Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
File:                     Ou5vE-TaDy5DIqGnWqfn189xekI.mft (raw, json)
Hash identifier:          bc+h2I0nMUL0d/X0WNtOqVtdG5IgtOI/L3OR1sFOZ1w=
Subject key identifier:   53:A9:33:34:83:D0:D1:D5:F6:89:37:E3:18:07:1B:E3:CB:1E:D2:57
Authority key identifier: 3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42
Certificate issuer:       /CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
Certificate serial:       01974E5711D3FEEC224E218726E8986D4A09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
Manifest number:          157D
Signing time:             Sun 08 Jun 2025 07:00:18 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:18 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:18 +0000
Files and hashes:         1: Ou5vE-TaDy5DIqGnWqfn189xekI.crl (hash: q6VC4vNwTPPK/m45wTK6kqf3Dor1J9smJo/41v0rxQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:11:d3:fe:ec:22:4e:21:87:26:e8:98:6d:4a:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
        Validity
            Not Before: Jun  8 07:00:18 2025 GMT
            Not After : Jun  9 07:00:18 2025 GMT
        Subject: CN=53a9333483d0d1d5f68937e318071be3cb1ed257
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:1f:b7:6f:1e:47:52:ac:fd:51:21:9e:6c:da:
                    5f:76:d3:40:25:fa:95:de:12:94:28:02:f4:fd:d2:
                    1c:17:a6:6d:21:b2:35:1d:88:7a:57:ee:02:13:f1:
                    fd:78:dc:f9:af:e4:e8:d2:e4:12:b9:3d:21:05:9a:
                    3f:9e:4f:54:04:98:c2:c2:10:e7:7d:10:79:ce:35:
                    14:ec:e3:dd:f2:82:87:25:9b:4f:6b:87:e8:b3:7c:
                    2e:97:ea:2e:9e:ae:76:8c:0d:4d:22:91:72:ab:1d:
                    9c:50:bd:c5:e3:a9:fe:f0:57:c4:f0:e1:c2:d5:ae:
                    99:60:cc:bc:06:38:96:30:e1:ba:45:79:bb:99:9d:
                    ce:f7:0b:f2:28:49:eb:c5:b9:ae:15:ae:b1:e7:94:
                    49:e1:9c:a1:46:a0:5d:fd:2f:e9:47:b5:6d:a1:4a:
                    a2:7a:60:9c:64:41:50:ea:cd:74:30:a4:fb:53:51:
                    cf:7e:9d:28:6e:78:e4:e3:39:62:74:3c:be:1f:8d:
                    26:68:3e:1f:ed:d0:7a:95:49:2e:dc:b9:07:7d:d2:
                    95:c1:75:b4:c3:6e:04:aa:17:43:d9:be:6c:63:df:
                    11:9f:5c:7e:3a:b8:78:c2:73:0e:5e:2a:5e:ed:c1:
                    34:d6:e3:a3:7b:29:ed:05:da:41:bd:5e:d9:d9:e6:
                    b4:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:A9:33:34:83:D0:D1:D5:F6:89:37:E3:18:07:1B:E3:CB:1E:D2:57
            X509v3 Authority Key Identifier:
                keyid:3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:01:55:e2:34:ba:ff:80:82:a0:af:c7:ee:0e:52:fb:2d:c0:
         94:d7:21:72:9f:07:ee:f1:5c:f7:9a:ab:d1:b0:3b:94:af:56:
         7e:19:1a:02:6a:7c:de:42:b6:8b:83:f5:d6:c2:c6:6c:8d:2e:
         27:fc:0e:e7:9e:b9:f8:5d:52:59:90:49:51:3d:e6:4f:30:4d:
         9e:43:86:9d:a2:61:08:48:f1:da:89:3f:f7:85:c4:ac:75:5a:
         f9:c0:ef:42:4a:85:13:ab:6c:06:30:db:6c:d7:69:e3:54:15:
         43:0e:42:40:f8:0f:0e:8d:67:63:99:46:b4:a9:5a:88:be:7f:
         6a:4e:58:93:e3:9a:f1:ca:68:7a:7c:a3:16:a7:42:8d:ed:65:
         80:7b:c0:85:57:ae:8b:fb:57:56:db:ad:1d:f8:70:18:bc:57:
         5b:e1:a5:28:71:9b:d7:b2:f5:2e:83:a8:7a:95:9c:c8:62:dc:
         06:2d:7c:6f:42:e7:f4:c5:92:c0:ed:d3:ce:66:69:d2:72:b1:
         e6:18:b9:a5:ef:34:2b:2e:a7:91:c1:30:d8:28:55:03:d4:11:
         9f:6f:af:b7:12:53:6b:05:40:ea:6e:5d:29:21:b1:57:3a:d5:
         ed:3c:17:46:9b:26:82:59:d8:72:a3:a2:a2:9b:3e:e6:bf:40:
         a6:b2:cc:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOVxHT/uwiTiGHJuiYbUoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWU2ZjEzZTRkYTBmMmU0MzIyYTFhNzVhYTdlN2Q3Y2Y3
MTdhNDIwHhcNMjUwNjA4MDcwMDE4WhcNMjUwNjA5MDcwMDE4WjAzMTEwLwYDVQQD
Eyg1M2E5MzMzNDgzZDBkMWQ1ZjY4OTM3ZTMxODA3MWJlM2NiMWVkMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR+3bx5HUqz9USGebNpfdtNAJfqV
3hKUKAL0/dIcF6ZtIbI1HYh6V+4CE/H9eNz5r+To0uQSuT0hBZo/nk9UBJjCwhDn
fRB5zjUU7OPd8oKHJZtPa4fos3wul+ounq52jA1NIpFyqx2cUL3F46n+8FfE8OHC
1a6ZYMy8BjiWMOG6RXm7mZ3O9wvyKEnrxbmuFa6x55RJ4ZyhRqBd/S/pR7VtoUqi
emCcZEFQ6s10MKT7U1HPfp0obnjk4zlidDy+H40maD4f7dB6lUku3LkHfdKVwXW0
w24EqhdD2b5sY98Rn1x+Orh4wnMOXipe7cE01uOjeyntBdpBvV7Z2ea02wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFOpMzSD0NHV9ok34xgHG+PLHtJXMB8GA1UdIwQY
MBaAFDrubxPk2g8uQyKhp1qn59fPcXpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQt
MGMwMjkyMTY3Zjk1LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQtMGMwMjkyMTY3Zjk1
LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlgFV4jS6
/4CCoK/H7g5S+y3AlNchcp8H7vFc95qr0bA7lK9WfhkaAmp83kK2i4P11sLGbI0u
J/wO5565+F1SWZBJUT3mTzBNnkOGnaJhCEjx2ok/94XErHVa+cDvQkqFE6tsBjDb
bNdp41QVQw5CQPgPDo1nY5lGtKlaiL5/ak5Yk+Oa8cpoenyjFqdCje1lgHvAhVeu
i/tXVtutHfhwGLxXW+GlKHGb17L1LoOoepWcyGLcBi18b0Ln9MWSwO3TzmZp0nKx
5hi5pe80Ky6nkcEw2ChVA9QRn2+vtxJTawVA6m5dKSGxVzrV7TwXRpsmglnYcqOi
ops+5r9AprLMjg==
-----END CERTIFICATE-----