5d:28:7b:12:ec:bd:5f:91:81:c7:07:20:97:67:97:49:
         76:7e:78:43:eb:b8:d1:64:38:3d:eb:1a:ba:1a:0d:d8:fb:e8:
         8b:1a:ce:24:c2:c0:d7:f4:73:21:9d:d7:c3:24:1f:01:26:45:
         09:03:05:47:13:6f:95:04:4d:b2:cc:7c:97:f0:2b:1e:35:cf:
         77:53:43:2e:e3:cf:22:01:78:aa:c5:56:80:5e:83:c8:b1:19:
         2d:8d:4e:fa:35:43:ef:2b:fd:46:b9:35:be:55:b1:52:5d:5e:
         8f:55:d9:1a:21:83:f4:77:2f:e9:bf:7e:71:71:bc:92:99:af:
         3a:44:c9:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAa/yfuUl8ueBBRf8SxtVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MzhiZjFjYzEzODE2NzgwMzhlZjVkYTY3NjQyMzk4ZTNk
OTgxOWYwHhcNMjUxMDIwMDcwMTA4WhcNMjUxMDIxMDcwMTA4WjAzMTEwLwYDVQQD
EygzYmM3MWFkYzcxODQ5Mzc1Zjk2ZjBlMDQyMzY2YjQ2MzEwNGMxN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOlOUTHjHNDV7Q8t6fv581x9zT/o
oEB+0bh7NlsUKcsV9+dc7uoaXorDqUvi9m2bysBS6ozXyr18nyq0TMh0G+g0hXSP
jflHXcJ2Eoc6PReQ62Z2HvNVZmgZ5tb3x9cMmMpKM5aUoHbnRefXM8S2MzPArC8Z
Oym5pZDYk9FiF4zIDj1988e481PTnk4Fsdqwji/zvXFUEBG4wBjR+pVkRbuMhPtn
MIHblg2sFZaDJ7IbaPZixV/nbEDebAt7lgJ1do+U4pbyxDdwMvDiQqN0Kul8jY1w
ixECJAWHQKxoUIb0x5LJjKpD6CkTeZfSRtY9E2c1fPgAnAd8drAtoGAzpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvHGtxxhJN1+W8OBCNmtGMQTBfRMB8GA1UdIwQY
MBaAFIc4vxzBOBZ4A4712mdkI5jj2YGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmIt
NTFmNzNjZDEyNWJmLzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmItNTFmNzNjZDEyNWJm
LzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfQxxmqkV
E+DRCe2t4xxNs6RwDW7CuNeOfk+z8GnIjvprUkkHBEMCNdzCuCViSS+RALM/pY5b
JQVMZ8fwf4LS9mwkfKbtFrp+rBtLx4DyaPVkkga38XSk1tKFSgFLALOv8nJszuX7
Q4FBk4Ao9KiYb689aB08EAN8b2NFe6irj45dKHsS7L1fkYHHByCXZ5dJdn54Q+u4
0WQ4PesauhoN2PvoixrOJMLA1/RzIZ3XwyQfASZFCQMFRxNvlQRNssx8l/ArHjXP
d1NDLuPPIgF4qsVWgF6DyLEZLY1O+jVD7yv9Rrk1vlWxUl1ej1XZGiGD9Hcv6b9+
cXG8kpmvOkTJOA==
-----END CERTIFICATE-----