Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
File:                     Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json)
Hash identifier:          spkDjBAmgYafnwiAWjZy7IabmzkKYxA5iFld1dK1pWE=
Subject key identifier:   4D:FF:01:42:B1:A2:46:1B:C8:63:7F:3B:DE:A3:AA:E2:5F:F9:BF:3A
Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91
Certificate issuer:       /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
Certificate serial:       01974C699A157DFF31D6D3F4A5809954665B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 22:01:18 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:18 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:18 +0000
Files and hashes:         1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: mL3kc1crgSIwqhDlKS8/1p4I//bcv8sVthLWXAY7pz4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:9a:15:7d:ff:31:d6:d3:f4:a5:80:99:54:66:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
        Validity
            Not Before: Jun  7 22:01:18 2025 GMT
            Not After : Jun  8 22:01:18 2025 GMT
        Subject: CN=4dff0142b1a2461bc8637f3bdea3aae25ff9bf3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d0:93:63:21:8e:87:36:00:56:19:5a:42:57:
                    97:36:8f:72:bd:c5:8d:51:13:9e:a9:ad:19:77:11:
                    30:fe:2c:88:fa:76:01:18:55:51:be:07:a5:04:f5:
                    38:b7:9c:3f:f4:ce:5f:e4:92:58:0a:55:d7:34:3e:
                    36:67:26:21:4c:16:26:c8:12:82:ad:16:17:83:18:
                    1f:3e:44:95:f2:8b:87:0c:10:1b:1c:a6:2c:5e:1b:
                    35:1f:cb:2f:10:43:39:64:da:8d:90:d9:d4:5b:bc:
                    fd:e9:2e:b2:bf:83:40:39:ac:14:96:d4:ae:7a:a7:
                    09:1c:86:2d:e6:97:72:ed:4f:02:6d:20:cc:5a:ab:
                    43:0a:fe:6b:ed:03:9a:de:0d:97:81:3c:f5:8a:a0:
                    2c:68:07:3d:50:7e:df:d5:4f:d1:71:30:df:a4:88:
                    12:5d:6f:63:35:47:6e:7b:58:a2:92:c3:cb:af:ce:
                    ad:0b:1e:f8:9b:1b:0e:d7:eb:e5:92:10:55:29:7a:
                    51:2b:6a:c8:6f:0e:d1:2e:5a:39:12:3e:36:24:7c:
                    48:64:e9:f6:6b:76:a6:a8:57:2b:07:29:51:c8:92:
                    b2:21:6c:39:b1:47:d2:0c:3d:90:a3:ff:72:97:32:
                    0e:8c:bc:3b:a8:41:da:2e:2d:e2:f7:f0:48:47:0c:
                    90:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:FF:01:42:B1:A2:46:1B:C8:63:7F:3B:DE:A3:AA:E2:5F:F9:BF:3A
            X509v3 Authority Key Identifier:
                keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:41:fe:96:d4:40:6a:58:80:84:2c:fd:fe:14:c3:f0:a0:d2:
         53:d9:0d:5c:38:a8:0f:9f:af:66:13:4c:24:7c:40:a8:86:94:
         de:2c:eb:21:6a:a5:8d:36:4c:23:38:b1:f0:97:b0:9f:1d:78:
         27:68:42:ba:96:b1:b9:08:d3:8c:24:57:58:fd:47:41:f0:ff:
         4c:2f:bd:e9:f5:fd:b9:62:10:2a:c0:8e:34:ef:49:01:ca:0b:
         04:12:80:44:ca:e3:d6:7f:69:aa:8c:8c:a6:2e:af:f7:c6:a6:
         c5:9e:34:87:8e:ea:91:52:ae:74:82:c0:df:55:2b:0d:d2:79:
         fd:65:62:d3:81:26:e7:13:57:a9:32:58:28:aa:8d:78:6c:94:
         82:b3:d0:58:02:10:1f:e8:0b:d4:90:b8:ea:96:13:af:bb:9c:
         f1:52:5e:01:6d:38:6e:82:63:50:c9:7d:6e:0a:76:80:d8:07:
         9e:25:44:ef:d9:ef:f0:a4:0d:e7:a8:b2:5d:f6:ef:5f:36:82:
         6b:f3:a3:9c:c6:1a:13:f8:59:4b:44:42:6b:24:9f:e2:18:95:
         08:d8:b3:d6:10:1f:80:a7:4a:f8:b3:4a:7c:98:2b:52:38:7b:
         4b:40:7d:e1:51:9f:a5:ac:c0:9b:a3:78:c2:4b:13:23:d8:f1:
         70:f1:c7:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaZoVff8x1tP0pYCZVGZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5
OWM0OTEwHhcNMjUwNjA3MjIwMTE4WhcNMjUwNjA4MjIwMTE4WjAzMTEwLwYDVQQD
Eyg0ZGZmMDE0MmIxYTI0NjFiYzg2MzdmM2JkZWEzYWFlMjVmZjliZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9CTYyGOhzYAVhlaQleXNo9yvcWN
UROeqa0ZdxEw/iyI+nYBGFVRvgelBPU4t5w/9M5f5JJYClXXND42ZyYhTBYmyBKC
rRYXgxgfPkSV8ouHDBAbHKYsXhs1H8svEEM5ZNqNkNnUW7z96S6yv4NAOawUltSu
eqcJHIYt5pdy7U8CbSDMWqtDCv5r7QOa3g2XgTz1iqAsaAc9UH7f1U/RcTDfpIgS
XW9jNUdue1iiksPLr86tCx74mxsO1+vlkhBVKXpRK2rIbw7RLlo5Ej42JHxIZOn2
a3amqFcrBylRyJKyIWw5sUfSDD2Qo/9ylzIOjLw7qEHaLi3i9/BIRwyQkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3/AUKxokYbyGN/O96jquJf+b86MB8GA1UdIwQY
MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt
ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1
LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX0H+ltRA
aliAhCz9/hTD8KDSU9kNXDioD5+vZhNMJHxAqIaU3izrIWqljTZMIzix8Jewnx14
J2hCupaxuQjTjCRXWP1HQfD/TC+96fX9uWIQKsCONO9JAcoLBBKARMrj1n9pqoyM
pi6v98amxZ40h47qkVKudILA31UrDdJ5/WVi04Em5xNXqTJYKKqNeGyUgrPQWAIQ
H+gL1JC46pYTr7uc8VJeAW04boJjUMl9bgp2gNgHniVE79nv8KQN56iyXfbvXzaC
a/OjnMYaE/hZS0RCaySf4hiVCNiz1hAfgKdK+LNKfJgrUjh7S0B94VGfpazAm6N4
wksTI9jxcPHHCw==
-----END CERTIFICATE-----