Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
File:                     hesz_RfSMvvmsq22bLCv4N7pA7A.mft (raw, json)
Hash identifier:          q+thFWGFh4d/1NeG7y9rei+qAQqxu1/bDt+7h1i6ekE=
Subject key identifier:   15:A3:8E:E5:8D:54:FA:7A:AD:6B:BF:C1:97:4E:61:F7:E4:27:32:10
Authority key identifier: 85:EB:33:FD:17:D2:32:FB:E6:B2:AD:B6:6C:B0:AF:E0:DE:E9:03:B0
Certificate issuer:       /CN=85eb33fd17d232fbe6b2adb66cb0afe0dee903b0
Certificate serial:       0197B745AD3D2428CA369D75B47E00252A67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
Manifest number:          0442
Signing time:             Sat 28 Jun 2025 16:01:26 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:26 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:26 +0000
Files and hashes:         1: hesz_RfSMvvmsq22bLCv4N7pA7A.crl (hash: qIFWforBPyqZ+vY6j7LMiQVY1DY0TMxIPTlStaiUpmc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:ad:3d:24:28:ca:36:9d:75:b4:7e:00:25:2a:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85eb33fd17d232fbe6b2adb66cb0afe0dee903b0
        Validity
            Not Before: Jun 28 16:01:26 2025 GMT
            Not After : Jun 29 16:01:26 2025 GMT
        Subject: CN=15a38ee58d54fa7aad6bbfc1974e61f7e4273210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:98:17:69:9a:01:51:83:b7:65:df:bd:e5:e0:
                    a8:4e:c9:cc:0c:8e:9e:25:c7:f2:3a:c6:f6:07:ad:
                    94:0e:9d:ab:c2:ee:4f:f6:8d:da:bb:17:cb:ea:4e:
                    f9:e4:00:17:3f:60:3b:be:ca:bb:c8:04:c9:20:a9:
                    e6:f7:be:02:68:e3:f0:e8:11:98:5c:fa:cb:5f:8b:
                    2f:73:ee:11:ca:a4:a8:cf:18:f0:07:64:97:87:e5:
                    92:89:35:6b:ef:9c:a3:ba:5c:74:fe:a1:f8:92:4b:
                    b5:58:b5:19:34:65:01:6e:60:fe:5e:fd:55:9e:8d:
                    5e:ac:83:9c:da:75:69:11:80:19:d6:6b:56:cd:a9:
                    9a:94:9a:ed:3b:b7:21:5c:55:25:c0:0f:e3:c8:3b:
                    c9:37:5d:fb:e6:53:a9:c1:42:c7:b1:ff:0c:99:c4:
                    37:8b:31:d9:0f:73:0a:6f:f5:4d:37:d4:ac:77:34:
                    ef:e0:23:ac:43:9c:aa:76:f5:c9:90:1e:99:62:75:
                    03:67:e9:cf:68:f9:07:b4:d2:c5:bb:cc:d3:f8:f1:
                    e8:3c:af:3e:18:04:f8:15:83:12:57:ae:d0:4f:03:
                    d7:e8:68:2c:7b:de:4a:38:5d:03:36:aa:74:e5:77:
                    ee:80:75:8c:7c:00:4a:8b:c3:97:01:64:41:d2:8e:
                    d5:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:A3:8E:E5:8D:54:FA:7A:AD:6B:BF:C1:97:4E:61:F7:E4:27:32:10
            X509v3 Authority Key Identifier:
                keyid:85:EB:33:FD:17:D2:32:FB:E6:B2:AD:B6:6C:B0:AF:E0:DE:E9:03:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:61:23:07:cc:59:82:c3:f0:e4:4d:04:68:0d:b1:57:f7:ac:
         41:1a:01:4c:71:b9:c2:92:a9:8f:15:cf:13:08:e7:a9:42:5c:
         18:3c:44:c7:10:29:93:63:59:46:18:6e:e9:80:42:fc:2d:55:
         5b:e3:4b:0f:14:49:fe:25:e6:9e:a9:5f:da:77:66:35:8a:41:
         54:95:35:6b:8b:1b:99:a2:e0:e7:8c:df:7e:f5:ca:a1:35:ed:
         45:a8:27:fd:64:59:c9:7e:09:5d:df:b3:ed:85:97:e6:37:ba:
         78:c2:bd:fd:d6:27:ca:66:47:bf:4f:5e:16:89:8d:5d:9c:f5:
         2a:c0:38:21:77:21:c4:10:28:50:29:c3:4e:c9:0e:ac:7f:f2:
         88:c4:2d:2d:96:64:bd:e6:64:49:ec:9f:56:08:40:c6:a9:78:
         24:6b:9e:cb:f5:19:1f:19:4e:f3:5e:88:7b:71:23:1b:29:87:
         f5:a3:0b:9b:88:84:5f:42:32:5d:c6:31:40:ce:d6:83:5d:09:
         01:fb:b3:31:c0:40:2f:0e:b4:69:c7:fc:c7:74:5a:92:2b:48:
         9e:ef:5c:70:ee:b9:e1:72:13:be:3e:fb:95:47:76:a3:2d:10:
         eb:28:74:8a:8f:87:ad:56:2d:41:c4:d7:2a:62:2f:5a:ae:b5:
         8a:d0:22:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Ra09JCjKNp11tH4AJSpnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZWIzM2ZkMTdkMjMyZmJlNmIyYWRiNjZjYjBhZmUwZGVl
OTAzYjAwHhcNMjUwNjI4MTYwMTI2WhcNMjUwNjI5MTYwMTI2WjAzMTEwLwYDVQQD
EygxNWEzOGVlNThkNTRmYTdhYWQ2YmJmYzE5NzRlNjFmN2U0MjczMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pgXaZoBUYO3Zd+95eCoTsnMDI6e
JcfyOsb2B62UDp2rwu5P9o3auxfL6k755AAXP2A7vsq7yATJIKnm974CaOPw6BGY
XPrLX4svc+4RyqSozxjwB2SXh+WSiTVr75yjulx0/qH4kku1WLUZNGUBbmD+Xv1V
no1erIOc2nVpEYAZ1mtWzamalJrtO7chXFUlwA/jyDvJN1375lOpwULHsf8MmcQ3
izHZD3MKb/VNN9SsdzTv4COsQ5yqdvXJkB6ZYnUDZ+nPaPkHtNLFu8zT+PHoPK8+
GAT4FYMSV67QTwPX6Ggse95KOF0DNqp05XfugHWMfABKi8OXAWRB0o7VDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWjjuWNVPp6rWu/wZdOYffkJzIQMB8GA1UdIwQY
MBaAFIXrM/0X0jL75rKttmywr+De6QOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jZTgyNGYtNzNjOS00ODVlLThlZGMt
OGEzOGVhMmIxZjU0LzEvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jZTgyNGYtNzNjOS00ODVlLThlZGMtOGEzOGVhMmIxZjU0
LzEvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEGEjB8xZ
gsPw5E0EaA2xV/esQRoBTHG5wpKpjxXPEwjnqUJcGDxExxApk2NZRhhu6YBC/C1V
W+NLDxRJ/iXmnqlf2ndmNYpBVJU1a4sbmaLg54zffvXKoTXtRagn/WRZyX4JXd+z
7YWX5je6eMK9/dYnymZHv09eFomNXZz1KsA4IXchxBAoUCnDTskOrH/yiMQtLZZk
veZkSeyfVghAxql4JGuey/UZHxlO816Ie3EjGymH9aMLm4iEX0IyXcYxQM7Wg10J
AfuzMcBALw60acf8x3RakitInu9ccO654XITvj77lUd2oy0Q6yh0io+HrVYtQcTX
KmIvWq61itAizg==
-----END CERTIFICATE-----