Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          QysvaYjlTwZnf10/DfprWPRhtcCLcpGs+eCptglFBhI=
Subject key identifier:   D8:EC:0D:CD:93:9A:B4:F7:8D:F6:BE:19:D6:71:AE:98:83:C2:25:4A
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019A4E4F6BBF21F305E559872471000369FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 10:00:18 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:18 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:18 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: ZYw0TR8dAJIRkPz4qFKNSRSQIfgOjGGSr25oqnStnwc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:6b:bf:21:f3:05:e5:59:87:24:71:00:03:69:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Nov  4 10:00:18 2025 GMT
            Not After : Nov  5 10:00:18 2025 GMT
        Subject: CN=d8ec0dcd939ab4f78df6be19d671ae9883c2254a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:6f:a4:35:0a:72:b4:48:c0:b9:39:71:ce:0f:
                    47:ad:4e:2d:d4:ad:e5:5a:a2:b4:cd:96:75:ba:0f:
                    67:f4:b5:4b:b4:49:db:3e:1c:74:90:29:5d:9c:3f:
                    74:c1:79:4b:53:46:05:05:36:48:14:60:b7:87:9e:
                    19:dd:04:fa:4e:4d:3e:fa:f8:b2:6d:f4:58:67:4e:
                    e7:78:eb:a1:16:dd:6d:90:4c:0b:29:e8:bb:2a:fc:
                    12:25:d2:b4:b6:09:a8:7f:8b:2d:0c:85:67:8f:c7:
                    bd:72:32:57:bb:32:d7:2d:35:13:65:c5:7d:6d:01:
                    d6:a4:a8:7d:b5:54:55:98:13:3e:02:cc:83:f1:cc:
                    87:c4:6a:c3:56:69:5b:7c:b1:42:5a:81:5a:72:73:
                    16:4b:cb:bf:42:3e:90:55:08:35:b7:70:f9:91:37:
                    da:6b:51:bb:37:d2:90:57:24:75:00:26:ac:f7:d3:
                    b5:24:6b:55:92:07:10:66:25:00:e7:92:de:83:ef:
                    5d:4c:14:40:b2:e6:de:d5:a1:b2:e6:62:df:a6:86:
                    2c:fc:13:69:e0:ec:54:8e:8e:d5:1e:79:03:54:ae:
                    83:09:4b:f2:a6:02:d8:70:a6:f7:12:0e:00:29:38:
                    06:fe:71:74:26:68:2b:c4:fb:df:f4:0a:31:fc:d3:
                    ef:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:EC:0D:CD:93:9A:B4:F7:8D:F6:BE:19:D6:71:AE:98:83:C2:25:4A
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:15:7b:d0:d3:8d:45:ca:6b:5d:19:e7:4c:69:75:5a:81:84:
         01:41:b3:91:e0:38:38:fb:50:5e:c3:d7:55:fd:ae:07:9f:22:
         d8:37:59:3a:0c:fb:bd:12:05:1c:3e:eb:e2:66:40:db:2d:c1:
         41:37:98:ab:7c:d9:b5:7e:cd:bc:31:f5:d5:7f:6d:2f:d3:b6:
         86:75:1e:b0:76:2e:99:b4:42:1d:c7:5c:3e:5e:0d:02:33:fc:
         28:54:a1:61:28:01:fb:91:b5:7d:b6:f8:bc:79:d6:07:a1:1d:
         c2:79:7d:56:4c:40:b0:9b:b0:11:3c:61:f9:16:4d:43:8e:cc:
         00:76:d9:4b:a2:1c:04:1c:b2:01:27:f5:61:94:4a:23:4f:88:
         f5:3d:48:8a:17:90:f7:1d:67:f3:0e:34:2c:1d:f2:3e:fb:3a:
         86:69:52:39:95:f8:cd:d2:74:85:43:3d:81:fd:56:10:68:af:
         e5:5f:84:bb:8f:c4:6d:a6:fa:50:c9:64:b5:a8:0a:10:bb:09:
         0e:5c:08:2a:f8:43:54:51:a7:a7:28:c1:04:32:8a:8d:58:fd:
         b1:ca:42:0e:d7:5d:eb:73:2c:d8:37:00:67:03:00:36:85:26:
         d3:12:9c:8c:9f:96:ee:0d:5b:1a:cf:69:f3:95:24:e4:c0:92:
         c3:7c:92:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT2u/IfMF5VmHJHEAA2n/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjUxMTA0MTAwMDE4WhcNMjUxMTA1MTAwMDE4WjAzMTEwLwYDVQQD
EyhkOGVjMGRjZDkzOWFiNGY3OGRmNmJlMTlkNjcxYWU5ODgzYzIyNTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG+kNQpytEjAuTlxzg9HrU4t1K3l
WqK0zZZ1ug9n9LVLtEnbPhx0kCldnD90wXlLU0YFBTZIFGC3h54Z3QT6Tk0++viy
bfRYZ07neOuhFt1tkEwLKei7KvwSJdK0tgmof4stDIVnj8e9cjJXuzLXLTUTZcV9
bQHWpKh9tVRVmBM+AsyD8cyHxGrDVmlbfLFCWoFacnMWS8u/Qj6QVQg1t3D5kTfa
a1G7N9KQVyR1ACas99O1JGtVkgcQZiUA55Leg+9dTBRAsube1aGy5mLfpoYs/BNp
4OxUjo7VHnkDVK6DCUvypgLYcKb3Eg4AKTgG/nF0JmgrxPvf9Aox/NPvcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjsDc2TmrT3jfa+GdZxrpiDwiVKMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAURV70NON
RcprXRnnTGl1WoGEAUGzkeA4OPtQXsPXVf2uB58i2DdZOgz7vRIFHD7r4mZA2y3B
QTeYq3zZtX7NvDH11X9tL9O2hnUesHYumbRCHcdcPl4NAjP8KFShYSgB+5G1fbb4
vHnWB6Edwnl9VkxAsJuwETxh+RZNQ47MAHbZS6IcBByyASf1YZRKI0+I9T1IiheQ
9x1n8w40LB3yPvs6hmlSOZX4zdJ0hUM9gf1WEGiv5V+Eu4/Ebab6UMlktagKELsJ
DlwIKvhDVFGnpyjBBDKKjVj9scpCDtdd63Ms2DcAZwMANoUm0xKcjJ+W7g1bGs9p
85Uk5MCSw3ySXQ==
-----END CERTIFICATE-----