Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft
File:                     wA7St1AmRN0DbiOS-wMyz7FNuNI.mft (raw, json)
Hash identifier:          2f5zrWskSAE0BmFTOX0Bdaez8MLvKOIY5ICS2RnB/N0=
Subject key identifier:   0D:05:02:37:02:B4:01:09:77:7F:80:DD:61:6C:59:10:EB:D2:94:8F
Authority key identifier: C0:0E:D2:B7:50:26:44:DD:03:6E:23:92:FB:03:32:CF:B1:4D:B8:D2
Certificate issuer:       /CN=c00ed2b7502644dd036e2392fb0332cfb14db8d2
Certificate serial:       01974931905820FED86A36550B4B9062FB2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wA7St1AmRN0DbiOS-wMyz7FNuNI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 07:01:14 +0000
Manifest this update:     Sat 07 Jun 2025 07:01:14 +0000
Manifest next update:     Sun 08 Jun 2025 07:01:14 +0000
Files and hashes:         1: wA7St1AmRN0DbiOS-wMyz7FNuNI.crl (hash: QizWCwLu/ET2JL4eLo9b/JlJm5RkwIJt8GHcguB1NO4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wA7St1AmRN0DbiOS-wMyz7FNuNI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:90:58:20:fe:d8:6a:36:55:0b:4b:90:62:fb:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c00ed2b7502644dd036e2392fb0332cfb14db8d2
        Validity
            Not Before: Jun  7 07:01:14 2025 GMT
            Not After : Jun  8 07:01:14 2025 GMT
        Subject: CN=0d05023702b40109777f80dd616c5910ebd2948f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5c:2a:7f:0a:a0:ed:f6:2e:53:34:b0:01:c8:
                    9d:70:c5:d5:5b:6e:3e:f1:15:11:e8:a5:5e:c5:74:
                    8a:e6:c4:cf:1f:c8:9a:ba:d2:8a:26:21:9b:94:b8:
                    30:64:93:5c:13:bb:7b:42:70:a6:65:70:b7:d8:0d:
                    69:21:ab:04:70:07:28:5b:1f:e1:8f:61:6d:54:14:
                    8a:ca:9f:3b:f3:4a:4c:8b:0e:c4:46:e4:bc:65:a5:
                    ee:ef:d4:05:a9:67:81:fa:73:ed:21:9e:b8:9b:5a:
                    bb:cf:65:25:fe:e4:9e:13:7d:f2:96:80:97:60:c0:
                    8a:ba:cb:c2:0c:12:83:21:9d:ec:f5:07:6c:c6:03:
                    c8:a5:05:71:8e:d4:85:97:ae:d5:69:4e:87:e3:d5:
                    88:9f:f3:a4:01:66:eb:c2:7e:98:68:d7:3e:94:08:
                    a5:0b:0f:1b:6d:e0:10:bd:df:5c:38:df:5c:1e:9d:
                    a8:ed:2c:44:f9:1b:84:50:e6:58:38:81:21:7d:51:
                    a4:fb:19:48:d5:d8:93:1a:79:e0:a5:a9:9a:34:15:
                    c7:b6:4f:a5:38:47:0d:d5:43:e7:a8:1f:d0:38:47:
                    f7:6d:bd:6d:23:a4:2b:81:34:22:60:bd:c7:4b:a5:
                    d0:71:bc:f0:01:12:a0:d6:c8:c1:39:47:f2:f2:fd:
                    11:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:05:02:37:02:B4:01:09:77:7F:80:DD:61:6C:59:10:EB:D2:94:8F
            X509v3 Authority Key Identifier:
                keyid:C0:0E:D2:B7:50:26:44:DD:03:6E:23:92:FB:03:32:CF:B1:4D:B8:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wA7St1AmRN0DbiOS-wMyz7FNuNI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/00b84b-b5d1-4c1d-8e70-09e8fafaf0cc/1/wA7St1AmRN0DbiOS-wMyz7FNuNI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:40:81:fc:6b:bc:96:e3:53:cf:2e:7a:4d:41:e4:ab:a2:f4:
         3c:86:99:05:1a:b9:77:e5:cf:68:c4:ba:b9:40:02:27:37:0c:
         8f:3f:c4:f5:80:70:dd:f1:42:cb:b0:81:d5:29:97:9d:6e:c6:
         8d:b1:eb:5e:76:d7:9d:cc:61:9f:d4:d7:3e:84:08:21:43:8d:
         13:02:30:8f:62:3d:c7:14:99:43:e3:ed:a0:a1:b0:93:4a:18:
         e5:59:76:1b:45:7e:76:5d:66:3d:e8:69:93:8d:8a:36:42:71:
         68:5d:81:a9:43:b0:2c:3e:23:6b:3b:8e:58:03:ba:b9:93:7f:
         c6:0e:f2:ec:34:18:f1:fb:df:cd:b3:ee:21:20:56:f1:4d:31:
         f4:f9:0f:da:d1:73:c9:8e:55:f1:2d:a9:7a:1c:de:75:9c:b3:
         75:17:2c:5d:b0:93:3b:f1:a0:69:ae:0d:82:38:03:e7:88:ef:
         77:4a:1e:e9:64:81:5a:cd:0e:c3:77:e3:43:47:0f:80:94:fa:
         bb:61:7c:e3:db:73:b9:f8:2f:66:8a:89:83:88:8a:12:31:df:
         99:8a:a7:04:1e:a4:c3:94:1f:a7:a7:a3:70:3f:2c:7b:e2:5d:
         4e:3b:82:d7:bb:a0:3a:dd:de:21:0e:0d:e3:0f:64:61:2d:55:
         92:4f:e6:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMZBYIP7YajZVC0uQYvssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMGVkMmI3NTAyNjQ0ZGQwMzZlMjM5MmZiMDMzMmNmYjE0
ZGI4ZDIwHhcNMjUwNjA3MDcwMTE0WhcNMjUwNjA4MDcwMTE0WjAzMTEwLwYDVQQD
EygwZDA1MDIzNzAyYjQwMTA5Nzc3ZjgwZGQ2MTZjNTkxMGViZDI5NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlwqfwqg7fYuUzSwAcidcMXVW24+
8RUR6KVexXSK5sTPH8iautKKJiGblLgwZJNcE7t7QnCmZXC32A1pIasEcAcoWx/h
j2FtVBSKyp8780pMiw7ERuS8ZaXu79QFqWeB+nPtIZ64m1q7z2Ul/uSeE33yloCX
YMCKusvCDBKDIZ3s9QdsxgPIpQVxjtSFl67VaU6H49WIn/OkAWbrwn6YaNc+lAil
Cw8bbeAQvd9cON9cHp2o7SxE+RuEUOZYOIEhfVGk+xlI1diTGnngpamaNBXHtk+l
OEcN1UPnqB/QOEf3bb1tI6QrgTQiYL3HS6XQcbzwARKg1sjBOUfy8v0R+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0FAjcCtAEJd3+A3WFsWRDr0pSPMB8GA1UdIwQY
MBaAFMAO0rdQJkTdA24jkvsDMs+xTbjSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0E3U3QxQW1STjBEYmlPUy13TXl6N0ZOdU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8wMGI4NGItYjVkMS00YzFkLThlNzAt
MDllOGZhZmFmMGNjLzEvd0E3U3QxQW1STjBEYmlPUy13TXl6N0ZOdU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8wMGI4NGItYjVkMS00YzFkLThlNzAtMDllOGZhZmFmMGNj
LzEvd0E3U3QxQW1STjBEYmlPUy13TXl6N0ZOdU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWECB/Gu8
luNTzy56TUHkq6L0PIaZBRq5d+XPaMS6uUACJzcMjz/E9YBw3fFCy7CB1SmXnW7G
jbHrXnbXncxhn9TXPoQIIUONEwIwj2I9xxSZQ+PtoKGwk0oY5Vl2G0V+dl1mPehp
k42KNkJxaF2BqUOwLD4jazuOWAO6uZN/xg7y7DQY8fvfzbPuISBW8U0x9PkP2tFz
yY5V8S2pehzedZyzdRcsXbCTO/Ggaa4NgjgD54jvd0oe6WSBWs0Ow3fjQ0cPgJT6
u2F849tzufgvZoqJg4iKEjHfmYqnBB6kw5Qfp6ejcD8se+JdTjuC17ugOt3eIQ4N
4w9kYS1Vkk/mGA==
-----END CERTIFICATE-----