Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/f72a6c-da27-42c7-9483-d0017fcd42f1/1/A5D0YbjFGyArIQDfLMQzD2kiGME.mft
File:                     A5D0YbjFGyArIQDfLMQzD2kiGME.mft (raw, json)
Hash identifier:          gDjwhix471jeQnyz9Zyyn3Lxb2YMAUUvqFKHmN4kBOk=
Subject key identifier:   4D:4B:79:41:30:CF:17:A7:62:5F:4A:4A:8F:4C:0E:A1:BE:F7:9B:CE
Authority key identifier: 03:90:F4:61:B8:C5:1B:20:2B:21:00:DF:2C:C4:33:0F:69:22:18:C1
Certificate issuer:       /CN=0390f461b8c51b202b2100df2cc4330f692218c1
Certificate serial:       01984AAE9AFF8A818CD2C7179BD7B43B48F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A5D0YbjFGyArIQDfLMQzD2kiGME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/f72a6c-da27-42c7-9483-d0017fcd42f1/1/A5D0YbjFGyArIQDfLMQzD2kiGME.mft
Manifest number:          158F
Signing time:             Sun 27 Jul 2025 07:00:13 +0000
Manifest this update:     Sun 27 Jul 2025 07:00:13 +0000
Manifest next update:     Mon 28 Jul 2025 07:00:13 +0000
Files and hashes:         1: A5D0YbjFGyArIQDfLMQzD2kiGME.crl (hash: gfw95Rp+oanKG5IkoB+J4nHeLZqxXxRpgGlVTOjLw3Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/f72a6c-da27-42c7-9483-d0017fcd42f1/1/A5D0YbjFGyArIQDfLMQzD2kiGME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/f72a6c-da27-42c7-9483-d0017fcd42f1/1/A5D0YbjFGyArIQDfLMQzD2kiGME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A5D0YbjFGyArIQDfLMQzD2kiGME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:ae:9a:ff:8a:81:8c:d2:c7:17:9b:d7:b4:3b:48:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0390f461b8c51b202b2100df2cc4330f692218c1
        Validity
            Not Before: Jul 27 07:00:13 2025 GMT
            Not After : Jul 28 07:00:13 2025 GMT
        Subject: CN=4d4b794130cf17a7625f4a4a8f4c0ea1bef79bce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:b1:b6:f2:29:fb:36:4f:a0:42:de:6e:72:65:
                    23:47:fe:27:c2:87:49:75:ed:2c:bc:e8:31:22:da:
                    78:36:0a:51:9a:b2:b5:db:01:9e:c4:66:f9:32:f9:
                    ff:f6:91:97:bc:6c:3f:30:9e:c5:40:69:de:ad:2c:
                    bc:9b:18:df:7e:88:19:f1:33:1b:6a:79:1e:b8:22:
                    59:68:ce:a1:15:d3:d9:e1:df:f9:d0:ba:aa:9d:52:
                    24:a7:b9:fc:6a:26:10:a3:d7:9e:e3:23:8f:d5:1d:
                    15:04:15:80:36:5f:a8:53:93:33:2a:62:ae:c5:77:
                    df:24:17:68:35:e4:a3:89:ed:d0:31:d3:c7:64:ee:
                    2f:73:9c:26:19:1e:a7:ac:96:31:f0:19:e7:d3:2e:
                    c1:60:39:1a:14:16:24:c2:93:19:04:34:75:e5:dc:
                    89:83:4a:1e:a8:1a:58:84:fd:4c:7d:3b:71:06:3b:
                    23:37:6e:64:66:67:16:2a:b5:e3:7e:73:70:c5:db:
                    31:20:a1:6e:91:26:35:13:e7:82:fb:e2:19:79:31:
                    c9:90:9f:0a:f3:5f:fc:ac:81:6b:19:b6:3d:70:26:
                    2f:ce:05:fe:7c:70:18:6f:8c:a7:39:b4:27:40:e3:
                    87:13:d5:ed:b0:40:7b:67:78:30:cb:bd:00:e2:32:
                    9c:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:4B:79:41:30:CF:17:A7:62:5F:4A:4A:8F:4C:0E:A1:BE:F7:9B:CE
            X509v3 Authority Key Identifier:
                keyid:03:90:F4:61:B8:C5:1B:20:2B:21:00:DF:2C:C4:33:0F:69:22:18:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A5D0YbjFGyArIQDfLMQzD2kiGME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f72a6c-da27-42c7-9483-d0017fcd42f1/1/A5D0YbjFGyArIQDfLMQzD2kiGME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f72a6c-da27-42c7-9483-d0017fcd42f1/1/A5D0YbjFGyArIQDfLMQzD2kiGME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:e3:90:e0:5f:b7:a7:fb:54:7a:19:c6:fc:a5:cd:58:4f:34:
         6d:27:8f:a3:cb:ab:d4:40:c1:8e:d7:e2:e4:f8:9c:7e:de:47:
         12:82:57:cc:29:78:ac:e5:89:04:27:f8:52:19:94:2e:97:e1:
         a4:a0:99:a3:e6:3f:1a:22:3f:8f:b0:5b:bc:d4:41:20:0f:a8:
         0b:d8:c5:93:fc:a2:4c:b3:55:04:f1:4b:11:1c:d3:6b:c5:42:
         8b:33:74:f4:21:15:c5:82:7b:3f:39:a5:f0:90:99:32:52:e2:
         7d:0d:d7:16:e8:f6:39:ce:0e:55:2f:d7:ee:8b:b8:3d:a4:bb:
         ca:d2:26:6e:fe:54:9b:79:c6:47:c5:ee:61:31:f0:f9:1e:15:
         7a:04:01:17:f3:b1:66:8b:be:7f:15:d9:02:01:89:96:9c:7f:
         82:fc:39:f7:32:15:8f:40:86:6b:cf:0a:c7:7d:ea:12:e3:6f:
         4f:30:a5:9b:46:f0:ce:ec:4e:d7:f2:de:32:de:91:0c:bf:88:
         db:45:92:0d:eb:da:08:a7:d9:5a:e2:85:93:81:2d:96:8d:99:
         9b:6b:20:f8:1d:a6:30:aa:5d:a6:7d:e8:2e:b9:81:b2:10:00:
         6b:26:f9:8c:2f:87:89:9e:4c:55:f5:b4:a3:ad:5e:4e:47:7f:
         fc:2b:6b:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKrpr/ioGM0scXm9e0O0j4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzOTBmNDYxYjhjNTFiMjAyYjIxMDBkZjJjYzQzMzBmNjky
MjE4YzEwHhcNMjUwNzI3MDcwMDEzWhcNMjUwNzI4MDcwMDEzWjAzMTEwLwYDVQQD
Eyg0ZDRiNzk0MTMwY2YxN2E3NjI1ZjRhNGE4ZjRjMGVhMWJlZjc5YmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67G28in7Nk+gQt5ucmUjR/4nwodJ
de0svOgxItp4NgpRmrK12wGexGb5Mvn/9pGXvGw/MJ7FQGnerSy8mxjffogZ8TMb
ankeuCJZaM6hFdPZ4d/50LqqnVIkp7n8aiYQo9ee4yOP1R0VBBWANl+oU5MzKmKu
xXffJBdoNeSjie3QMdPHZO4vc5wmGR6nrJYx8Bnn0y7BYDkaFBYkwpMZBDR15dyJ
g0oeqBpYhP1MfTtxBjsjN25kZmcWKrXjfnNwxdsxIKFukSY1E+eC++IZeTHJkJ8K
81/8rIFrGbY9cCYvzgX+fHAYb4ynObQnQOOHE9XtsEB7Z3gwy70A4jKcgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1LeUEwzxenYl9KSo9MDqG+95vOMB8GA1UdIwQY
MBaAFAOQ9GG4xRsgKyEA3yzEMw9pIhjBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTVEMFliakZHeUFySVFEZkxNUXpEMmtpR01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9mNzJhNmMtZGEyNy00MmM3LTk0ODMt
ZDAwMTdmY2Q0MmYxLzEvQTVEMFliakZHeUFySVFEZkxNUXpEMmtpR01FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9mNzJhNmMtZGEyNy00MmM3LTk0ODMtZDAwMTdmY2Q0MmYx
LzEvQTVEMFliakZHeUFySVFEZkxNUXpEMmtpR01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe+OQ4F+3
p/tUehnG/KXNWE80bSePo8ur1EDBjtfi5Picft5HEoJXzCl4rOWJBCf4UhmULpfh
pKCZo+Y/GiI/j7BbvNRBIA+oC9jFk/yiTLNVBPFLERzTa8VCizN09CEVxYJ7Pzml
8JCZMlLifQ3XFuj2Oc4OVS/X7ou4PaS7ytImbv5Um3nGR8XuYTHw+R4VegQBF/Ox
Zou+fxXZAgGJlpx/gvw59zIVj0CGa88Kx33qEuNvTzClm0bwzuxO1/LeMt6RDL+I
20WSDevaCKfZWuKFk4Etlo2Zm2sg+B2mMKpdpn3oLrmBshAAayb5jC+HiZ5MVfW0
o61eTkd//Ctr4w==
-----END CERTIFICATE-----