Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          cg829a8DN35XWpd2CtC8Zo1D3mwyd8y19SR2sqoEUoU=
Subject key identifier:   16:D5:8D:A5:22:DB:E4:16:79:04:8F:4B:7E:B0:45:4A:CB:78:0E:A1
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       01976C992FE943957F247DFD899BF7513C45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 04:01:07 +0000
Manifest this update:     Sat 14 Jun 2025 04:01:07 +0000
Manifest next update:     Sun 15 Jun 2025 04:01:07 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: ZuD291d1AC2JivGCAeTx7JP9KRbCSL2sHlikkMOkshg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:99:2f:e9:43:95:7f:24:7d:fd:89:9b:f7:51:3c:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Jun 14 04:01:07 2025 GMT
            Not After : Jun 15 04:01:07 2025 GMT
        Subject: CN=16d58da522dbe41679048f4b7eb0454acb780ea1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:a3:23:45:76:99:a8:23:da:20:66:b3:88:f8:
                    d2:65:71:60:c8:f7:ea:2e:e7:56:5e:ef:d6:ad:9b:
                    22:17:08:9c:77:69:f9:74:0d:52:f1:f9:02:52:bc:
                    62:86:b7:be:3d:02:4e:33:d1:9a:bd:e1:d5:31:03:
                    69:1e:39:74:f0:58:6b:17:dd:c2:01:57:93:6b:de:
                    30:34:f5:f2:2d:0a:5b:c3:d4:ae:64:b1:48:ae:3e:
                    c2:39:96:96:f8:20:c1:b0:6d:cc:85:90:3f:2f:ca:
                    fe:05:27:f2:1f:df:f6:82:31:d1:62:d5:f6:3a:2e:
                    84:d7:bc:a7:22:f2:a5:1d:28:a6:c7:16:e4:9d:02:
                    f5:b2:f8:b3:22:96:bd:ac:c2:38:9e:d3:55:4b:e5:
                    d4:6a:00:16:85:ae:56:39:6d:a4:26:cd:7a:16:6b:
                    62:76:ef:9f:03:37:8f:f1:93:07:bc:91:2a:e2:59:
                    60:a9:05:4d:8b:b4:d7:fa:4b:9a:8c:88:b6:df:9f:
                    5f:53:27:96:b9:aa:7a:88:a2:cf:ff:ef:a4:b6:d5:
                    7f:26:49:da:bb:52:7b:fe:14:a8:a6:86:5a:5d:82:
                    18:70:73:5d:ea:17:e5:49:e7:4e:e2:ef:03:2a:2c:
                    dd:ed:ea:4f:de:3c:44:7d:98:df:9f:40:e3:70:79:
                    6f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:D5:8D:A5:22:DB:E4:16:79:04:8F:4B:7E:B0:45:4A:CB:78:0E:A1
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:e6:8a:f6:52:1a:5c:a4:90:0a:dd:c4:c3:5a:32:be:da:2a:
         4c:f7:7d:4b:9b:7e:9a:8d:fc:77:15:83:6a:dd:64:a3:4c:cb:
         44:c3:96:8f:c8:cd:37:46:b2:db:05:87:9b:30:a4:de:06:ca:
         4f:e9:9a:59:9f:b0:82:be:c8:78:e8:8d:92:6b:5e:ec:9c:87:
         de:5e:69:fd:fc:af:0c:f1:ea:0c:f5:9b:99:cf:a9:86:de:49:
         58:bd:b7:8c:30:e5:a1:7c:f0:7e:4a:20:58:f8:51:b8:a7:42:
         47:fb:5e:eb:32:05:73:73:60:5d:4e:6e:53:cf:30:9f:43:eb:
         e6:e5:86:de:f3:bf:09:bf:bf:c2:ea:44:50:53:d5:25:d4:10:
         e5:20:c9:82:5c:56:30:d8:0b:69:da:d1:9f:78:d1:21:27:ca:
         7f:c8:32:66:33:81:db:1a:d2:c6:0f:e0:7f:21:61:49:15:26:
         b2:73:05:db:ec:c9:6b:0e:74:c4:fc:73:23:de:dc:ca:cc:6f:
         75:18:69:b0:c8:5c:d9:c8:42:06:29:f7:40:4d:9e:9c:9d:14:
         00:64:ec:bf:cf:8d:ed:b5:3d:bb:40:fd:7f:d6:7f:94:58:08:
         e1:0b:1f:41:fc:5a:89:f3:1f:c8:06:c0:2a:18:a1:5d:4e:7b:
         7b:88:83:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmS/pQ5V/JH39iZv3UTxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUwNjE0MDQwMTA3WhcNMjUwNjE1MDQwMTA3WjAzMTEwLwYDVQQD
EygxNmQ1OGRhNTIyZGJlNDE2NzkwNDhmNGI3ZWIwNDU0YWNiNzgwZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqMjRXaZqCPaIGaziPjSZXFgyPfq
LudWXu/WrZsiFwicd2n5dA1S8fkCUrxihre+PQJOM9GaveHVMQNpHjl08FhrF93C
AVeTa94wNPXyLQpbw9SuZLFIrj7COZaW+CDBsG3MhZA/L8r+BSfyH9/2gjHRYtX2
Oi6E17ynIvKlHSimxxbknQL1svizIpa9rMI4ntNVS+XUagAWha5WOW2kJs16Fmti
du+fAzeP8ZMHvJEq4llgqQVNi7TX+kuajIi2359fUyeWuap6iKLP/++kttV/Jkna
u1J7/hSopoZaXYIYcHNd6hflSedO4u8DKizd7epP3jxEfZjfn0DjcHlv8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBbVjaUi2+QWeQSPS36wRUrLeA6hMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyeaK9lIa
XKSQCt3Ew1oyvtoqTPd9S5t+mo38dxWDat1ko0zLRMOWj8jNN0ay2wWHmzCk3gbK
T+maWZ+wgr7IeOiNkmte7JyH3l5p/fyvDPHqDPWbmc+pht5JWL23jDDloXzwfkog
WPhRuKdCR/te6zIFc3NgXU5uU88wn0Pr5uWG3vO/Cb+/wupEUFPVJdQQ5SDJglxW
MNgLadrRn3jRISfKf8gyZjOB2xrSxg/gfyFhSRUmsnMF2+zJaw50xPxzI97cysxv
dRhpsMhc2chCBin3QE2enJ0UAGTsv8+N7bU9u0D9f9Z/lFgI4QsfQfxaifMfyAbA
KhihXU57e4iDmA==
-----END CERTIFICATE-----