Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          dgsLq75iDFjBhGI3x3BbSpeNKZfu6M5Zc7rxouTCv/8=
Subject key identifier:   FF:B1:22:2F:4E:7D:86:52:CF:34:9A:20:85:1F:D7:FD:8B:35:5F:98
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       0199FBEB14131A1690B5D8A1C4AFCEAE924E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          08DC
Signing time:             Sun 19 Oct 2025 10:01:51 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:51 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:51 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: j1dqgYbEIjwrZ7cojhaTYS5XHVh/Th6zRLtQseG/ub4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:14:13:1a:16:90:b5:d8:a1:c4:af:ce:ae:92:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Oct 19 10:01:51 2025 GMT
            Not After : Oct 20 10:01:51 2025 GMT
        Subject: CN=ffb1222f4e7d8652cf349a20851fd7fd8b355f98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:51:12:9a:54:ef:6b:b8:ca:20:45:89:5b:55:
                    3a:ec:f5:44:fe:f0:b9:e2:6f:52:8d:ae:01:76:20:
                    bc:38:78:ff:d6:6e:5b:58:23:7e:2e:77:24:cf:3e:
                    7a:54:13:71:62:ef:a1:9c:2c:7a:e2:58:50:f3:6b:
                    28:5d:74:01:54:90:32:ec:c9:60:f1:af:d3:60:de:
                    5f:2d:97:aa:06:b2:4a:ea:12:fb:63:3a:7f:77:b6:
                    25:43:2f:26:f9:81:08:0e:a3:43:50:0a:6b:24:43:
                    76:4b:7d:2f:6d:b8:2d:fc:b4:9a:3c:10:72:bb:5f:
                    f5:cb:61:a1:da:b3:3d:94:8d:f6:1c:94:ff:d3:68:
                    93:e3:1c:5a:d6:4c:ff:ab:f4:ca:9b:0e:d2:a8:98:
                    51:25:b1:81:f3:30:7a:5b:84:3d:8d:d3:30:4d:16:
                    41:f3:ef:04:29:06:98:5b:7c:29:38:e9:43:3c:8d:
                    85:73:55:ba:c4:80:b3:2e:63:ff:2c:4d:f8:9e:17:
                    e2:57:33:3b:84:69:8b:ba:29:ab:cf:23:dd:0a:7e:
                    fa:bf:3f:71:37:14:d5:34:a7:73:a4:d5:1c:52:58:
                    b5:3c:39:91:9c:64:26:80:eb:06:04:f1:24:55:5d:
                    e8:33:1a:ce:9a:07:54:96:40:c4:85:9f:8b:9a:ee:
                    2a:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:B1:22:2F:4E:7D:86:52:CF:34:9A:20:85:1F:D7:FD:8B:35:5F:98
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:dd:d5:cf:8b:9b:3d:15:0f:09:54:91:4c:71:77:20:0b:13:
         89:65:37:ce:35:4c:e2:35:d2:6c:44:e8:ca:c0:6f:b7:fd:0c:
         01:82:be:67:c1:a6:26:e9:56:09:e4:66:d5:a5:af:d0:e7:23:
         a9:db:d1:46:f7:41:12:79:c6:93:2c:a8:18:2e:1f:4d:cc:e8:
         9e:98:5b:90:88:19:ec:28:8d:62:14:53:8a:49:71:61:c1:16:
         d2:50:b4:32:fd:32:36:04:10:63:14:0c:f8:1f:09:26:7d:58:
         ab:6a:34:90:84:55:a7:98:8a:d5:2f:28:df:92:1f:7d:31:a8:
         f7:22:c1:ca:45:37:e0:09:2f:8b:5c:ee:65:de:4f:2b:0c:42:
         a1:4c:7c:b4:aa:b3:d8:8a:63:3f:83:28:ec:f6:c6:1f:d7:18:
         c6:13:82:2a:f0:2d:ab:63:1a:fc:28:8a:ac:72:5a:f3:dd:23:
         d4:85:6f:6d:1c:51:2d:bf:cf:bd:69:52:42:a3:92:02:ca:2f:
         af:2b:a6:53:da:61:be:8b:26:12:4d:86:07:5c:f3:c3:a0:cf:
         e2:0b:12:bb:19:09:66:15:0d:20:8f:cc:eb:29:c3:6c:ae:f1:
         15:ac:02:7e:12:1f:58:97:10:4b:58:74:aa:b6:07:08:08:23:
         f2:53:05:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76xQTGhaQtdihxK/OrpJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUxMDE5MTAwMTUxWhcNMjUxMDIwMTAwMTUxWjAzMTEwLwYDVQQD
EyhmZmIxMjIyZjRlN2Q4NjUyY2YzNDlhMjA4NTFmZDdmZDhiMzU1Zjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1ESmlTva7jKIEWJW1U67PVE/vC5
4m9Sja4BdiC8OHj/1m5bWCN+Lnckzz56VBNxYu+hnCx64lhQ82soXXQBVJAy7Mlg
8a/TYN5fLZeqBrJK6hL7Yzp/d7YlQy8m+YEIDqNDUAprJEN2S30vbbgt/LSaPBBy
u1/1y2Gh2rM9lI32HJT/02iT4xxa1kz/q/TKmw7SqJhRJbGB8zB6W4Q9jdMwTRZB
8+8EKQaYW3wpOOlDPI2Fc1W6xICzLmP/LE34nhfiVzM7hGmLuimrzyPdCn76vz9x
NxTVNKdzpNUcUli1PDmRnGQmgOsGBPEkVV3oMxrOmgdUlkDEhZ+Lmu4qkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+xIi9OfYZSzzSaIIUf1/2LNV+YMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJN3Vz4ub
PRUPCVSRTHF3IAsTiWU3zjVM4jXSbEToysBvt/0MAYK+Z8GmJulWCeRm1aWv0Ocj
qdvRRvdBEnnGkyyoGC4fTczonphbkIgZ7CiNYhRTiklxYcEW0lC0Mv0yNgQQYxQM
+B8JJn1Yq2o0kIRVp5iK1S8o35IffTGo9yLBykU34Akvi1zuZd5PKwxCoUx8tKqz
2IpjP4Mo7PbGH9cYxhOCKvAtq2Ma/CiKrHJa890j1IVvbRxRLb/PvWlSQqOSAsov
ryumU9phvosmEk2GB1zzw6DP4gsSuxkJZhUNII/M6ynDbK7xFawCfhIfWJcQS1h0
qrYHCAgj8lMFoQ==
-----END CERTIFICATE-----