Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
File:                     yAH8mVpSGvH1Atnq8S1mIaZMr00.mft (raw, json)
Hash identifier:          FF7TfWJBOoZQYoL5t5J0//P/eQW0m8KMB2HtkR0Wb+Y=
Subject key identifier:   37:26:D9:52:79:16:42:EC:E6:3F:D9:27:1B:B9:C6:9C:FB:F5:B7:96
Authority key identifier: C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D
Certificate issuer:       /CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
Certificate serial:       01974E577D602FD8390C5056981BA83D3D05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
Manifest number:          157B
Signing time:             Sun 08 Jun 2025 07:00:45 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:45 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:45 +0000
Files and hashes:         1: yAH8mVpSGvH1Atnq8S1mIaZMr00.crl (hash: 9rZ+f4K9llww2bh+M28Gz5Fr+O9h7CrUOcUIOo5rA84=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:7d:60:2f:d8:39:0c:50:56:98:1b:a8:3d:3d:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
        Validity
            Not Before: Jun  8 07:00:45 2025 GMT
            Not After : Jun  9 07:00:45 2025 GMT
        Subject: CN=3726d952791642ece63fd9271bb9c69cfbf5b796
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fc:8e:b2:25:fe:73:7c:7f:2a:35:0f:2d:f3:
                    0f:0e:d3:af:f8:0f:cb:8b:5a:89:c2:19:c1:3f:f7:
                    1e:7f:0f:68:87:13:5a:9e:3f:a1:0d:9d:02:0e:86:
                    17:1f:ac:6f:f3:b1:a3:b2:54:52:2d:7a:3b:4a:8a:
                    28:bb:18:cb:de:1b:34:62:58:c2:d6:58:6d:ad:54:
                    f9:b1:12:e0:92:db:9d:0a:06:2d:cf:9c:7e:69:65:
                    f8:8f:ab:08:fc:71:86:29:59:b4:44:dc:81:91:06:
                    fb:8a:d8:b2:91:2e:d3:3b:8d:d0:8b:9e:29:e7:15:
                    eb:93:06:75:46:b9:92:f2:12:25:21:64:57:35:33:
                    69:da:14:2f:57:c1:59:cc:cd:58:69:6d:79:4c:d9:
                    26:83:2a:8a:db:24:4f:a7:34:88:6d:64:8d:d3:6d:
                    cb:1f:e2:4b:a7:e4:c7:41:96:94:96:d9:3a:20:6e:
                    fc:15:11:e3:d2:e5:ae:4a:92:af:01:bb:86:b1:f9:
                    92:06:36:0c:18:b4:5a:ec:94:62:7c:1f:88:e3:9d:
                    f0:41:ea:7d:8e:99:68:94:3e:b0:0e:39:37:90:91:
                    3d:23:ac:eb:71:ae:79:b8:31:95:3e:f4:2a:7b:89:
                    d8:f7:d5:30:fd:bf:6c:db:28:0c:b6:82:34:36:7d:
                    d3:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:26:D9:52:79:16:42:EC:E6:3F:D9:27:1B:B9:C6:9C:FB:F5:B7:96
            X509v3 Authority Key Identifier:
                keyid:C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:c7:33:45:ce:7e:8b:00:89:49:0b:0a:4f:b7:f9:6b:08:4e:
         14:52:b6:ff:86:65:bc:4d:2f:b8:15:20:41:e7:91:2f:c4:19:
         c7:71:95:04:bd:38:3c:89:f2:64:ec:67:9a:10:4f:74:a9:8c:
         b3:40:49:d6:17:2d:fe:c9:8f:4c:1e:c3:98:19:75:37:e1:96:
         bf:f0:ad:7f:87:2c:e2:71:b8:4a:11:0f:c3:d2:77:da:c9:a5:
         49:c6:9a:83:72:53:b9:62:6f:63:7c:88:9a:f7:8d:eb:4b:12:
         2a:89:c4:80:de:b6:b5:0b:33:f7:7b:b0:27:17:3c:49:ce:66:
         c0:f7:dc:3b:3c:5e:ac:56:a7:80:3e:ab:13:17:b7:29:96:50:
         73:11:ad:52:f9:62:7a:fc:9d:75:cd:52:14:e6:3c:33:53:25:
         7b:46:a4:58:3b:79:aa:48:91:29:f0:e6:a2:7a:36:d4:ba:73:
         0a:8f:40:1a:c2:0d:97:81:46:fa:10:95:d6:fd:fa:70:21:50:
         fe:6b:70:f3:31:c3:a5:db:64:c8:8f:8f:44:5b:42:04:0c:13:
         9a:e1:42:ca:d2:ae:62:cf:67:ed:2d:24:ee:51:ff:dd:10:71:
         27:cd:e7:70:49:f1:bd:80:dc:a9:ed:a9:0a:2b:c2:81:fa:34:
         72:46:df:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV31gL9g5DFBWmBuoPT0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDFmYzk5NWE1MjFhZjFmNTAyZDllYWYxMmQ2NjIxYTY0
Y2FmNGQwHhcNMjUwNjA4MDcwMDQ1WhcNMjUwNjA5MDcwMDQ1WjAzMTEwLwYDVQQD
EygzNzI2ZDk1Mjc5MTY0MmVjZTYzZmQ5MjcxYmI5YzY5Y2ZiZjViNzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfyOsiX+c3x/KjUPLfMPDtOv+A/L
i1qJwhnBP/cefw9ohxNanj+hDZ0CDoYXH6xv87GjslRSLXo7SooouxjL3hs0YljC
1lhtrVT5sRLgktudCgYtz5x+aWX4j6sI/HGGKVm0RNyBkQb7itiykS7TO43Qi54p
5xXrkwZ1RrmS8hIlIWRXNTNp2hQvV8FZzM1YaW15TNkmgyqK2yRPpzSIbWSN023L
H+JLp+THQZaUltk6IG78FRHj0uWuSpKvAbuGsfmSBjYMGLRa7JRifB+I453wQep9
jplolD6wDjk3kJE9I6zrca55uDGVPvQqe4nY99Uw/b9s2ygMtoI0Nn3TVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcm2VJ5FkLs5j/ZJxu5xpz79beWMB8GA1UdIwQY
MBaAFMgB/JlaUhrx9QLZ6vEtZiGmTK9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgt
NzJjMGQ1MDkzMzRkLzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgtNzJjMGQ1MDkzMzRk
LzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD8czRc5+
iwCJSQsKT7f5awhOFFK2/4ZlvE0vuBUgQeeRL8QZx3GVBL04PInyZOxnmhBPdKmM
s0BJ1hct/smPTB7DmBl1N+GWv/Ctf4cs4nG4ShEPw9J32smlScaag3JTuWJvY3yI
mveN60sSKonEgN62tQsz93uwJxc8Sc5mwPfcOzxerFangD6rExe3KZZQcxGtUvli
evyddc1SFOY8M1Mle0akWDt5qkiRKfDmono21LpzCo9AGsINl4FG+hCV1v36cCFQ
/mtw8zHDpdtkyI+PRFtCBAwTmuFCytKuYs9n7S0k7lH/3RBxJ83ncEnxvYDcqe2p
CivCgfo0ckbfNw==
-----END CERTIFICATE-----