Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          GnKErctCF7gQMYi8c0uMPdS8LWF3djZXUPknYmDM8nE=
Subject key identifier:   9A:DD:17:37:9B:14:5B:FD:AE:9E:D7:58:55:D3:33:F7:6E:CE:AB:1C
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       0198A04CA2D393BDA245ED8F43419D531C5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0828
Signing time:             Tue 12 Aug 2025 22:00:33 +0000
Manifest this update:     Tue 12 Aug 2025 22:00:33 +0000
Manifest next update:     Wed 13 Aug 2025 22:00:33 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: 5Zo2L6WlZOWVj5ubGo8T3PsnsjJdIeWuThafQpXPaIA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4c:a2:d3:93:bd:a2:45:ed:8f:43:41:9d:53:1c:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Aug 12 22:00:33 2025 GMT
            Not After : Aug 13 22:00:33 2025 GMT
        Subject: CN=9add17379b145bfdae9ed75855d333f76eceab1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:d4:2a:a6:7b:37:bb:fc:13:eb:51:93:79:8e:
                    95:df:ee:7f:f7:9a:ee:5c:71:ae:7d:d0:2c:98:e8:
                    09:b6:09:ab:54:20:6c:ef:86:49:7f:c1:78:43:8f:
                    23:a1:22:04:a4:f9:8a:80:8f:9c:33:c1:94:ac:84:
                    9f:b2:fd:a4:dd:7e:9e:43:ba:c9:53:6e:77:bb:b9:
                    4b:d7:7a:dd:39:bc:01:7c:6b:7f:a3:08:da:67:d6:
                    a5:cb:a1:86:fc:2c:ee:75:77:bc:a9:11:77:f5:29:
                    40:4a:f2:02:b0:6e:86:9b:e9:94:b3:64:1f:29:49:
                    53:c1:e2:61:46:d1:1d:b9:3b:d2:2a:f5:f3:f6:e4:
                    ed:a4:6c:db:8f:9b:a0:b0:cd:7c:09:9a:3e:86:1f:
                    9a:cc:c2:8d:35:7f:d9:54:64:60:a8:21:f0:72:eb:
                    c4:02:d0:36:3a:d0:44:e5:15:da:9b:a8:88:62:86:
                    10:65:97:1c:73:ef:06:5d:61:37:5e:47:2e:b0:83:
                    7d:36:fc:da:42:91:ab:b1:f6:a2:32:d2:fc:0e:2d:
                    b9:c7:c7:2a:08:15:e7:70:a2:51:31:2f:62:b8:1c:
                    7b:67:e5:f1:47:6e:54:c1:65:ff:a6:68:5c:3d:f8:
                    49:43:70:38:66:73:cc:46:2c:5e:dc:6c:bf:01:a6:
                    58:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:DD:17:37:9B:14:5B:FD:AE:9E:D7:58:55:D3:33:F7:6E:CE:AB:1C
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:d0:d6:d6:d1:e1:08:b1:bd:bb:73:cf:dc:d4:21:95:68:b1:
         f9:30:bb:84:8b:19:34:13:4c:1c:1c:56:99:0c:1c:f5:bd:db:
         79:75:56:e8:6e:39:c5:0c:44:86:57:42:4e:00:cf:50:3f:b0:
         7f:59:79:8b:c9:76:c2:63:b0:a4:76:47:1a:2a:d3:69:1c:fe:
         80:76:f5:05:fb:e5:d8:f2:4e:fb:70:7f:9c:62:e8:c9:df:ad:
         b3:f5:22:5d:3d:0f:88:9a:0d:59:cf:d2:7e:d7:4a:66:3c:fb:
         c8:cc:d5:de:2e:6c:b8:55:db:9b:1f:7e:75:c7:91:2c:7b:09:
         fc:f3:5d:c8:28:fa:10:37:ab:2a:9a:ca:45:f7:fe:b2:e2:75:
         a1:e0:0c:4f:48:0f:15:11:fb:a4:b5:05:41:ce:83:3c:77:c7:
         be:fc:d2:8a:da:ba:15:c4:dc:86:ee:fa:41:c0:9a:97:70:4c:
         33:f3:d4:88:32:1c:d7:fe:ed:91:4c:d0:63:e9:d5:ae:6a:63:
         ee:83:65:a5:b7:1d:5f:61:d2:4d:86:bc:52:b1:05:83:90:7f:
         78:a9:35:d7:ed:59:6a:09:d1:5d:e1:ad:dd:c1:ed:76:11:74:
         06:ed:92:3a:a3:25:41:7c:a4:dc:12:93:e1:8c:4a:78:3e:c8:
         5c:58:ab:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTKLTk72iRe2PQ0GdUxxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUwODEyMjIwMDMzWhcNMjUwODEzMjIwMDMzWjAzMTEwLwYDVQQD
Eyg5YWRkMTczNzliMTQ1YmZkYWU5ZWQ3NTg1NWQzMzNmNzZlY2VhYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tQqpns3u/wT61GTeY6V3+5/95ru
XHGufdAsmOgJtgmrVCBs74ZJf8F4Q48joSIEpPmKgI+cM8GUrISfsv2k3X6eQ7rJ
U253u7lL13rdObwBfGt/owjaZ9aly6GG/CzudXe8qRF39SlASvICsG6Gm+mUs2Qf
KUlTweJhRtEduTvSKvXz9uTtpGzbj5ugsM18CZo+hh+azMKNNX/ZVGRgqCHwcuvE
AtA2OtBE5RXam6iIYoYQZZccc+8GXWE3XkcusIN9NvzaQpGrsfaiMtL8Di25x8cq
CBXncKJRMS9iuBx7Z+XxR25UwWX/pmhcPfhJQ3A4ZnPMRixe3Gy/AaZYmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrdFzebFFv9rp7XWFXTM/duzqscMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUNDW1tHh
CLG9u3PP3NQhlWix+TC7hIsZNBNMHBxWmQwc9b3beXVW6G45xQxEhldCTgDPUD+w
f1l5i8l2wmOwpHZHGirTaRz+gHb1Bfvl2PJO+3B/nGLoyd+ts/UiXT0PiJoNWc/S
ftdKZjz7yMzV3i5suFXbmx9+dceRLHsJ/PNdyCj6EDerKprKRff+suJ1oeAMT0gP
FRH7pLUFQc6DPHfHvvzSitq6FcTchu76QcCal3BMM/PUiDIc1/7tkUzQY+nVrmpj
7oNlpbcdX2HSTYa8UrEFg5B/eKk11+1ZagnRXeGt3cHtdhF0Bu2SOqMlQXyk3BKT
4YxKeD7IXFirMA==
-----END CERTIFICATE-----