Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          CtAhnvsApiqsIzcRuZq8fDiTkSPeyklnnt5yQ1n+Nbg=
Subject key identifier:   6C:89:20:AC:2E:FF:86:74:9D:0F:E0:F2:A5:16:EA:57:01:E8:CA:15
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       01974C69D20B8CE59D911668E0A156FA8E9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 22:01:32 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:32 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:32 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: X871gnFyA/hgApd5o4ruKaGBJwSOxQO5uwTPQiAXM7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:d2:0b:8c:e5:9d:91:16:68:e0:a1:56:fa:8e:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Jun  7 22:01:32 2025 GMT
            Not After : Jun  8 22:01:32 2025 GMT
        Subject: CN=6c8920ac2eff86749d0fe0f2a516ea5701e8ca15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:15:04:06:d1:e6:2e:6c:2e:64:bd:cd:83:90:
                    fc:d9:2b:23:d6:72:eb:32:f7:08:00:27:6a:44:a5:
                    21:e5:1a:ac:e0:d7:c9:25:1a:cc:72:88:b0:9d:9f:
                    80:85:3c:37:12:71:db:b4:da:bc:b5:6f:5e:8a:be:
                    c8:5a:25:f8:5c:26:7a:f7:b8:45:cf:45:46:ac:bc:
                    ec:61:9e:f0:ff:07:05:da:3c:3a:bb:d0:63:6e:43:
                    2f:72:d6:61:41:41:34:01:d4:cf:09:b9:07:1a:8e:
                    14:40:19:5b:71:f1:3a:07:23:ef:4d:1d:ee:e4:a9:
                    67:d1:83:e1:cc:d7:9a:0c:37:6b:2f:ba:68:7f:08:
                    9a:0d:cb:a2:d3:71:b2:a5:d1:81:09:d4:64:c7:2b:
                    3d:a6:cd:3f:d0:63:f2:4d:c9:f7:28:c6:8f:c6:96:
                    a3:1f:9b:57:b8:95:14:f5:6e:2c:ce:dc:10:b8:46:
                    80:3a:88:cb:89:cc:f9:52:23:71:1d:6d:04:e3:76:
                    79:f8:08:07:82:4f:92:e0:fd:33:52:bc:5e:5b:c1:
                    39:94:5b:0b:18:eb:d7:05:c2:cd:a1:50:41:b2:53:
                    29:57:aa:3c:fe:7f:0c:57:2c:8f:a7:52:b9:c6:e6:
                    bd:42:b2:e4:15:82:65:1a:4e:3d:20:5f:b9:37:24:
                    d7:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:89:20:AC:2E:FF:86:74:9D:0F:E0:F2:A5:16:EA:57:01:E8:CA:15
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:a3:81:47:9c:d0:31:1e:56:23:a2:35:8c:93:17:86:b9:6a:
         3d:6b:b2:30:e3:6d:9a:18:13:b4:eb:d2:b9:4c:35:38:08:86:
         32:de:13:f6:b3:87:13:fd:a3:8e:fc:20:64:9d:4f:d8:e8:9d:
         0b:f8:cb:9c:ba:83:bd:a3:6c:ca:2e:07:fa:f6:5f:16:a8:e8:
         16:ab:3f:30:f0:d5:99:63:99:c6:1d:b3:ed:87:21:a6:9f:59:
         ac:99:b3:ce:15:d6:50:fb:7b:59:ed:22:7d:67:44:49:59:14:
         ee:88:dc:a5:01:ff:6d:c5:f9:45:a5:f3:45:8f:c7:2a:68:8d:
         a2:15:8b:3c:eb:7b:fb:06:20:86:04:7b:09:03:d7:29:04:a8:
         3b:51:b1:8e:72:e1:9d:ef:6a:ff:3a:53:95:f5:c4:f2:22:ae:
         c8:73:6c:65:4a:43:da:c1:d5:3f:e2:8e:3c:42:4e:14:1a:c8:
         d5:a3:bc:93:f5:31:ad:9b:2d:11:15:ba:fa:5f:8d:26:33:46:
         26:4a:37:61:db:1e:db:8d:11:02:99:1f:9f:08:0d:c7:93:a7:
         51:02:04:b3:d1:75:31:9c:08:f1:26:d7:ff:69:e0:91:73:4f:
         61:de:02:dd:9f:46:1d:71:cd:55:5f:cf:72:48:1a:95:e5:d8:
         ad:d5:d3:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMadILjOWdkRZo4KFW+o6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjUwNjA3MjIwMTMyWhcNMjUwNjA4MjIwMTMyWjAzMTEwLwYDVQQD
Eyg2Yzg5MjBhYzJlZmY4Njc0OWQwZmUwZjJhNTE2ZWE1NzAxZThjYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hUEBtHmLmwuZL3Ng5D82Ssj1nLr
MvcIACdqRKUh5Rqs4NfJJRrMcoiwnZ+AhTw3EnHbtNq8tW9eir7IWiX4XCZ697hF
z0VGrLzsYZ7w/wcF2jw6u9BjbkMvctZhQUE0AdTPCbkHGo4UQBlbcfE6ByPvTR3u
5Kln0YPhzNeaDDdrL7pofwiaDcui03GypdGBCdRkxys9ps0/0GPyTcn3KMaPxpaj
H5tXuJUU9W4sztwQuEaAOojLicz5UiNxHW0E43Z5+AgHgk+S4P0zUrxeW8E5lFsL
GOvXBcLNoVBBslMpV6o8/n8MVyyPp1K5xua9QrLkFYJlGk49IF+5NyTXDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyJIKwu/4Z0nQ/g8qUW6lcB6MoVMB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQaOBR5zQ
MR5WI6I1jJMXhrlqPWuyMONtmhgTtOvSuUw1OAiGMt4T9rOHE/2jjvwgZJ1P2Oid
C/jLnLqDvaNsyi4H+vZfFqjoFqs/MPDVmWOZxh2z7Ychpp9ZrJmzzhXWUPt7We0i
fWdESVkU7ojcpQH/bcX5RaXzRY/HKmiNohWLPOt7+wYghgR7CQPXKQSoO1GxjnLh
ne9q/zpTlfXE8iKuyHNsZUpD2sHVP+KOPEJOFBrI1aO8k/UxrZstERW6+l+NJjNG
Jko3Ydse240RApkfnwgNx5OnUQIEs9F1MZwI8SbX/2ngkXNPYd4C3Z9GHXHNVV/P
ckgaleXYrdXTiA==
-----END CERTIFICATE-----