Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          CKQmktFOsltQ63gCd16OAKb/z1wvEG7QmdSBXwJYGEw=
Subject key identifier:   47:72:49:D4:02:6C:5F:CF:78:54:71:14:06:C9:BB:72:D8:F4:08:24
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       01976F99888D6D60F52B1168CB2728AFF3A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          158A
Signing time:             Sat 14 Jun 2025 18:00:22 +0000
Manifest this update:     Sat 14 Jun 2025 18:00:22 +0000
Manifest next update:     Sun 15 Jun 2025 18:00:22 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: 68NYISXK9Ua8p8XhPjTrCI4DrMMLVaSMCfKKm6/wwqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:99:88:8d:6d:60:f5:2b:11:68:cb:27:28:af:f3:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: Jun 14 18:00:22 2025 GMT
            Not After : Jun 15 18:00:22 2025 GMT
        Subject: CN=477249d4026c5fcf7854711406c9bb72d8f40824
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:58:a5:32:7a:ba:c2:e0:e3:a3:e9:bc:bd:03:
                    39:c5:df:d0:e7:5c:cd:83:60:46:e6:ec:a3:c0:50:
                    5d:3d:11:18:0c:ce:54:31:68:2e:1d:4b:47:d6:51:
                    c0:7a:32:6b:b0:5a:2f:13:04:d4:a6:c1:76:eb:a9:
                    6c:68:68:df:61:7c:e3:78:77:62:5d:86:5e:0f:bf:
                    cd:d7:41:04:36:1a:ca:07:80:07:15:59:48:16:13:
                    17:5f:78:71:70:f5:73:aa:5f:8e:90:d2:7d:ed:2c:
                    6a:e9:d5:9b:78:f3:df:e7:90:cb:b4:5d:a6:2b:19:
                    9c:0f:d6:f0:6d:9c:d7:4e:51:20:64:7c:21:0e:cb:
                    2a:58:96:aa:f1:f9:0b:a9:41:bb:44:ca:7c:28:8d:
                    aa:05:13:b0:b7:0a:9e:c8:87:1f:bf:b8:35:06:3f:
                    f7:f1:f9:f2:00:c4:aa:e0:22:b2:2a:32:61:6f:6e:
                    2e:36:2e:82:6d:57:9a:13:d3:03:2c:86:f4:f9:1f:
                    8e:ab:47:72:dd:9d:4d:d2:91:b4:fd:6a:b0:9f:b6:
                    bf:78:22:54:c2:c8:1a:83:09:c8:57:e0:55:e7:d9:
                    1d:ee:d7:82:04:3a:04:35:2a:1a:8f:8c:44:5b:d7:
                    1c:54:ea:78:75:12:38:5c:1f:31:39:d2:c9:79:a1:
                    6e:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:72:49:D4:02:6C:5F:CF:78:54:71:14:06:C9:BB:72:D8:F4:08:24
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:f5:48:62:d7:dc:1e:d8:57:7d:e0:19:30:d0:1d:3e:aa:ce:
         77:0f:08:30:10:61:70:fb:f1:6e:73:fc:5b:39:d5:5d:1b:08:
         18:99:24:55:6d:6e:8d:96:69:4c:73:1d:a2:d8:a4:8d:4a:6d:
         42:7d:e4:9a:34:43:fa:75:1f:b3:6d:e6:90:93:ca:a1:57:75:
         03:86:27:fb:2e:89:54:1a:af:b1:6a:a5:5d:25:d9:67:78:75:
         6c:2b:5c:b0:db:a5:67:5f:cb:8e:91:3c:89:c6:f6:6b:9f:bb:
         e4:e4:87:81:b3:5d:ad:70:4c:57:dc:63:8d:b5:36:50:f9:2b:
         7f:a8:62:78:d1:e7:eb:02:35:7f:63:c2:4a:e0:db:70:89:53:
         ab:cf:8f:4c:f6:49:56:82:7a:6a:89:35:c1:94:c9:03:44:d2:
         b3:85:02:7d:e2:ea:18:36:2d:23:d9:b9:d5:ab:d4:b5:36:38:
         51:78:8e:c0:45:84:88:10:d2:6f:e4:e8:58:59:9e:8f:b7:3e:
         9c:c0:d7:3d:8a:85:55:99:42:63:91:ee:bb:70:1a:da:23:52:
         c2:2c:44:72:28:df:b0:68:c2:29:3d:d2:75:70:88:77:60:ff:
         30:26:99:43:69:0f:33:f5:d9:77:0b:1f:03:2d:f6:87:f7:ac:
         8a:53:c4:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmYiNbWD1KxFoyycor/OoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjUwNjE0MTgwMDIyWhcNMjUwNjE1MTgwMDIyWjAzMTEwLwYDVQQD
Eyg0NzcyNDlkNDAyNmM1ZmNmNzg1NDcxMTQwNmM5YmI3MmQ4ZjQwODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1ilMnq6wuDjo+m8vQM5xd/Q51zN
g2BG5uyjwFBdPREYDM5UMWguHUtH1lHAejJrsFovEwTUpsF266lsaGjfYXzjeHdi
XYZeD7/N10EENhrKB4AHFVlIFhMXX3hxcPVzql+OkNJ97Sxq6dWbePPf55DLtF2m
KxmcD9bwbZzXTlEgZHwhDssqWJaq8fkLqUG7RMp8KI2qBROwtwqeyIcfv7g1Bj/3
8fnyAMSq4CKyKjJhb24uNi6CbVeaE9MDLIb0+R+Oq0dy3Z1N0pG0/Wqwn7a/eCJU
wsgagwnIV+BV59kd7teCBDoENSoaj4xEW9ccVOp4dRI4XB8xOdLJeaFufQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdySdQCbF/PeFRxFAbJu3LY9AgkMB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAPVIYtfc
HthXfeAZMNAdPqrOdw8IMBBhcPvxbnP8WznVXRsIGJkkVW1ujZZpTHMdotikjUpt
Qn3kmjRD+nUfs23mkJPKoVd1A4Yn+y6JVBqvsWqlXSXZZ3h1bCtcsNulZ1/LjpE8
icb2a5+75OSHgbNdrXBMV9xjjbU2UPkrf6hieNHn6wI1f2PCSuDbcIlTq8+PTPZJ
VoJ6aok1wZTJA0TSs4UCfeLqGDYtI9m51avUtTY4UXiOwEWEiBDSb+ToWFmej7c+
nMDXPYqFVZlCY5Huu3Aa2iNSwixEcijfsGjCKT3SdXCId2D/MCaZQ2kPM/XZdwsf
Ay32h/esilPEjA==
-----END CERTIFICATE-----