Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft
File:                     4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft (raw, json)
Hash identifier:          +qI+qAy69qHcLiQK7YLILlzM5undsXSUCBQsFXrwB+I=
Subject key identifier:   D4:9A:37:7C:A6:C2:F9:C5:24:B1:15:5A:30:BA:E1:AC:26:F0:6A:A1
Authority key identifier: E2:AE:E5:A5:92:B3:A7:EC:73:B5:49:44:24:99:6F:7E:BE:C6:8F:BC
Certificate issuer:       /CN=e2aee5a592b3a7ec73b5494424996f7ebec68fbc
Certificate serial:       01975422FA3A30A506953A525BD60F833893
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4q7lpZKzp-xztUlEJJlvfr7Gj7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft
Manifest number:          157F
Signing time:             Mon 09 Jun 2025 10:01:07 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:07 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:07 +0000
Files and hashes:         1: 4q7lpZKzp-xztUlEJJlvfr7Gj7w.crl (hash: grKUkxklSB7AoARl/BGEzBQuOlZndjiurrsrgPP2YC0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4q7lpZKzp-xztUlEJJlvfr7Gj7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 10:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:fa:3a:30:a5:06:95:3a:52:5b:d6:0f:83:38:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2aee5a592b3a7ec73b5494424996f7ebec68fbc
        Validity
            Not Before: Jun  9 10:01:07 2025 GMT
            Not After : Jun 10 10:01:07 2025 GMT
        Subject: CN=d49a377ca6c2f9c524b1155a30bae1ac26f06aa1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:28:80:d0:fc:93:9e:ec:72:57:ac:92:49:16:
                    40:45:25:60:ac:c2:58:be:5a:7b:1f:20:c6:24:ec:
                    15:2e:2a:5b:5b:93:5c:1f:4d:ec:0b:95:3f:a9:38:
                    30:07:b6:63:3d:19:ba:49:f2:9a:12:76:b7:6c:7e:
                    b0:00:95:90:64:ff:dd:a5:cd:46:30:28:26:25:ed:
                    1e:d9:4d:be:0f:4f:e2:eb:7a:fd:41:b8:84:75:85:
                    17:f5:dd:2d:a0:3a:c0:92:d4:f2:38:3b:bd:03:24:
                    c8:86:29:99:43:29:0b:9d:e3:0d:11:ff:25:4a:66:
                    a5:61:b3:12:59:f0:29:84:1d:b2:8e:3b:91:44:a9:
                    75:0c:9d:12:97:87:ec:8e:c0:b0:98:cb:74:c3:da:
                    64:e3:0a:87:e4:af:40:53:00:d9:ad:d4:c4:9d:4e:
                    8e:63:41:ea:af:ef:c8:16:87:97:af:fe:de:5e:6e:
                    f1:16:3b:69:7d:ad:a1:fe:ec:e7:08:43:49:96:41:
                    d5:ee:98:8c:bc:9d:d0:3b:ec:85:91:58:62:18:9f:
                    e0:78:1a:12:0f:60:2e:e5:ce:71:94:cc:8d:d8:b4:
                    26:c0:05:9c:76:c8:8f:b5:d3:cf:04:35:c4:5a:ba:
                    d9:a2:4f:3d:b5:64:be:e4:07:80:d6:65:69:c7:08:
                    a2:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:9A:37:7C:A6:C2:F9:C5:24:B1:15:5A:30:BA:E1:AC:26:F0:6A:A1
            X509v3 Authority Key Identifier:
                keyid:E2:AE:E5:A5:92:B3:A7:EC:73:B5:49:44:24:99:6F:7E:BE:C6:8F:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4q7lpZKzp-xztUlEJJlvfr7Gj7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:00:4d:98:22:67:8f:3a:d2:09:8e:59:ff:b2:4c:f2:31:de:
         68:29:b6:c2:39:3f:4c:af:e8:a6:a3:79:c3:be:85:6c:1e:ac:
         60:7d:12:53:ac:63:35:58:b6:d4:13:f3:55:d2:ad:8c:36:bd:
         06:69:81:37:e7:16:3c:43:d3:4c:97:9e:7e:13:c4:89:22:96:
         33:40:ec:c5:1e:4a:01:37:f3:8f:74:c2:6d:4e:3e:9f:94:22:
         80:bf:24:9c:1b:56:40:6b:48:73:e8:d9:d6:79:fd:2f:0f:c3:
         02:c4:e7:49:2d:69:13:db:6d:cd:42:cd:22:21:03:88:36:21:
         e8:fd:2a:bf:02:c6:a1:24:a4:a9:06:78:4f:9e:fb:18:25:55:
         ab:98:2a:fd:11:93:c7:92:27:df:0a:05:93:b6:f0:74:00:9f:
         5d:7a:75:6a:18:a1:b1:fc:e7:7b:d4:10:8a:a3:45:b5:a5:47:
         b5:70:87:1c:5b:df:21:7b:04:15:5f:aa:7c:4c:36:cd:77:85:
         33:54:3a:7a:26:10:bc:7b:7e:0a:cb:6a:52:a0:21:8c:e8:52:
         6a:e2:4f:38:2e:b6:87:cd:28:ff:56:b6:9c:f6:d1:12:7b:dd:
         ad:88:1e:0b:e9:bc:2a:71:c8:8a:e8:a4:ee:51:71:36:27:18:
         30:11:b5:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIvo6MKUGlTpSW9YPgziTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYWVlNWE1OTJiM2E3ZWM3M2I1NDk0NDI0OTk2ZjdlYmVj
NjhmYmMwHhcNMjUwNjA5MTAwMTA3WhcNMjUwNjEwMTAwMTA3WjAzMTEwLwYDVQQD
EyhkNDlhMzc3Y2E2YzJmOWM1MjRiMTE1NWEzMGJhZTFhYzI2ZjA2YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCiA0PyTnuxyV6ySSRZARSVgrMJY
vlp7HyDGJOwVLipbW5NcH03sC5U/qTgwB7ZjPRm6SfKaEna3bH6wAJWQZP/dpc1G
MCgmJe0e2U2+D0/i63r9QbiEdYUX9d0toDrAktTyODu9AyTIhimZQykLneMNEf8l
SmalYbMSWfAphB2yjjuRRKl1DJ0Sl4fsjsCwmMt0w9pk4wqH5K9AUwDZrdTEnU6O
Y0Hqr+/IFoeXr/7eXm7xFjtpfa2h/uznCENJlkHV7piMvJ3QO+yFkVhiGJ/geBoS
D2Au5c5xlMyN2LQmwAWcdsiPtdPPBDXEWrrZok89tWS+5AeA1mVpxwiiHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSaN3ymwvnFJLEVWjC64awm8GqhMB8GA1UdIwQY
MBaAFOKu5aWSs6fsc7VJRCSZb36+xo+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHE3bHBaS3pwLXh6dFVsRUpKbHZmcjdHajd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xN2U5MzYtMTYzMC00YTg1LWE5M2It
Mzk1NWUwNzg2MDkyLzEvNHE3bHBaS3pwLXh6dFVsRUpKbHZmcjdHajd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xN2U5MzYtMTYzMC00YTg1LWE5M2ItMzk1NWUwNzg2MDky
LzEvNHE3bHBaS3pwLXh6dFVsRUpKbHZmcjdHajd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkQBNmCJn
jzrSCY5Z/7JM8jHeaCm2wjk/TK/opqN5w76FbB6sYH0SU6xjNVi21BPzVdKtjDa9
BmmBN+cWPEPTTJeefhPEiSKWM0DsxR5KATfzj3TCbU4+n5QigL8knBtWQGtIc+jZ
1nn9Lw/DAsTnSS1pE9ttzULNIiEDiDYh6P0qvwLGoSSkqQZ4T577GCVVq5gq/RGT
x5In3woFk7bwdACfXXp1ahihsfzne9QQiqNFtaVHtXCHHFvfIXsEFV+qfEw2zXeF
M1Q6eiYQvHt+CstqUqAhjOhSauJPOC62h80o/1a2nPbREnvdrYgeC+m8KnHIiuik
7lFxNicYMBG1Gg==
-----END CERTIFICATE-----