Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
File:                     wq8ZpG9azIz4_QNiSmG3koqBjNA.mft (raw, json)
Hash identifier:          oDDS6/z7Npdc3AH3n5Ge4le9diQL5/NOrt7qKgLMsYE=
Subject key identifier:   F4:74:65:42:9C:BA:40:82:B7:7C:46:46:A7:4A:D5:7A:35:25:99:BD
Authority key identifier: C2:AF:19:A4:6F:5A:CC:8C:F8:FD:03:62:4A:61:B7:92:8A:81:8C:D0
Certificate issuer:       /CN=c2af19a46f5acc8cf8fd03624a61b7928a818cd0
Certificate serial:       0197542312828A71CB420C534B033B62EE8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
Manifest number:          157D
Signing time:             Mon 09 Jun 2025 10:01:14 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:14 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:14 +0000
Files and hashes:         1: wq8ZpG9azIz4_QNiSmG3koqBjNA.crl (hash: O9WaLyt0koT/ZX2CnGZ3YvG+ZWsyQOGacltooa2R2zM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:12:82:8a:71:cb:42:0c:53:4b:03:3b:62:ee:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2af19a46f5acc8cf8fd03624a61b7928a818cd0
        Validity
            Not Before: Jun  9 10:01:14 2025 GMT
            Not After : Jun 10 10:01:14 2025 GMT
        Subject: CN=f47465429cba4082b77c4646a74ad57a352599bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:73:ec:ee:15:e1:f1:12:b1:4d:86:98:f3:ff:
                    42:e9:ff:f0:96:21:99:f9:0c:43:bc:77:74:f4:80:
                    0c:63:24:f3:12:7b:47:34:8f:22:59:90:f2:db:bf:
                    56:ca:ec:e1:66:a2:ce:6c:a2:3c:67:41:49:f5:56:
                    76:74:90:0a:b8:96:95:c0:b9:46:b6:a5:f5:de:39:
                    35:5e:26:09:0d:54:bf:f9:ac:d6:d2:a9:9b:94:a5:
                    9c:f3:ef:58:42:e3:48:4e:0c:66:87:61:e6:c2:16:
                    42:5b:d5:17:65:41:48:80:e0:aa:04:39:73:9b:5b:
                    6b:e7:ba:d5:35:8d:c5:cc:7f:11:9e:74:48:64:da:
                    8e:36:b7:eb:a8:b3:e9:f5:4d:f8:1b:2d:21:20:cf:
                    c1:00:04:90:03:af:d9:fa:10:7a:08:bf:4f:04:80:
                    23:d5:cf:2e:32:0b:85:0f:cf:18:32:80:6a:2b:ac:
                    25:f8:61:1a:d2:30:5d:e1:7d:a7:55:a9:94:3a:57:
                    2f:67:0f:26:7b:b3:d9:49:2a:ce:31:64:e0:3b:c4:
                    5b:65:f8:98:ab:8d:50:a2:e7:ac:8b:81:78:59:85:
                    80:9b:32:a7:03:76:c6:a4:e2:77:0d:8b:03:45:c5:
                    a9:5c:45:8f:12:3a:3d:1f:ae:8e:f9:19:13:e2:81:
                    0d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:74:65:42:9C:BA:40:82:B7:7C:46:46:A7:4A:D5:7A:35:25:99:BD
            X509v3 Authority Key Identifier:
                keyid:C2:AF:19:A4:6F:5A:CC:8C:F8:FD:03:62:4A:61:B7:92:8A:81:8C:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:fb:bb:97:4d:aa:a0:6e:b2:ab:67:7e:e5:b5:3a:bb:9c:c4:
         df:5a:a1:3b:39:44:53:87:82:f9:76:04:d7:1c:1f:2c:8a:b0:
         e4:49:ca:88:86:d5:4d:9c:69:7a:ef:aa:12:4f:61:5f:66:77:
         98:50:67:fd:48:4a:0f:bb:ae:30:d4:2b:56:a8:8b:e0:34:27:
         5e:ba:8f:90:fe:a2:f7:a1:52:eb:9b:61:66:eb:8c:8b:b7:59:
         8f:da:a9:a3:fe:1e:9a:80:c7:b9:e6:85:e6:a6:36:c0:c0:43:
         e2:ac:8d:02:4f:83:ea:fd:8a:b1:96:22:06:a9:07:6c:a9:0a:
         a7:7f:a1:a5:d9:46:ba:2b:13:ba:d8:da:a3:59:3d:3e:d3:b4:
         db:9b:3a:eb:6f:0e:cc:cd:32:99:3e:5f:2e:9d:d3:41:0c:d4:
         3f:ca:6b:e8:0d:54:02:44:d3:2d:08:cb:31:33:15:28:99:43:
         e7:a5:a7:ed:09:f7:83:15:1a:f7:64:17:5b:eb:b4:1b:bd:ae:
         a4:7f:db:4a:76:e9:f8:00:21:f5:8c:51:9a:cf:80:58:f4:db:
         0f:e6:d8:b4:55:a6:b7:3d:cf:e8:95:81:51:9e:2e:78:f4:13:
         cb:03:b8:fd:f7:f3:d3:5d:1c:cd:d8:dc:71:9d:cc:16:e1:9e:
         a8:2d:49:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIxKCinHLQgxTSwM7Yu6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWYxOWE0NmY1YWNjOGNmOGZkMDM2MjRhNjFiNzkyOGE4
MThjZDAwHhcNMjUwNjA5MTAwMTE0WhcNMjUwNjEwMTAwMTE0WjAzMTEwLwYDVQQD
EyhmNDc0NjU0MjljYmE0MDgyYjc3YzQ2NDZhNzRhZDU3YTM1MjU5OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3Ps7hXh8RKxTYaY8/9C6f/wliGZ
+QxDvHd09IAMYyTzEntHNI8iWZDy279WyuzhZqLObKI8Z0FJ9VZ2dJAKuJaVwLlG
tqX13jk1XiYJDVS/+azW0qmblKWc8+9YQuNITgxmh2HmwhZCW9UXZUFIgOCqBDlz
m1tr57rVNY3FzH8RnnRIZNqONrfrqLPp9U34Gy0hIM/BAASQA6/Z+hB6CL9PBIAj
1c8uMguFD88YMoBqK6wl+GEa0jBd4X2nVamUOlcvZw8me7PZSSrOMWTgO8RbZfiY
q41Qouesi4F4WYWAmzKnA3bGpOJ3DYsDRcWpXEWPEjo9H66O+RkT4oENKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPR0ZUKcukCCt3xGRqdK1Xo1JZm9MB8GA1UdIwQY
MBaAFMKvGaRvWsyM+P0DYkpht5KKgYzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8yZjk0ZWMtODMzNy00MjQ5LWJhYmMt
NTYzNjgxNGE5MzM3LzEvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8yZjk0ZWMtODMzNy00MjQ5LWJhYmMtNTYzNjgxNGE5MzM3
LzEvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlvu7l02q
oG6yq2d+5bU6u5zE31qhOzlEU4eC+XYE1xwfLIqw5EnKiIbVTZxpeu+qEk9hX2Z3
mFBn/UhKD7uuMNQrVqiL4DQnXrqPkP6i96FS65thZuuMi7dZj9qpo/4emoDHueaF
5qY2wMBD4qyNAk+D6v2KsZYiBqkHbKkKp3+hpdlGuisTutjao1k9PtO025s6628O
zM0ymT5fLp3TQQzUP8pr6A1UAkTTLQjLMTMVKJlD56Wn7Qn3gxUa92QXW+u0G72u
pH/bSnbp+AAh9YxRms+AWPTbD+bYtFWmtz3P6JWBUZ4uePQTywO4/ffz010czdjc
cZ3MFuGeqC1JaA==
-----END CERTIFICATE-----