Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
File:                     YcGgEMsk-ZbneJixJHJbVbY0OOA.mft (raw, json)
Hash identifier:          MlSiONlEXLt3b+MsjfHH9yRy360IMJnf8LTAbS3Dwrk=
Subject key identifier:   90:0C:F0:A3:3B:7D:38:38:AF:12:38:51:4F:AD:F9:7B:B7:94:61:10
Authority key identifier: 61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0
Certificate issuer:       /CN=61c1a010cb24f996e77898b124725b55b63438e0
Certificate serial:       01974C69727F2165A7957F284E1D87A8F2A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 22:01:08 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:08 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:08 +0000
Files and hashes:         1: YcGgEMsk-ZbneJixJHJbVbY0OOA.crl (hash: 7OgHAAaHdLl6fEWX+u6Cu98uai7CKDajDRGRBULFD+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:72:7f:21:65:a7:95:7f:28:4e:1d:87:a8:f2:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c1a010cb24f996e77898b124725b55b63438e0
        Validity
            Not Before: Jun  7 22:01:08 2025 GMT
            Not After : Jun  8 22:01:08 2025 GMT
        Subject: CN=900cf0a33b7d3838af1238514fadf97bb7946110
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:99:62:73:0a:48:e7:da:b5:94:f2:3f:27:9a:
                    42:5f:be:e7:35:84:1d:25:1e:63:f4:cd:e9:c9:ca:
                    0c:d8:78:67:8c:bd:91:66:c3:d5:6a:d4:59:d7:dc:
                    61:77:b2:55:05:96:02:17:7a:b7:b8:34:67:a8:d2:
                    b5:be:4c:33:9d:b5:2c:a2:8a:b7:00:9e:0e:90:4f:
                    32:34:94:0a:d5:4d:00:2a:f1:b1:88:0b:64:82:a1:
                    3c:30:94:e1:6d:3b:c2:46:c9:ad:34:67:54:2b:31:
                    9f:f6:fa:d8:58:67:41:b1:3a:69:c3:7a:ab:0f:eb:
                    dd:05:9f:82:d2:58:57:3b:bb:ef:42:58:ce:2e:74:
                    b0:e8:8b:c2:9d:88:aa:f5:b6:83:40:ff:1c:14:cf:
                    f4:f8:4e:16:2c:fb:fe:e2:48:7e:99:f0:fc:bb:44:
                    39:e8:25:a2:ea:fe:aa:e8:21:c9:cb:7a:f1:27:1a:
                    fd:1b:dc:9b:21:5a:81:de:9e:8b:36:1a:49:cf:d6:
                    36:19:60:03:e8:dd:f3:20:a3:68:5e:80:d0:af:b8:
                    0f:f1:21:91:ab:f6:46:40:b3:ab:a1:b0:aa:42:07:
                    1a:dd:64:b1:93:ac:36:88:28:b5:a2:68:bd:f3:16:
                    86:c1:eb:a0:f7:3f:2d:37:53:69:82:87:5c:9b:fd:
                    c0:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:0C:F0:A3:3B:7D:38:38:AF:12:38:51:4F:AD:F9:7B:B7:94:61:10
            X509v3 Authority Key Identifier:
                keyid:61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:61:bb:96:7f:ad:bc:85:cd:8d:07:a0:58:75:6c:be:0e:f1:
         73:ac:c0:5d:d9:08:cd:57:8a:82:c4:39:c5:b7:6a:0c:c8:1f:
         9a:2f:c8:40:23:48:51:8f:f9:06:60:76:90:3f:92:80:cc:b5:
         fb:7b:19:35:48:15:73:7b:47:2a:10:de:c4:96:02:9b:fc:8a:
         25:ba:16:88:26:57:6b:44:a9:49:7b:f8:cf:8d:2f:de:aa:a0:
         58:aa:97:38:a8:b4:a2:62:4f:13:d0:99:e0:cd:96:df:59:e2:
         49:01:e5:91:3e:9a:68:34:44:2a:50:c5:48:d6:57:84:7a:9d:
         a9:6b:32:69:bb:aa:20:79:3c:64:eb:53:8c:8b:75:7a:58:de:
         a2:64:13:d2:8a:1e:a9:05:6f:f5:92:a3:e7:01:1b:6d:72:a6:
         08:a3:d2:51:10:c7:7c:d7:75:8a:73:cc:9e:48:5a:29:91:54:
         c3:18:94:c7:69:f3:45:e3:0e:2b:f7:f4:c8:2f:6e:0d:d0:4a:
         4f:5b:2d:f7:7f:82:97:6e:12:42:39:36:27:13:34:8a:1a:cf:
         dd:fc:e7:0e:c1:12:39:61:30:ed:88:9e:62:b4:f6:29:a4:d9:
         ac:e5:52:e8:26:a3:d0:ec:54:cf:60:56:09:b9:4e:f6:c0:14:
         a2:d4:7c:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaXJ/IWWnlX8oTh2HqPKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzFhMDEwY2IyNGY5OTZlNzc4OThiMTI0NzI1YjU1YjYz
NDM4ZTAwHhcNMjUwNjA3MjIwMTA4WhcNMjUwNjA4MjIwMTA4WjAzMTEwLwYDVQQD
Eyg5MDBjZjBhMzNiN2QzODM4YWYxMjM4NTE0ZmFkZjk3YmI3OTQ2MTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtplicwpI59q1lPI/J5pCX77nNYQd
JR5j9M3pycoM2HhnjL2RZsPVatRZ19xhd7JVBZYCF3q3uDRnqNK1vkwznbUsooq3
AJ4OkE8yNJQK1U0AKvGxiAtkgqE8MJThbTvCRsmtNGdUKzGf9vrYWGdBsTppw3qr
D+vdBZ+C0lhXO7vvQljOLnSw6IvCnYiq9baDQP8cFM/0+E4WLPv+4kh+mfD8u0Q5
6CWi6v6q6CHJy3rxJxr9G9ybIVqB3p6LNhpJz9Y2GWAD6N3zIKNoXoDQr7gP8SGR
q/ZGQLOrobCqQgca3WSxk6w2iCi1omi98xaGweug9z8tN1Npgodcm/3ATQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJAM8KM7fTg4rxI4UU+t+Xu3lGEQMB8GA1UdIwQY
MBaAFGHBoBDLJPmW53iYsSRyW1W2NDjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTkt
ZTllOTkzN2I4ZGNlLzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTktZTllOTkzN2I4ZGNl
LzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATmG7ln+t
vIXNjQegWHVsvg7xc6zAXdkIzVeKgsQ5xbdqDMgfmi/IQCNIUY/5BmB2kD+SgMy1
+3sZNUgVc3tHKhDexJYCm/yKJboWiCZXa0SpSXv4z40v3qqgWKqXOKi0omJPE9CZ
4M2W31niSQHlkT6aaDREKlDFSNZXhHqdqWsyabuqIHk8ZOtTjIt1eljeomQT0ooe
qQVv9ZKj5wEbbXKmCKPSURDHfNd1inPMnkhaKZFUwxiUx2nzReMOK/f0yC9uDdBK
T1st93+Cl24SQjk2JxM0ihrP3fznDsESOWEw7YieYrT2KaTZrOVS6Caj0OxUz2BW
CblO9sAUotR8PQ==
-----END CERTIFICATE-----