Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          bTnbsspMHwbW5wSTPJO6D3hDtFlxMy3HnfOMT2nDtlE=
Subject key identifier:   E0:43:2F:5A:5C:6F:06:7E:C2:65:62:0C:45:74:B3:15:8A:3D:AC:F4
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       01974EC4FB465F359512DF321302E0EB3838
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          157B
Signing time:             Sun 08 Jun 2025 09:00:21 +0000
Manifest this update:     Sun 08 Jun 2025 09:00:21 +0000
Manifest next update:     Mon 09 Jun 2025 09:00:21 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: FyJM6pBc+BJU103O0GKug8aalrVaAQHsoCugV80c1cQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 09:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:c4:fb:46:5f:35:95:12:df:32:13:02:e0:eb:38:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: Jun  8 09:00:21 2025 GMT
            Not After : Jun  9 09:00:21 2025 GMT
        Subject: CN=e0432f5a5c6f067ec265620c4574b3158a3dacf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ab:8a:ba:d7:a2:b5:ca:1b:6d:f6:f0:24:33:
                    b1:90:7a:c5:c0:e4:ac:be:2b:c2:1c:5c:07:5a:db:
                    c3:8b:70:01:d0:2e:5a:a3:1d:52:a9:5c:4b:4b:74:
                    99:83:a8:28:cd:5c:9e:94:ed:36:1b:6b:7d:c8:9f:
                    b7:22:aa:84:ae:0d:50:84:59:a4:cf:06:47:69:a5:
                    e9:73:1c:6b:8b:9b:20:5b:80:70:f9:b9:8d:f5:88:
                    fe:d1:e8:df:62:44:2f:ad:e3:d6:fb:3d:fb:e5:af:
                    1b:6e:a3:27:3f:44:8b:c6:f3:95:69:a6:df:5f:0f:
                    f6:3d:27:f9:19:d8:b6:af:bb:68:83:b5:58:cb:6e:
                    46:6b:0b:ef:2e:e9:5b:b5:73:70:62:78:2e:15:aa:
                    c8:fe:b6:9b:54:cb:9a:a7:e4:d7:4b:b1:45:e2:6b:
                    3c:d4:09:43:fe:39:97:fe:2c:bf:15:e7:9d:3e:47:
                    5e:7b:22:3e:68:c6:49:72:c7:fb:54:e3:a7:14:45:
                    01:06:52:f2:4c:c8:fe:11:a7:be:7c:e2:b2:9e:b2:
                    74:06:3d:2f:70:f4:e6:53:82:88:ed:36:04:76:0f:
                    11:d7:78:d5:c0:16:02:95:34:d9:a3:66:0e:30:c8:
                    ab:d1:58:01:68:5d:4f:95:22:de:e3:63:29:51:76:
                    23:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:43:2F:5A:5C:6F:06:7E:C2:65:62:0C:45:74:B3:15:8A:3D:AC:F4
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:fc:cd:db:c6:11:78:29:18:07:71:b2:dd:58:d7:40:77:5f:
         ed:72:7c:aa:9c:be:2a:aa:43:08:9b:44:e2:7f:ea:05:9e:4b:
         3d:90:89:83:a8:bf:91:cd:c4:47:45:c0:1c:8b:5a:82:21:85:
         19:57:89:05:20:78:12:8c:b9:78:54:34:32:e8:84:d6:d1:8d:
         52:86:b8:97:b0:0d:a0:74:9e:06:f9:7a:3a:b5:bb:fd:40:56:
         36:89:11:68:31:5d:e3:e9:be:4f:9c:51:45:3c:62:fb:b4:3e:
         95:c1:12:b4:f4:c3:e7:0f:cb:cb:13:f7:3d:66:32:46:30:2a:
         5a:82:3e:1e:77:df:01:00:82:b5:4e:d7:1f:2e:27:d0:ef:89:
         a3:87:a2:c3:8a:e5:ef:93:d0:93:35:1d:65:49:ee:75:22:74:
         a5:bc:33:01:42:87:d7:b9:2b:c8:f6:f5:9b:2e:5e:d8:12:d4:
         fc:61:7b:12:0f:d0:db:b3:a8:bc:1c:98:6e:04:81:44:33:77:
         ce:e7:13:3b:00:f8:23:2c:cf:be:f5:11:e1:14:fb:1e:6a:b2:
         bc:ce:37:cf:21:c4:02:e3:ae:fc:e0:40:78:fa:ef:78:d9:8f:
         65:62:3a:38:08:e2:20:9a:b5:45:2b:b9:42:b2:8a:75:ba:eb:
         fa:80:5d:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxPtGXzWVEt8yEwLg6zg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjUwNjA4MDkwMDIxWhcNMjUwNjA5MDkwMDIxWjAzMTEwLwYDVQQD
EyhlMDQzMmY1YTVjNmYwNjdlYzI2NTYyMGM0NTc0YjMxNThhM2RhY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlquKuteitcobbfbwJDOxkHrFwOSs
vivCHFwHWtvDi3AB0C5aox1SqVxLS3SZg6gozVyelO02G2t9yJ+3IqqErg1QhFmk
zwZHaaXpcxxri5sgW4Bw+bmN9Yj+0ejfYkQvrePW+z375a8bbqMnP0SLxvOVaabf
Xw/2PSf5Gdi2r7tog7VYy25GawvvLulbtXNwYnguFarI/rabVMuap+TXS7FF4ms8
1AlD/jmX/iy/FeedPkdeeyI+aMZJcsf7VOOnFEUBBlLyTMj+Eae+fOKynrJ0Bj0v
cPTmU4KI7TYEdg8R13jVwBYClTTZo2YOMMir0VgBaF1PlSLe42MpUXYjgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOBDL1pcbwZ+wmViDEV0sxWKPaz0MB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAePzN28YR
eCkYB3Gy3VjXQHdf7XJ8qpy+KqpDCJtE4n/qBZ5LPZCJg6i/kc3ER0XAHItagiGF
GVeJBSB4Eoy5eFQ0MuiE1tGNUoa4l7ANoHSeBvl6OrW7/UBWNokRaDFd4+m+T5xR
RTxi+7Q+lcEStPTD5w/LyxP3PWYyRjAqWoI+HnffAQCCtU7XHy4n0O+Jo4eiw4rl
75PQkzUdZUnudSJ0pbwzAUKH17kryPb1my5e2BLU/GF7Eg/Q27OovByYbgSBRDN3
zucTOwD4IyzPvvUR4RT7HmqyvM43zyHEAuOu/OBAePrveNmPZWI6OAjiIJq1RSu5
QrKKdbrr+oBdzg==
-----END CERTIFICATE-----