Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          QcrrD6iNGkZoXOWylXTQdQAZD9aJsJruCahny+9I/xU=
Subject key identifier:   CD:29:55:29:02:7A:9A:FA:9F:47:F3:E8:55:6B:0D:98:5F:A3:AD:E2
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       01975233F35D6AD00820F8C24BE1E9C258D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          157C
Signing time:             Mon 09 Jun 2025 01:00:25 +0000
Manifest this update:     Mon 09 Jun 2025 01:00:25 +0000
Manifest next update:     Tue 10 Jun 2025 01:00:25 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: ufCvFBhcFxDaq7Vlo9yepy79HRt1u0m7HcC1hoY9ROE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 01:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:33:f3:5d:6a:d0:08:20:f8:c2:4b:e1:e9:c2:58:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: Jun  9 01:00:25 2025 GMT
            Not After : Jun 10 01:00:25 2025 GMT
        Subject: CN=cd295529027a9afa9f47f3e8556b0d985fa3ade2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:d5:18:7f:fb:71:93:e5:08:8d:f0:49:23:b0:
                    10:33:35:46:67:fa:71:96:0e:f4:2e:c0:88:26:24:
                    ee:29:3d:f8:e2:8a:5f:14:1c:21:6c:3f:41:d0:b9:
                    22:06:e5:8e:bc:dc:bd:c6:98:9f:2b:03:a7:6b:92:
                    b3:aa:de:4d:0a:3e:1d:8d:19:57:fa:39:73:cb:98:
                    0e:cc:44:d8:c7:d9:01:d0:cd:f0:eb:84:3d:e8:87:
                    6e:66:eb:a4:8c:3b:8f:5e:4d:b2:a7:34:93:3b:46:
                    91:e9:01:58:4f:76:39:43:75:d9:e3:77:cc:37:b2:
                    fb:80:a0:ce:39:7c:0d:af:f7:cf:cf:45:9e:31:83:
                    b8:f3:da:4b:55:56:68:40:29:2a:d3:87:bd:5f:94:
                    a8:fd:ab:b2:30:64:ed:fd:2d:02:41:73:e4:fa:42:
                    8a:02:05:ce:9a:79:7b:f1:e3:d3:d1:9a:30:0c:ab:
                    41:c0:3a:cd:da:d5:ad:4b:80:68:0b:c4:8e:80:ac:
                    ac:69:eb:75:8d:e7:6f:ad:4f:ae:06:6c:6d:45:3f:
                    69:f8:e6:76:24:fc:72:1c:6a:f9:39:3e:92:9f:98:
                    d7:6c:75:b4:09:e9:a4:b5:cb:bd:a3:83:e6:b3:15:
                    2d:26:00:d7:21:90:46:e8:48:e7:56:d7:76:46:7f:
                    e1:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:29:55:29:02:7A:9A:FA:9F:47:F3:E8:55:6B:0D:98:5F:A3:AD:E2
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:d3:3b:70:05:57:50:09:00:d0:1d:6b:b3:e9:8b:98:b1:61:
         08:49:ab:f8:e2:ea:6f:e9:b7:22:48:c6:d1:e3:0d:14:0c:d2:
         f3:48:89:66:f5:5a:8b:10:a5:4f:50:0d:89:8b:2b:f3:12:cf:
         ce:10:57:47:40:92:87:c2:db:27:ac:6e:25:77:d7:63:9f:29:
         66:2c:82:b7:b1:a8:90:4d:0f:05:38:a3:dd:7b:fa:5d:1b:46:
         f9:7c:87:ef:9b:d9:67:77:e5:d9:a3:9a:b2:9a:44:92:f3:e9:
         b7:19:4d:97:26:c9:ac:b3:27:49:cd:78:ce:3e:53:c5:8f:62:
         97:54:cb:92:d8:3d:24:77:41:80:c4:3c:cd:16:96:44:22:79:
         2b:fc:24:27:3f:bf:63:e2:2f:3c:fd:5f:06:5f:9e:56:ea:4a:
         11:74:3c:2d:90:46:c1:5c:5d:81:02:8e:7a:90:53:2b:bb:e5:
         a8:f1:36:05:18:8a:41:f9:90:be:11:92:72:b5:4d:ab:67:c4:
         a5:9d:9d:47:39:4e:be:67:0e:be:ca:c4:3c:62:9c:7c:c2:e5:
         70:b8:b4:15:a1:a7:67:81:b4:58:08:83:2c:29:17:96:77:09:
         eb:df:cd:41:58:44:60:9a:a2:9e:51:26:b6:58:ec:c9:7d:2b:
         9e:a6:d0:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSM/NdatAIIPjCS+HpwljWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjUwNjA5MDEwMDI1WhcNMjUwNjEwMDEwMDI1WjAzMTEwLwYDVQQD
EyhjZDI5NTUyOTAyN2E5YWZhOWY0N2YzZTg1NTZiMGQ5ODVmYTNhZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNUYf/txk+UIjfBJI7AQMzVGZ/px
lg70LsCIJiTuKT344opfFBwhbD9B0LkiBuWOvNy9xpifKwOna5Kzqt5NCj4djRlX
+jlzy5gOzETYx9kB0M3w64Q96IduZuukjDuPXk2ypzSTO0aR6QFYT3Y5Q3XZ43fM
N7L7gKDOOXwNr/fPz0WeMYO489pLVVZoQCkq04e9X5So/auyMGTt/S0CQXPk+kKK
AgXOmnl78ePT0ZowDKtBwDrN2tWtS4BoC8SOgKysaet1jedvrU+uBmxtRT9p+OZ2
JPxyHGr5OT6Sn5jXbHW0Cemktcu9o4PmsxUtJgDXIZBG6EjnVtd2Rn/hVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0pVSkCepr6n0fz6FVrDZhfo63iMB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAStM7cAVX
UAkA0B1rs+mLmLFhCEmr+OLqb+m3IkjG0eMNFAzS80iJZvVaixClT1ANiYsr8xLP
zhBXR0CSh8LbJ6xuJXfXY58pZiyCt7GokE0PBTij3Xv6XRtG+XyH75vZZ3fl2aOa
sppEkvPptxlNlybJrLMnSc14zj5TxY9il1TLktg9JHdBgMQ8zRaWRCJ5K/wkJz+/
Y+IvPP1fBl+eVupKEXQ8LZBGwVxdgQKOepBTK7vlqPE2BRiKQfmQvhGScrVNq2fE
pZ2dRzlOvmcOvsrEPGKcfMLlcLi0FaGnZ4G0WAiDLCkXlncJ69/NQVhEYJqinlEm
tljsyX0rnqbQ1w==
-----END CERTIFICATE-----