Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
File:                     tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft (raw, json)
Hash identifier:          gsKOxyZLe1vVw6qqr4tOKve8jcRnnNRFCX7MnyvzCh4=
Subject key identifier:   E1:D8:7E:39:32:97:57:34:AE:FB:E5:15:1B:97:19:50:AB:20:6E:7C
Authority key identifier: B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB
Certificate issuer:       /CN=b539831835c87c7501f6c37cb48e60a795a394bb
Certificate serial:       0197488CD8C5A300D62F970434BFF173C082
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 04:01:19 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:19 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:19 +0000
Files and hashes:         1: tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl (hash: sUDTUCI4pBryxDwK/Lo8fURgRHmkdlBHcFgMtORy/Fc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:d8:c5:a3:00:d6:2f:97:04:34:bf:f1:73:c0:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b539831835c87c7501f6c37cb48e60a795a394bb
        Validity
            Not Before: Jun  7 04:01:19 2025 GMT
            Not After : Jun  8 04:01:19 2025 GMT
        Subject: CN=e1d87e3932975734aefbe5151b971950ab206e7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:0e:4e:4b:60:0f:57:56:8b:b6:11:ff:7c:cc:
                    2d:cd:ac:84:50:40:79:48:0f:48:41:fd:75:c2:a8:
                    df:80:30:43:d8:fd:b8:03:ae:31:21:8e:99:15:05:
                    90:07:22:01:ec:c1:89:30:a7:c3:f7:23:23:1a:d0:
                    e0:a0:fc:cf:a3:93:04:d3:67:19:3c:c6:8c:63:76:
                    0e:5e:e1:a8:33:ee:fc:77:6a:66:ac:f0:b4:f2:c1:
                    b5:fa:f0:45:58:d4:d8:e7:b8:19:28:54:41:ba:88:
                    10:44:7c:4d:4a:2c:b0:94:36:30:f2:b5:f3:34:f9:
                    f0:0a:16:e3:4b:5e:92:4e:2e:0a:6a:30:33:a1:0a:
                    f6:89:19:86:01:82:40:a1:09:7f:d6:a7:ca:a9:5a:
                    b5:99:ef:7a:52:b9:cb:9e:a6:58:47:5c:b5:20:ab:
                    46:ff:c6:67:7e:58:4d:3c:d8:85:30:d4:69:b7:f0:
                    88:f8:28:28:a7:c8:13:74:33:b8:61:c2:8b:75:79:
                    c5:ab:e4:8b:84:93:69:72:1a:7a:4f:92:8d:35:fa:
                    de:2c:6a:70:c2:6f:d1:7e:c5:3e:fe:c1:22:bc:0b:
                    9f:b3:69:f0:7c:7a:ba:18:b5:a4:be:1e:3a:54:6f:
                    da:92:d7:66:ac:40:de:c0:1c:e8:1c:fa:19:84:9d:
                    c9:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:D8:7E:39:32:97:57:34:AE:FB:E5:15:1B:97:19:50:AB:20:6E:7C
            X509v3 Authority Key Identifier:
                keyid:B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:7c:8f:6c:c4:fb:fe:b5:3c:52:13:63:a5:7a:f4:ce:3d:dd:
         78:20:b9:c8:16:0f:69:37:41:25:cd:f4:4a:6d:d9:57:b1:7c:
         2c:14:08:fe:f2:17:bb:de:d5:e1:c7:f8:3a:a9:cc:16:a8:d4:
         0c:d1:c5:7f:80:d7:e2:2c:4f:db:55:95:d8:ba:21:c4:4f:b5:
         75:ab:2b:6b:ca:2f:c5:76:13:4d:4e:e9:93:40:65:b9:8b:92:
         01:31:01:66:7d:b3:f3:ca:38:a2:2c:eb:42:fa:0e:7b:f1:62:
         a9:63:67:93:91:61:5e:fa:5d:bf:ba:53:4e:23:e3:59:ec:a4:
         eb:bc:86:43:a6:0d:44:38:89:8a:3c:c0:57:47:11:4f:9a:51:
         8c:53:9b:25:a9:8e:31:8b:69:3c:f8:2b:02:78:7b:45:1e:95:
         f5:7a:da:47:8c:68:15:db:b2:bb:07:a8:9f:8b:0f:21:04:21:
         35:5c:de:3f:34:81:f3:9a:ef:50:79:89:7a:a1:e5:11:c2:39:
         12:cf:d3:27:37:01:9d:fb:ef:aa:d1:77:1b:d4:24:8b:5c:4e:
         81:45:b1:27:92:3c:52:e7:02:3b:31:dc:b7:d4:86:85:07:fc:
         5e:f8:e5:c6:d7:ac:1c:54:69:7b:60:a7:13:44:52:ed:33:16:
         b6:09:b6:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjNjFowDWL5cENL/xc8CCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Mzk4MzE4MzVjODdjNzUwMWY2YzM3Y2I0OGU2MGE3OTVh
Mzk0YmIwHhcNMjUwNjA3MDQwMTE5WhcNMjUwNjA4MDQwMTE5WjAzMTEwLwYDVQQD
EyhlMWQ4N2UzOTMyOTc1NzM0YWVmYmU1MTUxYjk3MTk1MGFiMjA2ZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwg5OS2APV1aLthH/fMwtzayEUEB5
SA9IQf11wqjfgDBD2P24A64xIY6ZFQWQByIB7MGJMKfD9yMjGtDgoPzPo5ME02cZ
PMaMY3YOXuGoM+78d2pmrPC08sG1+vBFWNTY57gZKFRBuogQRHxNSiywlDYw8rXz
NPnwChbjS16STi4KajAzoQr2iRmGAYJAoQl/1qfKqVq1me96UrnLnqZYR1y1IKtG
/8ZnflhNPNiFMNRpt/CI+Cgop8gTdDO4YcKLdXnFq+SLhJNpchp6T5KNNfreLGpw
wm/RfsU+/sEivAufs2nwfHq6GLWkvh46VG/aktdmrEDewBzoHPoZhJ3JOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOHYfjkyl1c0rvvlFRuXGVCrIG58MB8GA1UdIwQY
MBaAFLU5gxg1yHx1AfbDfLSOYKeVo5S7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMt
NDk1ZTE4ODcwMWI2LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMtNDk1ZTE4ODcwMWI2
LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATXyPbMT7
/rU8UhNjpXr0zj3deCC5yBYPaTdBJc30Sm3ZV7F8LBQI/vIXu97V4cf4OqnMFqjU
DNHFf4DX4ixP21WV2LohxE+1dasra8ovxXYTTU7pk0BluYuSATEBZn2z88o4oizr
QvoOe/FiqWNnk5FhXvpdv7pTTiPjWeyk67yGQ6YNRDiJijzAV0cRT5pRjFObJamO
MYtpPPgrAnh7RR6V9XraR4xoFduyuweon4sPIQQhNVzePzSB85rvUHmJeqHlEcI5
Es/TJzcBnfvvqtF3G9Qki1xOgUWxJ5I8UucCOzHct9SGhQf8XvjlxtesHFRpe2Cn
E0RS7TMWtgm2RQ==
-----END CERTIFICATE-----