Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          hZm1d5apAV6wWkgz2OKKZIlra0wVqt0TmlBPz4UmXxM=
Subject key identifier:   BE:49:20:E1:D6:26:77:D7:43:F9:9E:7E:E7:D0:C9:58:CB:FC:71:7B
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       01974E8E729290C41A3D26E903BE857D36E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          157D
Signing time:             Sun 08 Jun 2025 08:00:47 +0000
Manifest this update:     Sun 08 Jun 2025 08:00:47 +0000
Manifest next update:     Mon 09 Jun 2025 08:00:47 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: OEcJQ4gYi6ZhSOn5+FhpdMyyDZDh2Q/UgjXV++JiDh8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:8e:72:92:90:c4:1a:3d:26:e9:03:be:85:7d:36:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: Jun  8 08:00:47 2025 GMT
            Not After : Jun  9 08:00:47 2025 GMT
        Subject: CN=be4920e1d62677d743f99e7ee7d0c958cbfc717b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c6:45:17:4d:2d:74:c2:fe:34:2b:e6:49:3a:
                    e6:4e:79:d1:8e:62:ec:5c:53:5b:d6:01:5f:56:78:
                    6c:e5:7a:e1:47:ca:1f:ff:c5:3a:e6:70:97:bf:ac:
                    52:74:62:25:0c:34:0b:18:8d:ff:28:09:59:7c:ec:
                    e0:49:14:58:e2:2f:7c:8a:f9:ad:2b:7e:64:23:2a:
                    ad:65:0e:79:bf:b6:3b:46:75:e8:1a:99:f6:cd:04:
                    9d:b8:28:d0:6c:6e:95:5f:8f:6d:01:60:17:35:02:
                    e4:b4:36:28:2e:d5:25:89:02:74:ab:bc:15:0d:ed:
                    f0:9f:9d:ed:4e:0f:f6:c2:d3:d9:11:27:1d:b3:cf:
                    fb:9a:db:2a:b2:60:93:67:7d:05:e4:24:7f:87:9b:
                    d9:87:ba:32:db:a6:06:71:29:ff:8f:57:47:7f:93:
                    85:d8:8a:d3:aa:02:6b:9b:ea:34:cf:a6:04:14:93:
                    d0:6d:e5:07:f4:b5:61:0b:ac:f5:c7:f9:84:ec:59:
                    96:ec:b9:c0:c9:e6:08:38:ff:22:6f:4e:c4:9a:3e:
                    cb:d2:64:51:5f:c0:81:42:eb:7c:fd:07:9f:8d:55:
                    3f:ee:bd:e9:36:c3:bf:86:a9:9c:1a:a4:bd:28:e2:
                    5a:2a:35:61:a5:1e:7f:d1:84:0b:de:dc:f6:9b:9a:
                    02:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:49:20:E1:D6:26:77:D7:43:F9:9E:7E:E7:D0:C9:58:CB:FC:71:7B
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:5c:87:a1:eb:54:5b:9a:bb:ec:a7:25:f0:12:18:37:3e:e1:
         30:4f:9c:9a:ed:a0:ba:be:77:39:17:3f:b1:43:82:e5:6b:78:
         73:e0:6e:96:7d:3d:b3:8f:69:9d:73:df:65:a4:f9:94:8b:33:
         f8:eb:bd:78:07:12:07:85:1c:a5:28:3b:e9:f1:e9:f9:15:b9:
         ef:60:b2:ea:ba:8e:35:b5:b5:86:3d:e4:67:19:24:37:89:75:
         84:d8:e4:3f:5a:50:2d:6c:bb:32:8e:eb:4b:c3:1f:4d:92:23:
         9e:e9:42:61:dd:8e:4b:c5:b6:5e:4a:97:97:69:96:b4:eb:e7:
         9c:67:d7:e2:1c:c7:d0:bf:18:d1:8d:8a:2b:94:4a:e5:85:38:
         80:c7:e7:c4:e8:88:92:7e:3d:10:9e:2a:35:34:7b:fe:0c:c3:
         f4:fa:85:58:3f:c8:66:5d:97:23:ad:05:06:5a:27:75:85:45:
         ac:03:48:33:39:69:2c:5f:de:3e:09:a8:81:d0:76:b4:d2:fd:
         76:5d:84:10:1f:c7:61:bd:dc:e1:1b:6b:ac:ff:fb:a8:64:10:
         15:c5:1a:f4:3f:71:a0:4f:30:dc:85:c1:0c:c0:a0:d9:42:f9:
         86:10:8a:b6:c1:9b:2d:88:24:f0:b0:d5:fe:44:d3:80:3f:8a:
         84:94:24:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOjnKSkMQaPSbpA76FfTblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjUwNjA4MDgwMDQ3WhcNMjUwNjA5MDgwMDQ3WjAzMTEwLwYDVQQD
EyhiZTQ5MjBlMWQ2MjY3N2Q3NDNmOTllN2VlN2QwYzk1OGNiZmM3MTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcZFF00tdML+NCvmSTrmTnnRjmLs
XFNb1gFfVnhs5XrhR8of/8U65nCXv6xSdGIlDDQLGI3/KAlZfOzgSRRY4i98ivmt
K35kIyqtZQ55v7Y7RnXoGpn2zQSduCjQbG6VX49tAWAXNQLktDYoLtUliQJ0q7wV
De3wn53tTg/2wtPZEScds8/7mtsqsmCTZ30F5CR/h5vZh7oy26YGcSn/j1dHf5OF
2IrTqgJrm+o0z6YEFJPQbeUH9LVhC6z1x/mE7FmW7LnAyeYIOP8ib07Emj7L0mRR
X8CBQut8/QefjVU/7r3pNsO/hqmcGqS9KOJaKjVhpR5/0YQL3tz2m5oCtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5JIOHWJnfXQ/mefufQyVjL/HF7MB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdVyHoetU
W5q77Kcl8BIYNz7hME+cmu2gur53ORc/sUOC5Wt4c+Buln09s49pnXPfZaT5lIsz
+Ou9eAcSB4UcpSg76fHp+RW572Cy6rqONbW1hj3kZxkkN4l1hNjkP1pQLWy7Mo7r
S8MfTZIjnulCYd2OS8W2XkqXl2mWtOvnnGfX4hzH0L8Y0Y2KK5RK5YU4gMfnxOiI
kn49EJ4qNTR7/gzD9PqFWD/IZl2XI60FBlondYVFrANIMzlpLF/ePgmogdB2tNL9
dl2EEB/HYb3c4RtrrP/7qGQQFcUa9D9xoE8w3IXBDMCg2UL5hhCKtsGbLYgk8LDV
/kTTgD+KhJQkKQ==
-----END CERTIFICATE-----