Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          +JizeXd7y7QwHA2WbzjhDDEWzTic2rJ673vsxvmYCzk=
Subject key identifier:   7D:1A:71:FE:62:88:F5:19:8A:CC:37:A0:A7:8C:29:21:EF:4F:C2:A7
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       0198D65F65B3069E3D7DB7A7999EDEC403F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0844
Signing time:             Sat 23 Aug 2025 10:00:32 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:32 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:32 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: LpHlchiZ+fVe1k2rYgMbmgj0LHBeVMOjbKNJzd4Bug4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:65:b3:06:9e:3d:7d:b7:a7:99:9e:de:c4:03:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Aug 23 10:00:32 2025 GMT
            Not After : Aug 24 10:00:32 2025 GMT
        Subject: CN=7d1a71fe6288f5198acc37a0a78c2921ef4fc2a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:96:7a:0e:e4:7c:08:14:57:e2:71:f6:d0:41:
                    7c:ec:5d:73:b6:61:7f:09:16:1c:4a:81:b7:fa:29:
                    24:58:b8:40:8f:0f:b9:56:95:43:af:ed:94:f5:76:
                    3b:a8:40:64:32:c3:fd:36:43:51:01:2c:e4:55:38:
                    3d:7e:e8:f4:6f:61:81:10:22:f1:0d:7e:4c:0c:6a:
                    e1:8f:13:cd:5c:16:4d:51:f4:0b:99:20:9b:55:d8:
                    1f:b5:8c:3c:63:2a:ed:76:7a:4f:e3:9f:d3:1f:2d:
                    ac:45:98:d4:5f:40:62:93:be:cb:ca:3b:6b:bd:c7:
                    af:c3:81:b4:9a:cf:e3:bd:b1:65:cc:f9:58:62:b0:
                    20:0e:c0:9a:0d:52:68:61:33:1e:e7:e3:50:a8:02:
                    1c:d0:42:ce:17:c4:93:7a:69:f9:64:34:25:da:0a:
                    1d:10:f5:e9:05:7a:d5:28:58:30:3a:7c:55:41:5d:
                    a8:fb:30:c4:08:fc:1b:76:45:ca:01:79:c2:74:96:
                    2f:4b:ff:4f:a2:84:8a:3d:27:91:1e:4e:32:4b:6f:
                    82:ab:24:a9:db:e0:c5:36:1d:bd:a4:a6:93:6b:05:
                    02:f5:96:e6:bc:1d:cf:35:6d:ec:92:7f:55:2c:83:
                    d6:c2:73:bc:bc:86:09:ab:d0:bc:57:e3:09:ac:64:
                    a0:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:1A:71:FE:62:88:F5:19:8A:CC:37:A0:A7:8C:29:21:EF:4F:C2:A7
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:70:47:e2:d7:cb:44:a8:18:51:21:6d:c1:89:d4:f8:48:59:
         53:e6:1a:a1:8a:15:74:fa:be:61:14:55:0e:a6:d0:0f:7f:a3:
         ee:4f:09:5b:e5:9e:15:bb:d7:d7:e0:1f:6e:24:4e:25:3d:f4:
         03:4a:b3:c9:52:09:e6:8d:ff:26:aa:3e:dc:96:33:a5:5d:ba:
         0b:04:c5:4d:7d:be:5a:08:64:85:88:e0:08:bb:c7:be:08:0a:
         5f:50:5c:73:b1:68:76:fe:4e:9c:f0:bb:ce:7f:36:bb:66:24:
         f6:8e:39:2b:d7:99:2e:01:13:42:53:00:2b:32:1a:c1:e7:30:
         3e:d5:15:67:4b:95:11:30:3d:d0:cf:3a:02:1c:9a:4b:55:26:
         33:ba:76:9a:cc:8a:a7:29:a2:21:ce:c9:f0:17:06:03:2d:01:
         d6:8a:5d:41:79:20:d2:0c:22:e9:94:62:13:44:e7:68:9d:45:
         a8:f9:12:37:a2:f6:54:ee:43:10:df:7e:d3:9f:b3:9f:b2:9c:
         63:c3:77:4b:60:d1:99:58:9d:d4:b1:9d:ef:26:2f:cf:fc:e5:
         03:29:34:f3:0b:95:13:46:d4:0a:10:14:ed:b0:ec:cb:a8:19:
         a6:a1:2c:71:d6:4a:8b:f7:28:65:6e:a0:39:8b:24:d4:ca:a4:
         c1:b6:29:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX2WzBp49fbenmZ7exAP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUwODIzMTAwMDMyWhcNMjUwODI0MTAwMDMyWjAzMTEwLwYDVQQD
Eyg3ZDFhNzFmZTYyODhmNTE5OGFjYzM3YTBhNzhjMjkyMWVmNGZjMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZZ6DuR8CBRX4nH20EF87F1ztmF/
CRYcSoG3+ikkWLhAjw+5VpVDr+2U9XY7qEBkMsP9NkNRASzkVTg9fuj0b2GBECLx
DX5MDGrhjxPNXBZNUfQLmSCbVdgftYw8YyrtdnpP45/THy2sRZjUX0Bik77Lyjtr
vcevw4G0ms/jvbFlzPlYYrAgDsCaDVJoYTMe5+NQqAIc0ELOF8STemn5ZDQl2god
EPXpBXrVKFgwOnxVQV2o+zDECPwbdkXKAXnCdJYvS/9PooSKPSeRHk4yS2+CqySp
2+DFNh29pKaTawUC9ZbmvB3PNW3skn9VLIPWwnO8vIYJq9C8V+MJrGSg+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0acf5iiPUZisw3oKeMKSHvT8KnMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfXBH4tfL
RKgYUSFtwYnU+EhZU+YaoYoVdPq+YRRVDqbQD3+j7k8JW+WeFbvX1+AfbiROJT30
A0qzyVIJ5o3/Jqo+3JYzpV26CwTFTX2+WghkhYjgCLvHvggKX1Bcc7Fodv5OnPC7
zn82u2Yk9o45K9eZLgETQlMAKzIawecwPtUVZ0uVETA90M86AhyaS1UmM7p2msyK
pymiIc7J8BcGAy0B1opdQXkg0gwi6ZRiE0TnaJ1FqPkSN6L2VO5DEN9+05+zn7Kc
Y8N3S2DRmVid1LGd7yYvz/zlAyk08wuVE0bUChAU7bDsy6gZpqEscdZKi/coZW6g
OYsk1MqkwbYp6Q==
-----END CERTIFICATE-----