Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
File:                     214_2Taim0KaFIK070HDJuKTfSo.mft (raw, json)
Hash identifier:          jcyFvlEKEGg9qaAyXwu4TA8BDJQLMmTAgxf9urgX9IA=
Subject key identifier:   51:8D:7C:A9:08:CD:DC:2E:A6:D4:66:67:13:15:63:C4:63:C2:26:A7
Authority key identifier: DB:5E:3F:D9:36:A2:9B:42:9A:14:82:B4:EF:41:C3:26:E2:93:7D:2A
Certificate issuer:       /CN=db5e3fd936a29b429a1482b4ef41c326e2937d2a
Certificate serial:       01974AE8EFAD07867FC9011F4F25F06FF39B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 15:01:09 +0000
Manifest this update:     Sat 07 Jun 2025 15:01:09 +0000
Manifest next update:     Sun 08 Jun 2025 15:01:09 +0000
Files and hashes:         1: 214_2Taim0KaFIK070HDJuKTfSo.crl (hash: eP7K5WiQJuYv0ehWS4rWAGPzeTPWSEyD1CSlgHJQM0w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 15:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:ef:ad:07:86:7f:c9:01:1f:4f:25:f0:6f:f3:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db5e3fd936a29b429a1482b4ef41c326e2937d2a
        Validity
            Not Before: Jun  7 15:01:09 2025 GMT
            Not After : Jun  8 15:01:09 2025 GMT
        Subject: CN=518d7ca908cddc2ea6d46667131563c463c226a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:39:36:db:f4:91:11:0d:30:8f:be:ce:b4:37:
                    47:87:b5:bd:c9:a6:8a:28:75:2c:1e:c4:05:7e:ce:
                    95:fd:fa:98:1d:d7:2b:98:cc:7b:2b:1e:c9:92:27:
                    e4:f2:2e:f4:37:04:89:aa:d4:da:ff:25:c2:f1:34:
                    3f:d9:f2:ff:ae:3f:0e:63:ec:1a:b0:6b:79:c6:b5:
                    bf:24:ed:0e:dd:7d:10:e6:b7:80:9e:cc:24:dc:4e:
                    c4:f0:9c:1e:5e:5a:a4:d1:12:a3:82:52:13:42:7a:
                    8f:6d:94:c2:c6:d4:3f:4c:c1:2b:01:58:a0:6f:80:
                    e7:10:b1:40:bb:82:c5:64:5f:47:d2:0a:ee:01:ee:
                    95:c2:d6:20:6b:4e:2e:33:c9:04:6c:33:ea:44:f9:
                    5c:d4:25:10:4b:f6:96:34:3f:52:71:88:c2:1a:06:
                    7a:a6:d7:67:e9:6e:cd:21:c2:2a:f0:5b:ed:d1:bc:
                    73:0f:89:6f:fb:be:84:47:55:6c:55:e4:0c:c6:9f:
                    23:e5:65:28:e1:d7:8d:95:73:8c:24:0a:d5:34:2e:
                    94:39:b9:29:8b:f0:14:80:b6:6d:8b:a9:30:82:d4:
                    32:40:65:d4:69:66:21:4e:97:65:93:07:8d:56:da:
                    ca:04:97:1e:5a:b5:65:3e:50:e8:4b:d1:de:5f:ec:
                    17:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:8D:7C:A9:08:CD:DC:2E:A6:D4:66:67:13:15:63:C4:63:C2:26:A7
            X509v3 Authority Key Identifier:
                keyid:DB:5E:3F:D9:36:A2:9B:42:9A:14:82:B4:EF:41:C3:26:E2:93:7D:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:a6:2a:43:24:03:84:5c:4d:d2:91:89:ef:d2:75:80:cf:22:
         f0:de:a8:7c:ea:d4:d5:b4:70:53:71:95:c0:5c:5e:61:fa:1a:
         89:6d:fb:94:77:39:9c:d0:d6:70:7b:37:57:5c:08:74:b9:98:
         b3:0b:8e:77:11:a9:91:1a:8c:1e:52:b8:34:e4:c1:3f:1c:3c:
         6b:cf:e7:ad:8d:12:c4:75:01:61:21:8e:e1:d1:6f:50:47:98:
         26:7d:a1:0c:e3:6b:b1:a0:e7:73:55:d9:24:3c:d1:c0:06:a9:
         13:86:84:f7:e6:b6:99:10:74:ce:82:cb:b1:63:e1:7d:4e:a9:
         85:ae:7f:02:3c:f1:5e:8b:fe:46:0d:b6:d2:98:b2:f2:a4:33:
         ef:85:7b:d5:3d:25:6b:35:f0:b2:d0:c9:0f:2a:99:80:1f:9e:
         3d:b7:4d:20:cc:6c:42:6b:39:d1:8a:7e:90:38:5c:8b:41:2e:
         9d:70:23:29:b8:54:bc:f6:49:1f:e7:39:a4:7c:b6:a5:56:a3:
         5c:2c:b9:1e:a5:8d:c1:07:7b:7a:95:09:8a:5c:a9:76:0c:33:
         d2:4f:1b:95:29:23:a1:71:a1:1b:3f:13:d5:ea:d5:c3:5f:6e:
         dc:25:50:83:9d:78:f8:12:de:16:69:67:b9:f0:0d:82:e0:eb:
         fc:56:bc:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6O+tB4Z/yQEfTyXwb/ObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNWUzZmQ5MzZhMjliNDI5YTE0ODJiNGVmNDFjMzI2ZTI5
MzdkMmEwHhcNMjUwNjA3MTUwMTA5WhcNMjUwNjA4MTUwMTA5WjAzMTEwLwYDVQQD
Eyg1MThkN2NhOTA4Y2RkYzJlYTZkNDY2NjcxMzE1NjNjNDYzYzIyNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTk22/SREQ0wj77OtDdHh7W9yaaK
KHUsHsQFfs6V/fqYHdcrmMx7Kx7Jkifk8i70NwSJqtTa/yXC8TQ/2fL/rj8OY+wa
sGt5xrW/JO0O3X0Q5reAnswk3E7E8JweXlqk0RKjglITQnqPbZTCxtQ/TMErAVig
b4DnELFAu4LFZF9H0gruAe6VwtYga04uM8kEbDPqRPlc1CUQS/aWND9ScYjCGgZ6
ptdn6W7NIcIq8Fvt0bxzD4lv+76ER1VsVeQMxp8j5WUo4deNlXOMJArVNC6UObkp
i/AUgLZti6kwgtQyQGXUaWYhTpdlkweNVtrKBJceWrVlPlDoS9HeX+wXoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFGNfKkIzdwuptRmZxMVY8RjwianMB8GA1UdIwQY
MBaAFNteP9k2optCmhSCtO9Bwybik30qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hYWUxN2YtYzM1Yi00MDdjLTg5NmIt
N2U1NzY5MWJiZWQ5LzEvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hYWUxN2YtYzM1Yi00MDdjLTg5NmItN2U1NzY5MWJiZWQ5
LzEvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFqYqQyQD
hFxN0pGJ79J1gM8i8N6ofOrU1bRwU3GVwFxeYfoaiW37lHc5nNDWcHs3V1wIdLmY
swuOdxGpkRqMHlK4NOTBPxw8a8/nrY0SxHUBYSGO4dFvUEeYJn2hDONrsaDnc1XZ
JDzRwAapE4aE9+a2mRB0zoLLsWPhfU6pha5/AjzxXov+Rg220piy8qQz74V71T0l
azXwstDJDyqZgB+ePbdNIMxsQms50Yp+kDhci0EunXAjKbhUvPZJH+c5pHy2pVaj
XCy5HqWNwQd7epUJilypdgwz0k8blSkjoXGhGz8T1erVw19u3CVQg514+BLeFmln
ufANguDr/Fa89g==
-----END CERTIFICATE-----