Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File:                     Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier:          y1n8lpecZRWzZLQnfoxXUxPxTeiSyNFqJW5dASTlBS8=
Subject key identifier:   85:5D:01:F3:9C:3A:F0:E9:EB:9C:30:49:D7:52:8B:81:32:2F:84:0C
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer:       /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial:       01974F332BA4B5D856259439B648A0CCE805
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number:          157D
Signing time:             Sun 08 Jun 2025 11:00:42 +0000
Manifest this update:     Sun 08 Jun 2025 11:00:42 +0000
Manifest next update:     Mon 09 Jun 2025 11:00:42 +0000
Files and hashes:         1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: yuVyK0hQWwmE216vanX0m1V54q4MlOj7g7kvw9kc33M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 11:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:33:2b:a4:b5:d8:56:25:94:39:b6:48:a0:cc:e8:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
        Validity
            Not Before: Jun  8 11:00:42 2025 GMT
            Not After : Jun  9 11:00:42 2025 GMT
        Subject: CN=855d01f39c3af0e9eb9c3049d7528b81322f840c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:36:8a:33:51:bb:1d:38:ca:ff:55:d7:28:4f:
                    3f:6e:1e:cd:0d:8d:a3:9e:27:46:95:5a:e4:c9:80:
                    a0:26:01:ac:25:2f:52:25:7e:49:2c:74:2b:29:52:
                    30:fe:8a:37:9a:4e:c5:7c:51:de:83:ec:23:1b:97:
                    2b:af:6c:f3:82:19:f3:27:c1:40:3f:57:13:a3:e4:
                    59:64:ae:32:bd:b9:c0:b3:70:8c:91:c6:76:9a:48:
                    a4:16:3f:2c:fa:4e:d2:69:b3:c9:04:7f:65:d4:34:
                    e9:f1:08:0d:ca:c4:b3:0b:22:db:0c:75:d2:1c:93:
                    0d:c4:73:6c:65:b0:21:4b:51:7d:fc:dd:6a:60:e7:
                    7e:bd:a7:52:0b:da:c1:3d:6d:5c:80:2d:b0:29:12:
                    58:09:3a:ff:82:82:cf:f7:63:be:af:9c:fb:ff:1f:
                    a1:30:86:b3:5f:fd:4b:32:cd:72:1d:85:0a:f4:e7:
                    67:0e:84:f3:63:41:33:75:78:ac:4c:3b:0b:34:02:
                    a5:2c:2d:a6:97:a0:56:d0:f3:3d:7a:08:4c:b5:ee:
                    d8:26:3b:54:4c:81:ee:bb:05:65:73:ce:a3:1a:00:
                    a5:c8:13:50:f8:23:e0:e7:db:9c:48:16:0e:7d:83:
                    ee:6c:28:89:43:2b:17:da:a7:e1:68:07:8b:f5:0a:
                    76:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:5D:01:F3:9C:3A:F0:E9:EB:9C:30:49:D7:52:8B:81:32:2F:84:0C
            X509v3 Authority Key Identifier:
                keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:7c:d4:44:66:eb:fc:02:8a:20:0b:8d:8f:e2:05:42:74:c8:
         23:38:c4:20:f8:23:82:bf:bc:39:9e:47:51:e4:7e:24:0a:3e:
         c2:7c:ac:91:9a:73:1b:c8:ed:df:b8:8f:fa:fd:6a:42:20:63:
         1b:81:96:e0:90:ef:5c:95:d2:e1:11:a3:ef:46:41:f0:6e:69:
         6f:3a:3c:c6:4f:38:c9:37:d7:01:4a:17:71:b0:cf:f4:0c:03:
         61:20:c8:75:d1:a0:a2:85:0c:69:e6:91:7f:0f:03:c4:08:15:
         99:7a:f9:ab:a9:03:f8:03:1d:85:20:34:53:0f:72:43:d7:b1:
         ee:53:1b:24:51:6a:fa:0c:6b:4e:06:66:7f:be:ca:8c:86:d7:
         22:aa:24:53:1e:9d:74:85:07:72:35:3e:56:d2:5b:7b:ef:f4:
         15:d3:3d:4a:17:f3:37:08:7b:d0:9c:89:df:0c:51:c6:fe:93:
         f4:e7:1c:51:2d:5d:9d:c4:1c:36:6f:40:c4:43:b1:35:82:04:
         ee:db:39:72:bc:82:d7:e6:e0:bf:0f:50:46:2a:c9:2d:e7:93:
         28:6e:6c:93:2e:2e:9c:6b:51:9e:9f:58:1f:7a:d5:42:86:e9:
         3e:6e:77:ab:41:3a:53:5b:40:28:7a:64:89:40:ea:52:bd:79:
         c9:72:67:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdPMyuktdhWJZQ5tkigzOgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjUwNjA4MTEwMDQyWhcNMjUwNjA5MTEwMDQyWjAzMTEwLwYDVQQD
Eyg4NTVkMDFmMzljM2FmMGU5ZWI5YzMwNDlkNzUyOGI4MTMyMmY4NDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDaKM1G7HTjK/1XXKE8/bh7NDY2j
nidGlVrkyYCgJgGsJS9SJX5JLHQrKVIw/oo3mk7FfFHeg+wjG5crr2zzghnzJ8FA
P1cTo+RZZK4yvbnAs3CMkcZ2mkikFj8s+k7SabPJBH9l1DTp8QgNysSzCyLbDHXS
HJMNxHNsZbAhS1F9/N1qYOd+vadSC9rBPW1cgC2wKRJYCTr/goLP92O+r5z7/x+h
MIazX/1LMs1yHYUK9OdnDoTzY0EzdXisTDsLNAKlLC2ml6BW0PM9eghMte7YJjtU
TIHuuwVlc86jGgClyBNQ+CPg59ucSBYOfYPubCiJQysX2qfhaAeL9Qp26QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVdAfOcOvDp65wwSddSi4EyL4QMMB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP3zURGbr
/AKKIAuNj+IFQnTIIzjEIPgjgr+8OZ5HUeR+JAo+wnyskZpzG8jt37iP+v1qQiBj
G4GW4JDvXJXS4RGj70ZB8G5pbzo8xk84yTfXAUoXcbDP9AwDYSDIddGgooUMaeaR
fw8DxAgVmXr5q6kD+AMdhSA0Uw9yQ9ex7lMbJFFq+gxrTgZmf77KjIbXIqokUx6d
dIUHcjU+VtJbe+/0FdM9ShfzNwh70JyJ3wxRxv6T9OccUS1dncQcNm9AxEOxNYIE
7ts5cryC1+bgvw9QRirJLeeTKG5sky4unGtRnp9YH3rVQobpPm53q0E6U1tAKHpk
iUDqUr15yXJnIQ==
-----END CERTIFICATE-----