Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
File:                     Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json)
Hash identifier:          7mbParq0Dg2EbaAOTUb0OeL+BMyJsVHysloZtSByXl0=
Subject key identifier:   48:ED:CD:8E:0B:4E:9C:FD:28:2C:2D:21:0B:4B:71:96:54:43:58:70
Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF
Certificate issuer:       /CN=63ef6bdbc42ad06defdad72679414346d8d048df
Certificate serial:       019753EB6ED9EBB9A34BC46B5D63B128D03D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
Manifest number:          157D
Signing time:             Mon 09 Jun 2025 09:00:27 +0000
Manifest this update:     Mon 09 Jun 2025 09:00:27 +0000
Manifest next update:     Tue 10 Jun 2025 09:00:27 +0000
Files and hashes:         1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: qPwAaAGeyhDchdPTlfmwKnCYuGAY2bkEZyDUJW+2QNY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:eb:6e:d9:eb:b9:a3:4b:c4:6b:5d:63:b1:28:d0:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df
        Validity
            Not Before: Jun  9 09:00:27 2025 GMT
            Not After : Jun 10 09:00:27 2025 GMT
        Subject: CN=48edcd8e0b4e9cfd282c2d210b4b719654435870
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:af:66:3c:c3:8f:6c:86:9b:c9:a6:61:05:bf:
                    c4:4d:ea:e0:f7:6d:e6:f9:b6:98:66:a3:08:98:56:
                    de:a8:99:d1:56:85:17:5c:08:57:17:08:0c:8c:d7:
                    20:ac:be:ea:c1:88:d7:66:62:67:b7:13:c8:c6:62:
                    7d:26:36:bb:68:7b:e9:0d:84:88:2c:ca:4f:47:30:
                    54:ea:6e:56:ce:28:09:eb:23:2c:36:dc:5e:47:0c:
                    df:84:e8:9e:3f:91:a0:f6:aa:73:58:d1:cb:38:70:
                    7e:be:94:80:86:1d:e4:84:03:ac:60:23:f0:0a:fd:
                    63:eb:80:96:1d:8d:9f:c8:56:7f:c3:9e:a8:29:a4:
                    1f:18:f5:4c:78:30:db:de:c5:d5:ef:d5:ae:14:67:
                    10:32:0a:b8:0c:c5:93:d0:64:95:58:2e:be:d8:28:
                    a8:09:c9:68:59:f6:54:45:a2:90:80:a5:95:ea:2c:
                    58:c4:ec:dd:de:8a:b1:cc:87:28:a7:d8:ad:db:ba:
                    d8:12:11:e7:8e:2d:57:a4:0c:00:26:2c:b3:2f:ae:
                    03:fa:49:43:90:b4:f2:b1:c2:21:20:05:7a:0e:09:
                    29:23:f0:81:d2:f2:38:35:5d:6c:b4:b9:3d:50:65:
                    63:eb:40:12:ce:8b:56:2d:41:10:16:70:3f:eb:d0:
                    e7:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:ED:CD:8E:0B:4E:9C:FD:28:2C:2D:21:0B:4B:71:96:54:43:58:70
            X509v3 Authority Key Identifier:
                keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:53:b7:52:fd:ec:c6:be:6e:ab:80:d1:7b:d9:fe:3e:17:d9:
         f1:39:cd:93:7b:cb:d3:11:97:2a:94:ce:07:50:31:87:fd:53:
         b3:28:18:42:0d:23:f4:28:c4:31:14:a6:a0:76:c3:83:12:84:
         80:25:1f:a7:77:c3:55:76:30:65:cb:31:c8:9c:97:db:a0:db:
         5d:99:70:45:cf:53:c5:a1:9b:81:6d:7b:f9:bb:ba:a2:bf:90:
         75:d7:69:c3:de:78:96:28:28:86:f5:59:44:8d:21:2a:e1:7f:
         1e:58:1b:4d:c9:21:b3:41:31:65:06:75:1f:45:b8:4b:0c:a2:
         08:0b:c1:34:1d:07:0a:19:d2:1b:1a:ae:e4:d1:ba:ce:01:7a:
         ea:06:51:d2:6f:da:5e:8e:23:d2:f0:be:29:e8:f3:00:be:62:
         27:e1:ef:00:c4:fd:c5:d9:fb:1f:6e:ad:e5:41:fa:d2:63:fb:
         4f:e6:03:5e:e8:03:d4:4a:15:fe:78:80:22:79:7b:f4:8e:52:
         9b:b5:ba:e1:c8:11:46:32:49:19:eb:e1:1f:2f:3d:92:39:88:
         f0:bb:69:ba:f4:84:dd:c7:da:70:43:99:77:34:4e:92:35:90:
         b4:c0:99:78:cd:87:40:23:69:c0:01:fb:cf:ab:c1:04:06:77:
         8c:8b:cc:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdT627Z67mjS8RrXWOxKNA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk
MDQ4ZGYwHhcNMjUwNjA5MDkwMDI3WhcNMjUwNjEwMDkwMDI3WjAzMTEwLwYDVQQD
Eyg0OGVkY2Q4ZTBiNGU5Y2ZkMjgyYzJkMjEwYjRiNzE5NjU0NDM1ODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK9mPMOPbIabyaZhBb/ETerg923m
+baYZqMImFbeqJnRVoUXXAhXFwgMjNcgrL7qwYjXZmJntxPIxmJ9Jja7aHvpDYSI
LMpPRzBU6m5WzigJ6yMsNtxeRwzfhOieP5Gg9qpzWNHLOHB+vpSAhh3khAOsYCPw
Cv1j64CWHY2fyFZ/w56oKaQfGPVMeDDb3sXV79WuFGcQMgq4DMWT0GSVWC6+2Cio
CcloWfZURaKQgKWV6ixYxOzd3oqxzIcop9it27rYEhHnji1XpAwAJiyzL64D+klD
kLTyscIhIAV6DgkpI/CB0vI4NV1stLk9UGVj60ASzotWLUEQFnA/69DnTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjtzY4LTpz9KCwtIQtLcZZUQ1hwMB8GA1UdIwQY
MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt
MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz
LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOVO3Uv3s
xr5uq4DRe9n+PhfZ8TnNk3vL0xGXKpTOB1Axh/1TsygYQg0j9CjEMRSmoHbDgxKE
gCUfp3fDVXYwZcsxyJyX26DbXZlwRc9TxaGbgW17+bu6or+Qdddpw954ligohvVZ
RI0hKuF/HlgbTckhs0ExZQZ1H0W4SwyiCAvBNB0HChnSGxqu5NG6zgF66gZR0m/a
Xo4j0vC+KejzAL5iJ+HvAMT9xdn7H26t5UH60mP7T+YDXugD1EoV/niAInl79I5S
m7W64cgRRjJJGevhHy89kjmI8LtpuvSE3cfacEOZdzROkjWQtMCZeM2HQCNpwAH7
z6vBBAZ3jIvMmw==
-----END CERTIFICATE-----