Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
File:                     RHhnr-yeLyk5So9fl_kJKdkoIQI.mft (raw, json)
Hash identifier:          lvzO+hkxhML6JFioor12bNtrxBVgIVbKQgLL61jpqPs=
Subject key identifier:   EB:34:1D:75:C1:BD:6A:AB:16:8B:5E:8E:06:08:55:08:B8:1A:8D:ED
Authority key identifier: 44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02
Certificate issuer:       /CN=447867afec9e2f29394a8f5f97f90929d9282102
Certificate serial:       01974A7AC80FED95C213FCD39EB3042488D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 13:00:49 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:49 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:49 +0000
Files and hashes:         1: RHhnr-yeLyk5So9fl_kJKdkoIQI.crl (hash: VkiDivwKm9QiOSLkydoUpC578Fue/MvbkkiezgUSMx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:c8:0f:ed:95:c2:13:fc:d3:9e:b3:04:24:88:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=447867afec9e2f29394a8f5f97f90929d9282102
        Validity
            Not Before: Jun  7 13:00:49 2025 GMT
            Not After : Jun  8 13:00:49 2025 GMT
        Subject: CN=eb341d75c1bd6aab168b5e8e06085508b81a8ded
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fe:40:5d:f4:b9:7f:4a:a0:23:01:92:3a:e0:
                    f4:ff:b9:fd:39:4a:96:c4:2d:b2:3d:5e:50:8f:58:
                    1f:fb:e5:98:32:6f:72:e7:db:1a:db:02:c0:52:bb:
                    01:14:09:01:f6:98:61:a0:6d:6e:ee:4d:9a:06:42:
                    7e:5f:9a:0c:4c:67:b7:4f:68:c5:0f:d9:ad:56:e0:
                    b7:8e:9d:e2:49:e2:13:24:1a:9e:53:9a:2b:49:a4:
                    26:f9:f7:23:2c:b4:7b:13:81:5d:54:5e:f6:9c:a9:
                    0a:37:59:e8:47:d5:22:98:13:0b:df:4d:55:a0:e8:
                    2b:51:a6:ae:7f:01:ea:df:55:15:dd:d5:4d:b3:d3:
                    b0:ae:2e:17:90:36:f3:13:97:03:a1:7b:37:43:0b:
                    7f:ae:07:25:45:2b:6b:a5:f4:9f:61:a0:98:e5:a3:
                    6c:0f:40:7d:35:2d:b7:23:02:01:d2:cb:21:e8:e8:
                    d3:ba:88:92:57:a8:9f:1f:06:b2:cf:18:b3:bd:8c:
                    5c:e7:49:0b:fb:9b:58:d0:44:7b:2b:57:65:3d:e1:
                    39:90:ba:49:ef:02:f6:b8:af:b5:d7:f2:6e:ca:af:
                    13:13:bc:13:b0:d5:57:15:60:1f:33:0d:1e:26:b7:
                    b3:b8:e7:f4:a4:a5:c8:8c:6b:45:2b:c7:14:10:4f:
                    cf:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:34:1D:75:C1:BD:6A:AB:16:8B:5E:8E:06:08:55:08:B8:1A:8D:ED
            X509v3 Authority Key Identifier:
                keyid:44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:90:f0:b9:20:cb:3f:93:2c:f4:55:48:fe:20:c3:44:aa:4d:
         60:58:5f:0a:80:7e:54:06:a5:b4:de:47:c3:b4:3f:6d:15:f1:
         91:a6:bf:ec:93:2e:b9:2d:9d:3f:11:37:e7:c3:c9:88:28:e2:
         80:38:26:dc:3f:48:8f:bf:6d:a9:58:08:85:52:77:22:7c:bf:
         f4:6e:60:4e:42:a7:eb:38:a9:b5:b1:d7:a9:39:fa:1c:e9:83:
         a2:f4:23:d8:ab:5c:ef:c9:a0:9b:0a:bc:5c:a7:b2:70:71:54:
         6a:bf:ae:5b:6d:e2:5b:06:ed:cb:5d:7e:4e:66:bf:a5:52:94:
         72:4d:22:b9:a0:64:19:1d:d6:79:1e:21:ee:d3:87:e0:a6:8b:
         9d:5c:24:65:85:af:3c:f9:7e:50:29:7a:30:50:41:f3:84:f1:
         9b:02:dd:c0:41:f8:40:b2:48:90:cb:50:de:0d:f2:25:82:69:
         9b:ae:82:54:e9:6e:7c:de:83:e0:f4:27:79:52:55:c3:94:88:
         33:70:78:c3:fe:93:5d:af:16:b0:74:18:97:f1:b7:0c:1c:c0:
         b8:f0:89:06:ea:f6:28:e2:82:d6:cd:ee:5e:b8:d9:43:6f:e6:
         07:ca:7b:90:07:30:d3:71:d5:8b:2e:4d:51:40:b3:df:0a:a0:
         e4:67:bc:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKesgP7ZXCE/zTnrMEJIjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Nzg2N2FmZWM5ZTJmMjkzOTRhOGY1Zjk3ZjkwOTI5ZDky
ODIxMDIwHhcNMjUwNjA3MTMwMDQ5WhcNMjUwNjA4MTMwMDQ5WjAzMTEwLwYDVQQD
EyhlYjM0MWQ3NWMxYmQ2YWFiMTY4YjVlOGUwNjA4NTUwOGI4MWE4ZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf5AXfS5f0qgIwGSOuD0/7n9OUqW
xC2yPV5Qj1gf++WYMm9y59sa2wLAUrsBFAkB9phhoG1u7k2aBkJ+X5oMTGe3T2jF
D9mtVuC3jp3iSeITJBqeU5orSaQm+fcjLLR7E4FdVF72nKkKN1noR9UimBML301V
oOgrUaaufwHq31UV3dVNs9Owri4XkDbzE5cDoXs3Qwt/rgclRStrpfSfYaCY5aNs
D0B9NS23IwIB0ssh6OjTuoiSV6ifHwayzxizvYxc50kL+5tY0ER7K1dlPeE5kLpJ
7wL2uK+11/Juyq8TE7wTsNVXFWAfMw0eJrezuOf0pKXIjGtFK8cUEE/PQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOs0HXXBvWqrFotejgYIVQi4Go3tMB8GA1UdIwQY
MBaAFER4Z6/sni8pOUqPX5f5CSnZKCECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDIt
M2UxMDkxMDdjZWI2LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDItM2UxMDkxMDdjZWI2
LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASJDwuSDL
P5Ms9FVI/iDDRKpNYFhfCoB+VAaltN5Hw7Q/bRXxkaa/7JMuuS2dPxE358PJiCji
gDgm3D9Ij79tqVgIhVJ3Iny/9G5gTkKn6ziptbHXqTn6HOmDovQj2Ktc78mgmwq8
XKeycHFUar+uW23iWwbty11+Tma/pVKUck0iuaBkGR3WeR4h7tOH4KaLnVwkZYWv
PPl+UCl6MFBB84TxmwLdwEH4QLJIkMtQ3g3yJYJpm66CVOlufN6D4PQneVJVw5SI
M3B4w/6TXa8WsHQYl/G3DBzAuPCJBur2KOKC1s3uXrjZQ2/mB8p7kAcw03HViy5N
UUCz3wqg5Ge80Q==
-----END CERTIFICATE-----