Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
File:                     _9YayMVuOP32EjgDbHNUcnADRjE.mft (raw, json)
Hash identifier:          pGRYI7RQIBrBIMYM+a1h/xfD2WD1LkA8ZvTH8JnM010=
Subject key identifier:   B1:3F:66:86:C0:C3:A6:3A:DC:C0:B3:58:20:F1:47:12:3F:8D:29:81
Authority key identifier: FF:D6:1A:C8:C5:6E:38:FD:F6:12:38:03:6C:73:54:72:70:03:46:31
Certificate issuer:       /CN=ffd61ac8c56e38fdf61238036c73547270034631
Certificate serial:       0197499EE5EA28379CF4FA071AF8F58E749E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
Manifest number:          157C
Signing time:             Sat 07 Jun 2025 09:00:39 +0000
Manifest this update:     Sat 07 Jun 2025 09:00:39 +0000
Manifest next update:     Sun 08 Jun 2025 09:00:39 +0000
Files and hashes:         1: _9YayMVuOP32EjgDbHNUcnADRjE.crl (hash: 4STCSbpryR90b/+HYqPxt3j1vwEQ2j4tcv2k8/L7c74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:9e:e5:ea:28:37:9c:f4:fa:07:1a:f8:f5:8e:74:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffd61ac8c56e38fdf61238036c73547270034631
        Validity
            Not Before: Jun  7 09:00:39 2025 GMT
            Not After : Jun  8 09:00:39 2025 GMT
        Subject: CN=b13f6686c0c3a63adcc0b35820f147123f8d2981
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:7a:4c:df:ea:6e:09:65:81:02:b2:3b:67:a9:
                    d2:ba:ba:3e:2b:0c:b3:82:4c:db:d7:f0:37:12:91:
                    e4:0a:9a:3a:95:ab:61:b2:ff:70:27:81:c0:0f:81:
                    28:e2:bb:2a:24:d3:cb:df:f5:9a:ac:e3:68:22:a1:
                    62:5c:fc:f5:61:dd:87:c3:db:f1:a9:45:1c:35:ae:
                    6d:ca:8f:96:a3:b1:3e:ca:27:a5:20:80:6c:cc:6d:
                    8e:e8:9f:d6:e6:ac:ba:a9:67:15:a1:47:54:34:0f:
                    fb:44:8c:f9:d4:a8:46:84:4f:c8:5a:a7:1c:7c:a6:
                    09:82:96:49:69:fc:30:97:fd:5c:04:4c:b6:2d:9a:
                    67:fd:81:43:1b:81:33:06:68:3b:ba:11:46:af:45:
                    b0:12:eb:9f:06:a8:b8:89:24:59:61:f9:1d:17:e7:
                    9d:7b:e6:01:a4:f2:71:b4:e9:5c:b2:9c:48:39:c0:
                    bb:34:58:7e:84:9b:e3:53:30:95:70:b1:13:f9:e0:
                    a9:f8:92:a5:ce:ff:2f:72:cd:ea:1c:8b:07:e4:fa:
                    fc:a6:34:23:a6:5c:0b:77:03:0f:57:10:50:48:10:
                    a2:c5:d8:46:ae:5a:f6:02:5e:0b:0a:82:36:27:d2:
                    e7:b3:dd:c1:54:a6:e2:ce:91:54:60:fd:d6:5d:ec:
                    f9:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:3F:66:86:C0:C3:A6:3A:DC:C0:B3:58:20:F1:47:12:3F:8D:29:81
            X509v3 Authority Key Identifier:
                keyid:FF:D6:1A:C8:C5:6E:38:FD:F6:12:38:03:6C:73:54:72:70:03:46:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:64:62:b5:33:6b:79:5a:06:53:6b:3c:29:c1:b2:50:e9:c2:
         c7:3a:1b:a9:91:94:2d:d3:2b:6b:1e:10:a3:56:30:f0:0d:e9:
         6c:6f:1f:13:5a:7a:e7:de:33:27:20:b6:a7:7e:69:f4:dd:74:
         c6:7a:dd:05:00:a1:ec:59:34:fb:27:f5:fc:b9:92:e3:86:85:
         ed:b7:37:87:53:d4:87:b1:40:43:b7:a7:e5:2e:ea:7a:1e:10:
         02:04:31:d9:3c:72:07:11:3e:26:f4:13:38:0c:d5:a6:37:ab:
         51:06:66:e6:ca:94:39:9f:ee:7b:d8:9a:d8:1d:47:85:a7:d4:
         51:24:5e:35:44:32:68:a6:5e:8b:89:4e:72:7e:d8:09:52:61:
         b1:66:7c:2e:6e:92:c2:15:d5:67:5d:64:79:0e:13:70:89:fa:
         dc:99:23:cc:ad:a6:5a:01:f1:87:2f:a1:90:37:d3:3d:3c:36:
         3d:36:2f:a4:7d:45:d8:bd:aa:fd:c0:79:c4:46:f9:13:f4:8c:
         54:35:d6:4d:e6:f0:67:5d:18:13:a1:53:45:5a:4c:bc:31:e5:
         d4:9a:d8:89:65:15:40:46:f5:4d:89:48:e5:f6:e0:73:fc:9c:
         62:10:eb:1d:cc:5e:7f:1f:e8:0a:32:a0:53:fe:47:86:6c:fe:
         ee:ee:e5:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJnuXqKDec9PoHGvj1jnSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZDYxYWM4YzU2ZTM4ZmRmNjEyMzgwMzZjNzM1NDcyNzAw
MzQ2MzEwHhcNMjUwNjA3MDkwMDM5WhcNMjUwNjA4MDkwMDM5WjAzMTEwLwYDVQQD
EyhiMTNmNjY4NmMwYzNhNjNhZGNjMGIzNTgyMGYxNDcxMjNmOGQyOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXpM3+puCWWBArI7Z6nSuro+Kwyz
gkzb1/A3EpHkCpo6lathsv9wJ4HAD4Eo4rsqJNPL3/WarONoIqFiXPz1Yd2Hw9vx
qUUcNa5tyo+Wo7E+yielIIBszG2O6J/W5qy6qWcVoUdUNA/7RIz51KhGhE/IWqcc
fKYJgpZJafwwl/1cBEy2LZpn/YFDG4EzBmg7uhFGr0WwEuufBqi4iSRZYfkdF+ed
e+YBpPJxtOlcspxIOcC7NFh+hJvjUzCVcLET+eCp+JKlzv8vcs3qHIsH5Pr8pjQj
plwLdwMPVxBQSBCixdhGrlr2Al4LCoI2J9Lns93BVKbizpFUYP3WXez5aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLE/ZobAw6Y63MCzWCDxRxI/jSmBMB8GA1UdIwQY
MBaAFP/WGsjFbjj99hI4A2xzVHJwA0YxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8xNGQ3YjgtYWZjZS00NWExLWIyNzIt
MDRkOTZmYTgzZDA3LzEvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8xNGQ3YjgtYWZjZS00NWExLWIyNzItMDRkOTZmYTgzZDA3
LzEvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFGRitTNr
eVoGU2s8KcGyUOnCxzobqZGULdMrax4Qo1Yw8A3pbG8fE1p6594zJyC2p35p9N10
xnrdBQCh7Fk0+yf1/LmS44aF7bc3h1PUh7FAQ7en5S7qeh4QAgQx2TxyBxE+JvQT
OAzVpjerUQZm5sqUOZ/ue9ia2B1HhafUUSReNUQyaKZei4lOcn7YCVJhsWZ8Lm6S
whXVZ11keQ4TcIn63JkjzK2mWgHxhy+hkDfTPTw2PTYvpH1F2L2q/cB5xEb5E/SM
VDXWTebwZ10YE6FTRVpMvDHl1JrYiWUVQEb1TYlI5fbgc/ycYhDrHcxefx/oCjKg
U/5Hhmz+7u7lww==
-----END CERTIFICATE-----