Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          kVfzPLPU7gY52x4NZ3My8093Is+AsHaxWYotdE6ZK7k=
Subject key identifier:   1E:36:85:84:12:32:57:C5:58:83:6B:22:A8:A7:AD:9D:7C:99:2D:C5
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       019747E76612BE5C5B53E2E0A27D1CEB3F9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 01:00:36 +0000
Manifest this update:     Sat 07 Jun 2025 01:00:36 +0000
Manifest next update:     Sun 08 Jun 2025 01:00:36 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: ZQ39kC5xw2FqZrZX6HMybutpkXqfuPNTXLypc1BBx1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 01:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:e7:66:12:be:5c:5b:53:e2:e0:a2:7d:1c:eb:3f:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Jun  7 01:00:36 2025 GMT
            Not After : Jun  8 01:00:36 2025 GMT
        Subject: CN=1e368584123257c558836b22a8a7ad9d7c992dc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:67:8c:37:68:90:b3:10:ba:36:8d:41:d1:0e:
                    85:d6:ab:ad:d9:a7:ed:6d:0b:0e:55:6e:8f:58:a1:
                    51:15:a3:83:bc:17:d7:ae:ad:4d:a7:2a:42:b5:3e:
                    e5:d7:0b:04:ae:99:71:33:6a:e2:60:34:6f:17:76:
                    bb:e9:be:69:6d:59:70:fc:d7:45:8a:15:c8:34:c0:
                    4e:5d:5f:21:2c:9d:27:a4:34:ce:a5:50:3f:06:16:
                    ab:14:ee:97:ee:31:07:7e:00:83:e9:65:20:0c:00:
                    e0:51:7d:3d:c2:8b:b4:61:54:f3:c7:bb:07:81:89:
                    96:9d:48:88:29:27:7c:1a:4d:cd:ef:b5:d7:c0:ac:
                    74:df:29:b2:3b:f8:a2:f1:03:c1:22:08:5f:f4:3e:
                    ab:af:73:c0:a2:c2:03:a2:6c:c4:1b:01:5f:4b:23:
                    7a:04:d0:37:19:9b:f8:4c:c7:a0:eb:3e:f2:11:2c:
                    0d:97:85:81:bb:64:73:0d:1a:45:95:6a:f2:21:d6:
                    95:70:a5:1d:75:54:89:89:84:51:e5:13:1e:b6:05:
                    47:f5:13:ba:e0:78:32:43:dd:f5:39:a9:0e:e2:e2:
                    e8:19:19:e9:87:3b:93:c7:01:4b:92:30:bd:92:bf:
                    17:ae:28:5b:3a:32:f7:6e:c1:de:4e:e9:ae:64:06:
                    b3:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:36:85:84:12:32:57:C5:58:83:6B:22:A8:A7:AD:9D:7C:99:2D:C5
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:41:c8:9f:bc:46:ba:8a:c8:34:a1:3f:73:76:69:f6:8e:76:
         06:c9:29:e4:0d:ef:f7:b0:40:1b:c2:87:e2:dd:c3:12:a4:20:
         af:77:22:bd:5d:67:33:f5:92:d2:78:fb:82:3a:19:08:3e:6f:
         13:cd:a9:16:4a:8d:cd:b5:cc:93:8a:04:5e:e1:76:10:cc:4e:
         ed:3c:03:bf:02:03:85:b8:b1:4e:69:56:74:3c:4a:0a:2e:74:
         39:12:5c:f6:4b:0a:4e:92:bc:44:00:74:14:ca:4a:8e:9e:3f:
         a2:6a:25:21:54:5f:81:2f:87:28:1e:3f:0b:c7:24:6e:b3:82:
         93:72:43:98:ba:40:4b:42:2c:43:a2:09:ae:ab:ee:3c:93:c1:
         9b:5b:f1:27:13:35:60:20:c4:68:22:ed:b1:44:82:c2:10:b9:
         3a:16:2a:8f:b7:b0:c5:94:f3:3c:3a:f8:bd:e5:ba:53:cb:03:
         7a:4d:31:db:71:fb:66:fe:11:8e:19:01:fc:61:d4:aa:63:ec:
         31:c6:a1:84:89:a1:ab:a9:36:ec:d0:c9:d8:5c:df:f2:49:09:
         9d:18:b6:4c:ed:ff:d3:54:4e:bb:ba:cd:5d:63:a6:96:cb:a3:
         80:48:1d:1b:b3:a7:8b:e0:23:b3:c8:bf:b2:d0:5e:5c:55:f8:
         eb:99:20:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdH52YSvlxbU+Lgon0c6z+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUwNjA3MDEwMDM2WhcNMjUwNjA4MDEwMDM2WjAzMTEwLwYDVQQD
EygxZTM2ODU4NDEyMzI1N2M1NTg4MzZiMjJhOGE3YWQ5ZDdjOTkyZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWeMN2iQsxC6No1B0Q6F1qut2aft
bQsOVW6PWKFRFaODvBfXrq1NpypCtT7l1wsErplxM2riYDRvF3a76b5pbVlw/NdF
ihXINMBOXV8hLJ0npDTOpVA/BharFO6X7jEHfgCD6WUgDADgUX09wou0YVTzx7sH
gYmWnUiIKSd8Gk3N77XXwKx03ymyO/ii8QPBIghf9D6rr3PAosIDomzEGwFfSyN6
BNA3GZv4TMeg6z7yESwNl4WBu2RzDRpFlWryIdaVcKUddVSJiYRR5RMetgVH9RO6
4HgyQ931OakO4uLoGRnphzuTxwFLkjC9kr8XrihbOjL3bsHeTumuZAaz+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB42hYQSMlfFWINrIqinrZ18mS3FMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT0HIn7xG
uorINKE/c3Zp9o52Bskp5A3v97BAG8KH4t3DEqQgr3civV1nM/WS0nj7gjoZCD5v
E82pFkqNzbXMk4oEXuF2EMxO7TwDvwIDhbixTmlWdDxKCi50ORJc9ksKTpK8RAB0
FMpKjp4/omolIVRfgS+HKB4/C8ckbrOCk3JDmLpAS0IsQ6IJrqvuPJPBm1vxJxM1
YCDEaCLtsUSCwhC5OhYqj7ewxZTzPDr4veW6U8sDek0x23H7Zv4RjhkB/GHUqmPs
McahhImhq6k27NDJ2Fzf8kkJnRi2TO3/01ROu7rNXWOmlsujgEgdG7Oni+Ajs8i/
stBeXFX465kgqg==
-----END CERTIFICATE-----