Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.mft
File:                     HxUjko2OjlS-Rnl2MxoBIdQqAGc.mft (raw, json)
Hash identifier:          4RcoPdaIHuEcLZ4LGpZTig6XW5cHaSbHkLTuqt5jpAE=
Subject key identifier:   8A:D9:71:BA:5E:29:E4:66:B3:29:05:36:42:37:0E:F8:27:45:90:69
Authority key identifier: 1F:15:23:92:8D:8E:8E:54:BE:46:79:76:33:1A:01:21:D4:2A:00:67
Certificate issuer:       /CN=1f1523928d8e8e54be467976331a0121d42a0067
Certificate serial:       0197711ADA806E27B4DB5B12FED8CE106681
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HxUjko2OjlS-Rnl2MxoBIdQqAGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.mft
Manifest number:          158F
Signing time:             Sun 15 Jun 2025 01:01:14 +0000
Manifest this update:     Sun 15 Jun 2025 01:01:14 +0000
Manifest next update:     Mon 16 Jun 2025 01:01:14 +0000
Files and hashes:         1: HxUjko2OjlS-Rnl2MxoBIdQqAGc.crl (hash: s5oerNF3aRkJP3vAwrfQOO9lUFEl31SW2CK10XZ84SU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HxUjko2OjlS-Rnl2MxoBIdQqAGc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:da:80:6e:27:b4:db:5b:12:fe:d8:ce:10:66:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f1523928d8e8e54be467976331a0121d42a0067
        Validity
            Not Before: Jun 15 01:01:14 2025 GMT
            Not After : Jun 16 01:01:14 2025 GMT
        Subject: CN=8ad971ba5e29e466b329053642370ef827459069
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d2:b0:63:42:93:87:a3:02:3d:1c:bf:7c:3f:
                    8f:e8:85:36:a6:14:f8:51:b4:7b:b5:bb:c0:4c:1b:
                    f5:07:b5:b4:53:b1:dd:46:aa:e7:73:ee:f8:54:69:
                    51:bb:bf:66:12:90:21:5a:52:cc:26:cf:64:40:e8:
                    cd:f6:38:4e:88:7d:00:8f:18:9f:d4:2c:60:fa:c8:
                    91:3a:66:43:f1:cb:55:47:17:ad:4e:3d:c5:23:1e:
                    74:df:b4:fa:92:2d:fb:8f:64:c9:9e:ad:b7:9d:10:
                    fd:fd:49:89:2d:dc:d4:89:a7:76:46:be:db:27:d6:
                    05:45:7e:6e:ab:10:8f:cb:3f:10:44:b7:2f:3c:cb:
                    9c:a8:7c:88:58:7c:8e:9e:5d:ae:fd:6f:fb:7e:58:
                    c7:04:32:a4:b6:42:9e:dc:22:ef:c3:42:f1:9d:03:
                    d9:22:0a:c6:e5:91:18:11:41:0f:04:6d:88:07:d3:
                    7d:37:e1:9f:6f:b1:7f:4e:7f:ea:13:22:27:29:86:
                    68:0a:d5:6d:3c:7e:77:e6:62:2f:39:4a:3c:03:88:
                    dc:74:69:9b:19:e4:a9:5a:c9:e0:2a:2b:31:ef:40:
                    9a:43:a4:6e:06:36:b3:52:a6:b2:dc:f3:fa:62:82:
                    89:e0:c3:46:44:b9:66:14:3b:23:36:3a:9d:aa:1e:
                    19:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:D9:71:BA:5E:29:E4:66:B3:29:05:36:42:37:0E:F8:27:45:90:69
            X509v3 Authority Key Identifier:
                keyid:1F:15:23:92:8D:8E:8E:54:BE:46:79:76:33:1A:01:21:D4:2A:00:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HxUjko2OjlS-Rnl2MxoBIdQqAGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/18951b-a654-44b5-ba6b-899f9fbebb19/1/HxUjko2OjlS-Rnl2MxoBIdQqAGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:7a:c0:0c:80:d6:bd:01:bf:19:06:d4:1d:fb:57:2a:2d:23:
         ae:81:23:8c:60:09:15:00:c2:f3:4a:7d:4e:58:68:d9:c9:90:
         7d:67:3e:61:c2:ae:c8:11:51:9f:84:67:8c:c9:d7:3a:c7:a7:
         b7:7b:e6:56:7f:2e:09:6f:dd:ee:bd:2c:47:93:8d:c8:79:44:
         1e:28:0d:b4:b2:ef:06:a9:ec:b0:bb:d7:12:09:60:7f:93:f6:
         2c:05:9a:4f:98:d1:d4:98:58:d2:56:b8:ae:87:fd:36:a1:ae:
         eb:e3:33:e5:65:e4:09:57:ca:fc:7e:74:2d:49:1d:93:57:51:
         a1:27:af:b2:c5:ee:b7:f0:19:f7:c3:22:4c:aa:03:d8:9f:90:
         21:bf:64:98:8d:7a:a3:f7:cf:a8:22:e8:a9:fa:6b:37:0e:c0:
         06:07:02:5d:07:c8:4a:9e:bc:d1:18:63:c1:ee:01:1f:dc:cc:
         27:e9:da:12:62:7d:ff:b6:e6:c5:77:8d:42:8c:4e:42:33:dc:
         13:6d:e1:df:9f:e8:51:e7:f6:ce:67:91:82:b4:3a:b2:7e:39:
         d8:07:93:f1:21:b5:72:a5:d1:67:30:4f:69:5a:55:76:df:00:
         6f:c6:bf:07:ca:23:a5:6b:a0:1b:e1:8f:94:39:2e:64:d4:44:
         b8:22:78:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGtqAbie021sS/tjOEGaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMTUyMzkyOGQ4ZThlNTRiZTQ2Nzk3NjMzMWEwMTIxZDQy
YTAwNjcwHhcNMjUwNjE1MDEwMTE0WhcNMjUwNjE2MDEwMTE0WjAzMTEwLwYDVQQD
Eyg4YWQ5NzFiYTVlMjllNDY2YjMyOTA1MzY0MjM3MGVmODI3NDU5MDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndKwY0KTh6MCPRy/fD+P6IU2phT4
UbR7tbvATBv1B7W0U7HdRqrnc+74VGlRu79mEpAhWlLMJs9kQOjN9jhOiH0Ajxif
1Cxg+siROmZD8ctVRxetTj3FIx5037T6ki37j2TJnq23nRD9/UmJLdzUiad2Rr7b
J9YFRX5uqxCPyz8QRLcvPMucqHyIWHyOnl2u/W/7fljHBDKktkKe3CLvw0LxnQPZ
IgrG5ZEYEUEPBG2IB9N9N+Gfb7F/Tn/qEyInKYZoCtVtPH535mIvOUo8A4jcdGmb
GeSpWsngKisx70CaQ6RuBjazUqay3PP6YoKJ4MNGRLlmFDsjNjqdqh4ZMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrZcbpeKeRmsykFNkI3DvgnRZBpMB8GA1UdIwQY
MBaAFB8VI5KNjo5UvkZ5djMaASHUKgBnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHhVamtvMk9qbFMtUm5sMk14b0JJZFFxQUdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8xODk1MWItYTY1NC00NGI1LWJhNmIt
ODk5ZjlmYmViYjE5LzEvSHhVamtvMk9qbFMtUm5sMk14b0JJZFFxQUdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8xODk1MWItYTY1NC00NGI1LWJhNmItODk5ZjlmYmViYjE5
LzEvSHhVamtvMk9qbFMtUm5sMk14b0JJZFFxQUdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL3rADIDW
vQG/GQbUHftXKi0jroEjjGAJFQDC80p9Tlho2cmQfWc+YcKuyBFRn4RnjMnXOsen
t3vmVn8uCW/d7r0sR5ONyHlEHigNtLLvBqnssLvXEglgf5P2LAWaT5jR1JhY0la4
rof9NqGu6+Mz5WXkCVfK/H50LUkdk1dRoSevssXut/AZ98MiTKoD2J+QIb9kmI16
o/fPqCLoqfprNw7ABgcCXQfISp680Rhjwe4BH9zMJ+naEmJ9/7bmxXeNQoxOQjPc
E23h35/oUef2zmeRgrQ6sn452AeT8SG1cqXRZzBPaVpVdt8Ab8a/B8ojpWugG+GP
lDkuZNREuCJ4RA==
-----END CERTIFICATE-----