Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
File:                     9kixVYLTS9UXCp3RO4EyW6uuXjo.mft (raw, json)
Hash identifier:          GxmmQQYQajyJjxKcWU74gIJx0qB/i/GGwT0CxmKM8eQ=
Subject key identifier:   EE:DC:A3:71:CF:D3:65:49:96:9F:95:61:2A:0D:14:DE:04:24:A7:84
Authority key identifier: F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A
Certificate issuer:       /CN=f648b15582d34bd5170a9dd13b81325babae5e3a
Certificate serial:       01974BC45C92F9D23F5EB9C5061AD438B689
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
Manifest number:          157E
Signing time:             Sat 07 Jun 2025 19:00:49 +0000
Manifest this update:     Sat 07 Jun 2025 19:00:49 +0000
Manifest next update:     Sun 08 Jun 2025 19:00:49 +0000
Files and hashes:         1: 9kixVYLTS9UXCp3RO4EyW6uuXjo.crl (hash: n4JfPLAc34LW92uouaDYCK6QKu2BKfDUcvRatJnLMbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c4:5c:92:f9:d2:3f:5e:b9:c5:06:1a:d4:38:b6:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f648b15582d34bd5170a9dd13b81325babae5e3a
        Validity
            Not Before: Jun  7 19:00:49 2025 GMT
            Not After : Jun  8 19:00:49 2025 GMT
        Subject: CN=eedca371cfd36549969f95612a0d14de0424a784
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:34:43:b0:d5:89:d4:8d:fe:0c:58:e6:bd:cc:
                    8d:d8:c3:04:27:a2:36:4b:c8:63:90:46:2f:36:b1:
                    8c:a6:a8:45:42:ea:c0:92:f1:0a:3f:95:5d:49:11:
                    a5:81:29:1e:86:2f:ef:d2:49:b9:90:4c:70:83:ea:
                    70:35:d0:a0:48:79:94:94:b0:f0:4d:10:b2:a9:c0:
                    8f:12:1a:63:bc:10:4b:10:93:df:39:96:27:4b:67:
                    b1:f2:58:fc:66:27:cd:8a:0a:e9:1e:17:8d:62:66:
                    f9:c0:9d:04:d7:cf:01:ae:35:f3:9a:a0:0d:4a:2b:
                    64:73:4d:70:c3:64:dd:f2:95:a3:88:a4:0e:55:aa:
                    16:8b:bc:63:60:88:79:d0:5a:51:bc:da:27:c2:cc:
                    99:f0:54:83:af:b9:f9:52:71:42:dc:e6:a1:f9:cc:
                    5d:fa:1d:ce:5e:f7:16:11:da:21:46:5c:dc:36:80:
                    82:c5:47:ec:c2:78:ec:13:0d:9d:e1:86:d3:c0:1e:
                    f0:d0:3d:54:c2:b5:1e:21:fc:86:e8:00:e0:90:dc:
                    ed:3a:65:19:bb:72:bc:fd:f3:3b:37:aa:75:3d:d8:
                    ae:12:c0:0e:5b:be:8f:30:d2:f5:7d:e1:23:09:03:
                    95:7d:e8:df:5a:81:c8:7f:db:81:9f:9b:33:b4:3c:
                    92:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:DC:A3:71:CF:D3:65:49:96:9F:95:61:2A:0D:14:DE:04:24:A7:84
            X509v3 Authority Key Identifier:
                keyid:F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:8a:2d:8d:75:53:2c:3c:aa:1c:b8:a4:28:01:06:8e:21:18:
         5b:19:9e:bf:ea:66:e5:77:9e:fb:56:52:40:37:1b:ff:7e:7a:
         88:ee:ee:dc:ca:31:88:44:3e:94:00:fa:7a:d2:ec:a3:96:a1:
         af:c0:b0:93:8a:44:66:21:09:8e:ce:ff:7b:48:90:24:ef:3d:
         59:27:3f:55:92:68:4a:bc:10:b5:c6:9e:31:bf:82:43:96:3e:
         3d:a2:66:fc:e3:9a:83:6a:f2:c6:1c:4b:2b:33:06:65:ef:04:
         e3:d4:5f:fe:5a:e0:44:54:f7:4a:15:00:b6:5a:a7:2d:cb:8f:
         7a:cf:84:e4:b2:64:52:9a:20:59:5c:c2:51:ea:41:62:00:e3:
         5a:55:4d:40:b2:be:46:14:ff:28:e8:39:b6:5a:14:74:65:7e:
         71:29:0a:9c:03:b5:37:f9:e5:7f:f9:4b:db:55:12:9c:52:00:
         5e:5d:95:4d:c6:09:8b:bd:a7:ab:26:71:84:e5:af:df:15:a0:
         7b:82:99:d5:ca:82:6a:ca:38:49:5b:2a:22:9c:af:a9:84:a1:
         8a:ed:60:f7:d7:74:fc:1b:cb:93:9d:cb:87:97:8a:b0:56:b1:
         49:0d:bc:71:56:a8:77:04:f9:37:00:2f:b3:98:b7:bd:b3:75:
         9d:a4:1b:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLxFyS+dI/XrnFBhrUOLaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDhiMTU1ODJkMzRiZDUxNzBhOWRkMTNiODEzMjViYWJh
ZTVlM2EwHhcNMjUwNjA3MTkwMDQ5WhcNMjUwNjA4MTkwMDQ5WjAzMTEwLwYDVQQD
EyhlZWRjYTM3MWNmZDM2NTQ5OTY5Zjk1NjEyYTBkMTRkZTA0MjRhNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TRDsNWJ1I3+DFjmvcyN2MMEJ6I2
S8hjkEYvNrGMpqhFQurAkvEKP5VdSRGlgSkehi/v0km5kExwg+pwNdCgSHmUlLDw
TRCyqcCPEhpjvBBLEJPfOZYnS2ex8lj8ZifNigrpHheNYmb5wJ0E188BrjXzmqAN
Sitkc01ww2Td8pWjiKQOVaoWi7xjYIh50FpRvNonwsyZ8FSDr7n5UnFC3Oah+cxd
+h3OXvcWEdohRlzcNoCCxUfswnjsEw2d4YbTwB7w0D1UwrUeIfyG6ADgkNztOmUZ
u3K8/fM7N6p1PdiuEsAOW76PMNL1feEjCQOVfejfWoHIf9uBn5sztDyS3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7co3HP02VJlp+VYSoNFN4EJKeEMB8GA1UdIwQY
MBaAFPZIsVWC00vVFwqd0TuBMlurrl46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzct
NjI3OTliOTAyMzFiLzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzctNjI3OTliOTAyMzFi
LzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfootjXVT
LDyqHLikKAEGjiEYWxmev+pm5Xee+1ZSQDcb/356iO7u3MoxiEQ+lAD6etLso5ah
r8Cwk4pEZiEJjs7/e0iQJO89WSc/VZJoSrwQtcaeMb+CQ5Y+PaJm/OOag2ryxhxL
KzMGZe8E49Rf/lrgRFT3ShUAtlqnLcuPes+E5LJkUpogWVzCUepBYgDjWlVNQLK+
RhT/KOg5tloUdGV+cSkKnAO1N/nlf/lL21USnFIAXl2VTcYJi72nqyZxhOWv3xWg
e4KZ1cqCaso4SVsqIpyvqYShiu1g99d0/BvLk53Lh5eKsFaxSQ28cVaodwT5NwAv
s5i3vbN1naQbKQ==
-----END CERTIFICATE-----