Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
File:                     jPJ69YYwRc-otYseJ3aSueHTje0.mft (raw, json)
Hash identifier:          M/iXA8alHcQtCCxiTHgAYPkE0oTg1NmXBojEpbkYyUc=
Subject key identifier:   BB:BE:BC:90:B3:F1:BB:1D:7E:A5:20:F3:D9:34:34:F4:B7:CB:99:75
Authority key identifier: 8C:F2:7A:F5:86:30:45:CF:A8:B5:8B:1E:27:76:92:B9:E1:D3:8D:ED
Certificate issuer:       /CN=8cf27af5863045cfa8b58b1e277692b9e1d38ded
Certificate serial:       0197469E55FCB8EC03C67F28AEDF6D6C4983
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
Manifest number:          157A
Signing time:             Fri 06 Jun 2025 19:01:11 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:11 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:11 +0000
Files and hashes:         1: jPJ69YYwRc-otYseJ3aSueHTje0.crl (hash: IPRZt0nMAQwXmfm7Ngui0Rk04SzZfs82nfeFNgtlgpo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:55:fc:b8:ec:03:c6:7f:28:ae:df:6d:6c:49:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cf27af5863045cfa8b58b1e277692b9e1d38ded
        Validity
            Not Before: Jun  6 19:01:11 2025 GMT
            Not After : Jun  7 19:01:11 2025 GMT
        Subject: CN=bbbebc90b3f1bb1d7ea520f3d93434f4b7cb9975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c6:de:58:54:84:3e:02:0e:e8:9f:05:0c:e9:
                    2e:3a:7b:cf:6c:1a:d1:cd:d6:3b:95:40:e4:b4:95:
                    9b:56:91:be:4c:c5:f7:67:13:bc:23:b3:5d:ba:5f:
                    ab:e4:f0:21:8d:ef:23:66:f8:74:d4:03:83:97:b7:
                    83:4c:fc:bb:17:97:2a:06:15:3b:67:11:d7:7c:e3:
                    36:9a:f6:b6:5a:47:e3:5f:10:6a:3c:27:2c:e4:45:
                    fe:68:4d:33:9c:5b:d0:12:17:30:29:9e:cc:46:ba:
                    b5:63:b8:33:e1:2c:eb:74:6e:20:c6:39:65:b9:10:
                    d3:ea:f0:cb:0a:be:b0:7a:e0:5b:a2:92:36:a7:4e:
                    76:fc:8b:e8:aa:60:c0:66:e3:bf:0b:ba:05:de:53:
                    64:e4:34:ee:a2:c0:8b:d4:ce:cf:d8:84:a9:c6:d8:
                    65:dd:03:fb:96:03:f9:1e:4c:f2:fd:1d:a5:33:32:
                    08:09:2b:5d:0b:af:10:16:ec:e5:5e:47:ca:f3:b6:
                    ae:72:6c:91:d2:3f:ae:6a:ff:20:8a:67:ea:12:36:
                    1b:9a:29:10:93:20:0f:04:5e:9a:1f:41:6c:27:9c:
                    5b:db:e4:71:34:b8:fb:d5:87:06:f9:43:69:4c:35:
                    d6:8b:71:44:f9:3d:73:2f:33:2f:f7:17:3f:08:20:
                    9c:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:BE:BC:90:B3:F1:BB:1D:7E:A5:20:F3:D9:34:34:F4:B7:CB:99:75
            X509v3 Authority Key Identifier:
                keyid:8C:F2:7A:F5:86:30:45:CF:A8:B5:8B:1E:27:76:92:B9:E1:D3:8D:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jPJ69YYwRc-otYseJ3aSueHTje0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ab7efb-2d60-4e69-9e06-01c996e0b7e7/1/jPJ69YYwRc-otYseJ3aSueHTje0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:34:45:81:46:b2:63:dd:08:09:df:aa:8c:39:9e:35:da:ea:
         cf:e3:5e:01:3c:b9:db:3f:6c:5e:b7:af:45:c2:fa:4d:38:f8:
         71:7b:61:6c:9e:77:7e:34:91:c6:c4:6a:9c:e1:d5:9a:0d:8b:
         35:4a:1f:c1:2b:36:05:18:a1:4d:5e:78:d1:9f:be:13:b1:94:
         57:ce:32:49:b9:ee:c1:86:33:07:3f:65:c5:0f:09:da:ab:fe:
         b5:d6:62:7e:64:25:d8:1c:fb:06:be:b4:d3:75:9d:16:19:b2:
         d9:ba:f0:e5:ed:9b:07:97:1a:2c:50:6c:f4:5e:d8:5c:1c:e3:
         4b:13:12:0d:8d:39:14:5c:94:92:a6:88:a1:3a:fd:f0:d4:53:
         aa:cf:4b:f4:9f:bd:ec:ec:7b:2c:7b:b5:d8:02:92:a7:0a:01:
         6d:99:81:c3:65:2c:01:b5:f7:a5:ee:be:05:d0:61:1b:99:fa:
         7b:c8:72:b7:d1:68:f4:ad:d9:cf:af:bd:f0:fe:a4:b3:37:c3:
         3f:aa:af:ef:43:c4:e9:7e:09:36:d4:d4:bc:8d:b6:49:50:0d:
         97:6a:8e:a0:0a:ea:f1:6c:f1:d9:6a:48:02:6b:79:23:1d:46:
         0d:f5:1e:83:57:06:80:a8:ff:75:e0:ab:38:cf:e6:63:0a:71:
         c5:c2:56:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnlX8uOwDxn8ort9tbEmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZjI3YWY1ODYzMDQ1Y2ZhOGI1OGIxZTI3NzY5MmI5ZTFk
MzhkZWQwHhcNMjUwNjA2MTkwMTExWhcNMjUwNjA3MTkwMTExWjAzMTEwLwYDVQQD
EyhiYmJlYmM5MGIzZjFiYjFkN2VhNTIwZjNkOTM0MzRmNGI3Y2I5OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8beWFSEPgIO6J8FDOkuOnvPbBrR
zdY7lUDktJWbVpG+TMX3ZxO8I7Ndul+r5PAhje8jZvh01AODl7eDTPy7F5cqBhU7
ZxHXfOM2mva2WkfjXxBqPCcs5EX+aE0znFvQEhcwKZ7MRrq1Y7gz4SzrdG4gxjll
uRDT6vDLCr6weuBbopI2p052/IvoqmDAZuO/C7oF3lNk5DTuosCL1M7P2ISpxthl
3QP7lgP5Hkzy/R2lMzIICStdC68QFuzlXkfK87aucmyR0j+uav8gimfqEjYbmikQ
kyAPBF6aH0FsJ5xb2+RxNLj71YcG+UNpTDXWi3FE+T1zLzMv9xc/CCCc0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLu+vJCz8bsdfqUg89k0NPS3y5l1MB8GA1UdIwQY
MBaAFIzyevWGMEXPqLWLHid2krnh043tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hYjdlZmItMmQ2MC00ZTY5LTllMDYt
MDFjOTk2ZTBiN2U3LzEvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hYjdlZmItMmQ2MC00ZTY5LTllMDYtMDFjOTk2ZTBiN2U3
LzEvalBKNjlZWXdSYy1vdFlzZUozYVN1ZUhUamUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAczRFgUay
Y90ICd+qjDmeNdrqz+NeATy52z9sXrevRcL6TTj4cXthbJ53fjSRxsRqnOHVmg2L
NUofwSs2BRihTV540Z++E7GUV84ySbnuwYYzBz9lxQ8J2qv+tdZifmQl2Bz7Br60
03WdFhmy2brw5e2bB5caLFBs9F7YXBzjSxMSDY05FFyUkqaIoTr98NRTqs9L9J+9
7Ox7LHu12AKSpwoBbZmBw2UsAbX3pe6+BdBhG5n6e8hyt9Fo9K3Zz6+98P6kszfD
P6qv70PE6X4JNtTUvI22SVANl2qOoArq8Wzx2WpIAmt5Ix1GDfUeg1cGgKj/deCr
OM/mYwpxxcJWrQ==
-----END CERTIFICATE-----