Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
File:                     hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft (raw, json)
Hash identifier:          4RxfaYklmb2IhPCAI5QGYJsrnxRgjGvX93iT6hyG/9w=
Subject key identifier:   2F:C2:B8:20:B7:0A:90:EC:47:08:A5:77:D4:FE:70:36:67:5F:F8:95
Authority key identifier: 87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F
Certificate issuer:       /CN=8738bf1cc1381678038ef5da67642398e3d9819f
Certificate serial:       0198D705E29E6274746A07E2F76CC4AAB5E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
Manifest number:          0196
Signing time:             Sat 23 Aug 2025 13:02:23 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:23 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:23 +0000
Files and hashes:         1: hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl (hash: T34ZkokPo4BvL7FX0HvtZJtP7kCTY3FUQwIDVSzmStw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:02:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:e2:9e:62:74:74:6a:07:e2:f7:6c:c4:aa:b5:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8738bf1cc1381678038ef5da67642398e3d9819f
        Validity
            Not Before: Aug 23 13:02:23 2025 GMT
            Not After : Aug 24 13:02:23 2025 GMT
        Subject: CN=2fc2b820b70a90ec4708a577d4fe7036675ff895
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:31:17:d2:08:93:aa:59:91:82:4d:39:ba:25:
                    b3:72:6a:18:0d:07:96:99:aa:2d:97:fe:dd:e2:e5:
                    f0:33:69:14:4a:0a:34:83:41:2a:47:a8:60:e6:5a:
                    56:b7:03:04:00:8b:ee:c5:39:8a:b3:b4:6a:63:45:
                    2e:5a:49:39:b0:39:17:4a:5e:e4:86:df:9e:b0:89:
                    b8:a7:42:d0:67:00:92:43:9a:30:dc:01:ab:2c:72:
                    a6:9e:06:01:0e:5a:94:55:42:5e:b3:5d:e6:51:0a:
                    f9:31:ae:32:3b:42:d9:85:e3:8c:1c:74:dd:7c:ca:
                    f7:4a:74:f6:1b:7c:1c:35:9e:d7:1c:29:9c:ab:0f:
                    18:c8:6b:5d:cd:d1:82:7a:50:dd:bc:3a:64:87:26:
                    e6:d7:c5:1c:1b:83:fb:47:9e:6e:f3:eb:50:2a:0d:
                    e9:10:60:ec:ce:46:b4:61:f2:01:25:8e:44:48:bf:
                    37:bf:9d:15:bc:19:95:84:31:85:c1:82:fc:14:89:
                    33:85:06:f2:28:01:a0:cc:1c:0b:65:cd:4c:51:09:
                    5a:81:2a:6c:99:1b:7f:c5:99:48:31:6c:76:16:5e:
                    02:14:65:32:78:c8:7c:91:33:07:56:dc:1a:92:01:
                    02:d7:af:86:6f:3e:f7:b1:a2:d1:05:1c:ef:f3:87:
                    e5:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:C2:B8:20:B7:0A:90:EC:47:08:A5:77:D4:FE:70:36:67:5F:F8:95
            X509v3 Authority Key Identifier:
                keyid:87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:87:5c:f0:c8:0b:73:f7:92:13:53:d6:f2:c3:a9:06:32:67:
         0e:43:bb:74:04:9d:76:3f:29:c5:bf:f9:c9:ee:91:0c:ab:0a:
         06:27:8a:71:6f:f5:fa:87:d9:4f:59:4e:02:86:fb:8d:1b:83:
         5d:2f:f8:4e:4e:49:76:06:27:a4:e0:00:cb:fa:c2:b6:c0:5d:
         65:83:ef:24:d4:0d:75:83:db:c2:26:56:7d:21:6b:cd:7f:0f:
         bd:29:8b:bf:4b:0c:d1:ea:10:c3:31:23:de:47:d9:e5:d2:53:
         f4:16:34:9a:88:39:c8:e1:f6:a3:c3:91:e1:84:e2:35:7e:ed:
         8e:36:21:59:d3:1d:91:eb:92:ea:84:7d:70:dd:f5:7a:09:37:
         a9:b0:c3:e2:ca:be:da:51:80:14:92:7d:41:71:d3:a4:63:87:
         65:c0:93:d8:43:3c:b0:06:ab:b5:84:9d:dc:e9:54:93:d2:58:
         fc:6b:37:f7:36:3a:04:ac:d6:6e:7b:90:09:42:7d:ec:3f:7f:
         ed:8d:ff:18:4a:8d:df:b0:8b:f4:c0:a1:3a:40:fb:4d:1c:aa:
         48:9e:91:23:ef:b7:6e:b8:c9:49:04:9f:3c:12:2d:b2:4e:32:
         12:68:45:06:1c:48:3f:06:a6:ea:97:f9:4e:72:6e:45:f9:24:
         67:69:a8:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBeKeYnR0agfi92zEqrXlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MzhiZjFjYzEzODE2NzgwMzhlZjVkYTY3NjQyMzk4ZTNk
OTgxOWYwHhcNMjUwODIzMTMwMjIzWhcNMjUwODI0MTMwMjIzWjAzMTEwLwYDVQQD
EygyZmMyYjgyMGI3MGE5MGVjNDcwOGE1NzdkNGZlNzAzNjY3NWZmODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jEX0giTqlmRgk05uiWzcmoYDQeW
maotl/7d4uXwM2kUSgo0g0EqR6hg5lpWtwMEAIvuxTmKs7RqY0UuWkk5sDkXSl7k
ht+esIm4p0LQZwCSQ5ow3AGrLHKmngYBDlqUVUJes13mUQr5Ma4yO0LZheOMHHTd
fMr3SnT2G3wcNZ7XHCmcqw8YyGtdzdGCelDdvDpkhybm18UcG4P7R55u8+tQKg3p
EGDszka0YfIBJY5ESL83v50VvBmVhDGFwYL8FIkzhQbyKAGgzBwLZc1MUQlagSps
mRt/xZlIMWx2Fl4CFGUyeMh8kTMHVtwakgEC16+Gbz73saLRBRzv84flEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC/CuCC3CpDsRwild9T+cDZnX/iVMB8GA1UdIwQY
MBaAFIc4vxzBOBZ4A4712mdkI5jj2YGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmIt
NTFmNzNjZDEyNWJmLzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmItNTFmNzNjZDEyNWJm
LzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd4dc8MgL
c/eSE1PW8sOpBjJnDkO7dASddj8pxb/5ye6RDKsKBieKcW/1+ofZT1lOAob7jRuD
XS/4Tk5JdgYnpOAAy/rCtsBdZYPvJNQNdYPbwiZWfSFrzX8PvSmLv0sM0eoQwzEj
3kfZ5dJT9BY0mog5yOH2o8OR4YTiNX7tjjYhWdMdkeuS6oR9cN31egk3qbDD4sq+
2lGAFJJ9QXHTpGOHZcCT2EM8sAartYSd3OlUk9JY/Gs39zY6BKzWbnuQCUJ97D9/
7Y3/GEqN37CL9MChOkD7TRyqSJ6RI++3brjJSQSfPBItsk4yEmhFBhxIPwam6pf5
TnJuRfkkZ2moPA==
-----END CERTIFICATE-----