Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          oxZUM8awRV++uhqZ3IIYXARrmMRFCKplGyiLleJdr9g=
Subject key identifier:   3C:94:03:81:00:B3:A1:40:5B:DD:FA:4F:8C:BE:8A:50:4C:68:6B:F3
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       01969ABE73B0E9999FF4E4D5F807533CADC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          071C
Signing time:             Sun 04 May 2025 10:01:34 +0000
Manifest this update:     Sun 04 May 2025 10:01:34 +0000
Manifest next update:     Mon 05 May 2025 10:01:34 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: 8JNYLfzLjjOl8E9wg2gwoEL0LWm5+NsIdiaOVmWakMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9a:be:73:b0:e9:99:9f:f4:e4:d5:f8:07:53:3c:ad:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: May  4 10:01:34 2025 GMT
            Not After : May  5 10:01:34 2025 GMT
        Subject: CN=3c94038100b3a1405bddfa4f8cbe8a504c686bf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:76:e7:7e:5a:c3:3a:2c:f5:ca:49:1c:9e:6c:
                    78:0e:5c:f6:b3:1e:de:a2:05:51:f2:3a:1f:0c:35:
                    1b:73:29:1b:91:a8:20:d5:4c:da:83:75:ce:8d:f7:
                    d7:fd:a7:00:03:55:e7:44:58:b9:4a:fd:67:45:3d:
                    56:dc:61:40:78:4c:51:43:cd:14:b8:10:57:e6:7c:
                    5c:a3:d6:ad:30:4c:c1:8d:51:7f:b8:09:33:8a:47:
                    ba:0e:53:7e:1a:5f:37:24:bb:08:89:3e:35:15:26:
                    8f:45:b9:62:1d:e8:f6:00:47:8e:6d:fd:5a:94:9a:
                    d2:e7:de:dc:b4:7b:e3:c2:8b:f2:c2:24:17:52:8e:
                    cc:a7:fc:68:c8:fe:32:9c:1c:20:c9:db:7e:ce:ac:
                    14:d4:7b:04:a7:01:ac:54:fd:2d:3f:85:09:2e:d5:
                    eb:c3:45:4b:72:8a:dd:82:4c:39:5b:3f:31:51:d4:
                    dc:c4:4d:2d:2a:3c:1b:10:26:0f:ff:02:e2:75:c4:
                    67:e8:2a:03:d6:43:51:a4:a3:08:73:af:85:8c:db:
                    03:54:83:65:92:21:e6:2a:09:6a:53:3a:43:c8:de:
                    40:74:f8:72:06:43:1c:56:df:db:9c:7a:46:ba:b1:
                    a3:9d:13:4b:07:75:b2:9c:bc:fa:c0:26:08:ba:d0:
                    c4:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:94:03:81:00:B3:A1:40:5B:DD:FA:4F:8C:BE:8A:50:4C:68:6B:F3
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:19:34:45:1a:96:ca:22:97:0f:3e:76:4f:1c:13:0e:de:2b:
         02:cb:e2:cd:54:af:e0:a7:3b:6c:41:db:d9:3c:04:af:76:f1:
         9a:31:0c:b4:b9:66:9a:ad:e7:6d:7b:d1:bb:73:a3:40:74:aa:
         06:ba:41:c1:9e:48:83:85:db:4c:a6:6c:18:c0:64:3d:f4:e5:
         49:a5:f8:c4:c0:55:20:aa:f9:b1:1c:7f:54:32:ec:50:1c:17:
         19:e1:7a:2e:da:c6:04:3e:c2:65:54:1d:52:85:ab:9b:da:ea:
         71:7e:78:4f:7a:e2:b4:89:42:2f:82:35:70:f1:7c:2d:b7:58:
         38:2d:18:44:f5:d1:cc:bf:eb:0f:29:38:85:7b:fd:9e:51:46:
         53:76:f7:ed:47:83:ba:47:27:2e:d5:23:c1:af:2a:df:8b:7b:
         d8:a4:c2:f1:af:57:61:e4:61:b1:eb:ac:b7:45:7d:18:b8:08:
         84:d9:f5:e4:87:f7:7e:8d:82:68:d9:5d:54:35:71:d7:ce:f5:
         a7:94:6a:73:4d:ad:0a:e1:9c:59:34:13:81:4f:d8:91:07:0e:
         6c:2d:7b:f1:75:14:6f:94:5c:dc:27:ff:46:58:74:3a:1a:9d:
         38:ca:3a:7c:fa:fc:04:99:72:c7:cd:e2:2c:62:a7:92:5d:af:
         fd:fe:e2:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaavnOw6Zmf9OTV+AdTPK3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjUwNTA0MTAwMTM0WhcNMjUwNTA1MTAwMTM0WjAzMTEwLwYDVQQD
EygzYzk0MDM4MTAwYjNhMTQwNWJkZGZhNGY4Y2JlOGE1MDRjNjg2YmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3bnflrDOiz1ykkcnmx4Dlz2sx7e
ogVR8jofDDUbcykbkagg1Uzag3XOjffX/acAA1XnRFi5Sv1nRT1W3GFAeExRQ80U
uBBX5nxco9atMEzBjVF/uAkzike6DlN+Gl83JLsIiT41FSaPRbliHej2AEeObf1a
lJrS597ctHvjwovywiQXUo7Mp/xoyP4ynBwgydt+zqwU1HsEpwGsVP0tP4UJLtXr
w0VLcordgkw5Wz8xUdTcxE0tKjwbECYP/wLidcRn6CoD1kNRpKMIc6+FjNsDVINl
kiHmKglqUzpDyN5AdPhyBkMcVt/bnHpGurGjnRNLB3WynLz6wCYIutDEAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDyUA4EAs6FAW936T4y+ilBMaGvzMB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjhk0RRqW
yiKXDz52TxwTDt4rAsvizVSv4Kc7bEHb2TwEr3bxmjEMtLlmmq3nbXvRu3OjQHSq
BrpBwZ5Ig4XbTKZsGMBkPfTlSaX4xMBVIKr5sRx/VDLsUBwXGeF6LtrGBD7CZVQd
UoWrm9rqcX54T3ritIlCL4I1cPF8LbdYOC0YRPXRzL/rDyk4hXv9nlFGU3b37UeD
ukcnLtUjwa8q34t72KTC8a9XYeRhseust0V9GLgIhNn15If3fo2CaNldVDVx1871
p5Rqc02tCuGcWTQTgU/YkQcObC178XUUb5Rc3Cf/Rlh0OhqdOMo6fPr8BJlyx83i
LGKnkl2v/f7isg==
-----END CERTIFICATE-----