Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
File:                     y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft (raw, json)
Hash identifier:          UDvwXty7GCDGDLmZPqE/VGTIOVBsAFrtygYkPqADKqk=
Subject key identifier:   51:10:E8:7A:C4:7E:57:E9:E5:C6:83:45:56:F5:F9:C0:8D:08:BD:12
Authority key identifier: CB:83:FB:FC:17:6C:D4:8E:BE:2F:2C:DE:9F:4C:01:ED:25:3B:BB:2D
Certificate issuer:       /CN=cb83fbfc176cd48ebe2f2cde9f4c01ed253bbb2d
Certificate serial:       01975045D1CC2A4A86595FC52FBA5A9B6F21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
Manifest number:          157F
Signing time:             Sun 08 Jun 2025 16:00:42 +0000
Manifest this update:     Sun 08 Jun 2025 16:00:42 +0000
Manifest next update:     Mon 09 Jun 2025 16:00:42 +0000
Files and hashes:         1: y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl (hash: FWfd25wPQXJIsdkzslDCadaGQonGcp/IIyidEKs/1Lg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 16:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:45:d1:cc:2a:4a:86:59:5f:c5:2f:ba:5a:9b:6f:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb83fbfc176cd48ebe2f2cde9f4c01ed253bbb2d
        Validity
            Not Before: Jun  8 16:00:42 2025 GMT
            Not After : Jun  9 16:00:42 2025 GMT
        Subject: CN=5110e87ac47e57e9e5c6834556f5f9c08d08bd12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7b:c0:b7:c5:0c:3b:98:48:20:d6:23:14:98:
                    3b:d2:8a:7f:05:32:9e:06:2a:c1:7c:eb:2a:57:12:
                    42:25:a7:08:03:07:a8:2c:cc:fd:e1:fb:e1:07:06:
                    00:c3:c0:48:d3:a0:28:94:a2:c5:79:e0:4e:07:62:
                    2f:e5:48:fe:24:be:e2:8f:e1:22:1d:fb:0b:84:3c:
                    ab:b9:3e:06:a4:5b:fa:1a:25:6b:f0:4b:98:6a:e3:
                    73:cd:b5:90:ea:a8:37:d8:a8:b8:30:1b:2e:55:95:
                    6d:63:d8:55:42:bf:f1:1f:d7:61:9e:fb:05:b0:ce:
                    f3:8a:a4:37:4a:ba:b9:9b:f6:dc:1f:d5:11:59:58:
                    9c:a5:30:ae:5e:fc:5e:9b:c4:f1:d1:37:e4:f7:4e:
                    89:91:09:07:08:5f:9f:87:86:93:be:c9:6b:99:a9:
                    0a:7d:ba:8f:71:7e:d6:de:3c:9d:2b:3d:a2:36:fd:
                    2b:59:67:f9:c0:39:2e:08:b2:0d:8b:c7:64:76:f5:
                    72:45:22:d8:ae:18:7f:3d:d7:ae:54:e4:ca:db:d1:
                    33:da:b0:4a:3c:14:93:78:b6:07:3b:31:70:2b:b8:
                    70:4e:54:4f:ce:51:e8:ab:82:d1:85:87:3c:28:59:
                    c8:df:f3:ad:f9:1d:dd:b0:1b:13:6b:ee:0a:d0:e2:
                    f6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:10:E8:7A:C4:7E:57:E9:E5:C6:83:45:56:F5:F9:C0:8D:08:BD:12
            X509v3 Authority Key Identifier:
                keyid:CB:83:FB:FC:17:6C:D4:8E:BE:2F:2C:DE:9F:4C:01:ED:25:3B:BB:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:82:29:32:35:df:22:36:1a:cb:55:c1:22:c7:21:f9:75:c6:
         df:aa:76:ad:42:07:62:2c:5f:0e:59:a2:c8:a3:96:b1:0f:38:
         0d:b2:47:b5:96:ba:2b:a8:5b:bd:55:45:64:0f:02:98:b1:26:
         c3:cf:22:be:e0:37:8d:6d:e5:ab:ef:f1:e6:fd:e7:6f:4e:ca:
         4e:09:ac:38:86:d8:29:7d:36:ce:d3:66:5c:7f:e8:26:da:22:
         27:65:83:08:a3:60:c2:ca:85:62:70:fa:2a:37:ef:2c:df:ba:
         c7:b5:ad:6c:fb:0a:ed:a5:81:cc:52:38:73:57:06:2b:42:14:
         49:18:ac:e8:90:12:0e:15:8d:b3:ba:1d:18:ee:d4:64:bb:6c:
         4e:5e:f4:ce:e8:e6:11:a4:44:3e:42:85:d7:83:c3:87:58:db:
         0b:68:12:84:2a:59:33:9b:00:82:bb:57:ec:1d:83:17:30:01:
         56:d3:3a:62:71:58:a5:ae:cf:f3:6c:37:12:60:d1:70:60:36:
         c1:10:db:ad:60:1c:a8:c8:b6:e4:1b:d7:39:d8:6b:b2:1a:1c:
         8a:4a:5c:38:2b:de:aa:98:a4:f7:2a:fb:15:a4:1d:4e:55:f9:
         6f:04:3f:ed:71:f3:85:d0:5d:91:4e:62:fc:3a:3b:97:d7:68:
         74:db:36:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRdHMKkqGWV/FL7pam28hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiODNmYmZjMTc2Y2Q0OGViZTJmMmNkZTlmNGMwMWVkMjUz
YmJiMmQwHhcNMjUwNjA4MTYwMDQyWhcNMjUwNjA5MTYwMDQyWjAzMTEwLwYDVQQD
Eyg1MTEwZTg3YWM0N2U1N2U5ZTVjNjgzNDU1NmY1ZjljMDhkMDhiZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXvAt8UMO5hIINYjFJg70op/BTKe
BirBfOsqVxJCJacIAweoLMz94fvhBwYAw8BI06AolKLFeeBOB2Iv5Uj+JL7ij+Ei
HfsLhDyruT4GpFv6GiVr8EuYauNzzbWQ6qg32Ki4MBsuVZVtY9hVQr/xH9dhnvsF
sM7ziqQ3Srq5m/bcH9URWVicpTCuXvxem8Tx0Tfk906JkQkHCF+fh4aTvslrmakK
fbqPcX7W3jydKz2iNv0rWWf5wDkuCLINi8dkdvVyRSLYrhh/PdeuVOTK29Ez2rBK
PBSTeLYHOzFwK7hwTlRPzlHoq4LRhYc8KFnI3/Ot+R3dsBsTa+4K0OL2GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFEQ6HrEflfp5caDRVb1+cCNCL0SMB8GA1UdIwQY
MBaAFMuD+/wXbNSOvi8s3p9MAe0lO7stMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYTM3ZjEtY2UxYS00ODE2LWJjYjYt
NDQxMmRlZmVkZTczLzEveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYTM3ZjEtY2UxYS00ODE2LWJjYjYtNDQxMmRlZmVkZTcz
LzEveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX4IpMjXf
IjYay1XBIsch+XXG36p2rUIHYixfDlmiyKOWsQ84DbJHtZa6K6hbvVVFZA8CmLEm
w88ivuA3jW3lq+/x5v3nb07KTgmsOIbYKX02ztNmXH/oJtoiJ2WDCKNgwsqFYnD6
KjfvLN+6x7WtbPsK7aWBzFI4c1cGK0IUSRis6JASDhWNs7odGO7UZLtsTl70zujm
EaREPkKF14PDh1jbC2gShCpZM5sAgrtX7B2DFzABVtM6YnFYpa7P82w3EmDRcGA2
wRDbrWAcqMi25BvXOdhrshocikpcOCveqpik9yr7FaQdTlX5bwQ/7XHzhdBdkU5i
/Do7l9dodNs2mg==
-----END CERTIFICATE-----