Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          rd2dThWH6QJaQnNP4nR1RITSKJle4gcoMFeJP/cO7As=
Subject key identifier:   8B:4D:92:83:60:BA:CE:65:D9:58:D1:ED:DD:6A:AA:A7:8F:05:DE:CC
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       01974E57938E7815284B717DDD35D4151D67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          157D
Signing time:             Sun 08 Jun 2025 07:00:51 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:51 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:51 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: zeC/L7fkpWzvWhWGcvPzhvju7wiWIcDdpFtp1nW6HKg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:93:8e:78:15:28:4b:71:7d:dd:35:d4:15:1d:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: Jun  8 07:00:51 2025 GMT
            Not After : Jun  9 07:00:51 2025 GMT
        Subject: CN=8b4d928360bace65d958d1eddd6aaaa78f05decc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:57:c8:4d:d7:02:9d:71:2b:b5:84:c9:5a:41:
                    26:5c:9c:c1:ad:c8:c0:da:dc:e3:25:7e:c7:a7:ea:
                    a5:46:7b:8c:59:f5:5b:a2:95:12:47:09:90:42:7c:
                    2b:3e:d6:af:b5:92:07:44:f4:b3:ef:ad:df:e3:bf:
                    45:be:f8:61:e3:cd:3f:7d:75:3a:a1:8f:27:29:1e:
                    fa:9a:6f:fe:b6:1b:b3:a7:05:1b:0a:0f:e4:b8:ba:
                    fd:07:06:f4:97:b9:f7:87:e6:20:6e:ce:08:55:fd:
                    8c:84:01:68:d0:ef:43:9b:ae:b5:59:fe:50:ec:36:
                    dc:ac:24:3d:1f:04:3b:80:fc:b8:f4:c6:d3:c3:07:
                    6d:a1:77:b6:0d:ec:e9:38:6b:16:66:ad:a4:94:25:
                    3a:85:3b:b3:12:d4:fd:05:dd:4a:b5:13:b8:e1:60:
                    3b:c1:27:6c:63:86:6e:3e:4a:2d:bf:67:af:e5:6c:
                    33:d3:bb:23:a5:6b:d1:0f:a7:59:6d:40:58:d0:da:
                    15:84:41:40:b2:1e:cb:f8:02:d0:70:4c:ed:e0:e8:
                    a0:fe:9e:8c:20:df:13:9f:a0:b3:07:64:98:a4:08:
                    99:4a:f2:b9:80:8c:94:8f:f6:4a:72:2f:55:b2:bc:
                    07:45:83:05:84:53:3b:27:f6:76:65:76:e0:59:87:
                    9f:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:4D:92:83:60:BA:CE:65:D9:58:D1:ED:DD:6A:AA:A7:8F:05:DE:CC
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:db:3d:0a:0b:e8:92:c8:fb:a0:5c:22:21:ef:df:c6:ce:fb:
         aa:f9:14:95:9a:b9:ce:f1:1d:ac:39:1b:b1:51:60:0e:03:5f:
         c2:7f:35:37:01:29:d3:8f:b2:8a:b8:f2:cc:48:8b:a4:57:a0:
         ff:a1:70:8e:cc:b8:57:28:2b:dd:e9:28:c8:3e:25:01:38:03:
         22:cb:11:22:24:25:c2:dc:40:4f:a2:2e:c7:42:c0:0b:68:d3:
         98:3a:16:4b:7e:4d:8b:7c:4a:62:dd:fb:93:74:0f:e2:2c:10:
         0c:73:50:22:96:f4:e5:66:37:72:1d:17:f2:76:14:3f:fa:de:
         32:9a:7e:fc:3b:b3:b4:35:a5:38:a1:7b:ee:c7:16:57:e0:2f:
         1d:94:7f:16:9f:b4:49:b4:6c:58:b4:c2:90:d9:56:6b:1f:fb:
         69:1d:0e:1a:da:40:c6:84:46:1b:78:54:62:0e:94:6d:4e:cf:
         77:e8:01:af:85:d1:d8:43:a0:91:e1:be:34:89:2e:05:85:50:
         bc:39:44:a9:c5:a5:59:1a:77:4c:dd:a0:cb:95:62:d8:24:ff:
         3f:6b:4f:4a:d1:bd:88:42:d1:65:f0:0f:95:08:7f:bc:33:3b:
         0c:46:14:28:c4:49:be:7e:51:68:30:eb:5a:ba:c9:be:48:c2:
         21:b6:44:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV5OOeBUoS3F93TXUFR1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjUwNjA4MDcwMDUxWhcNMjUwNjA5MDcwMDUxWjAzMTEwLwYDVQQD
Eyg4YjRkOTI4MzYwYmFjZTY1ZDk1OGQxZWRkZDZhYWFhNzhmMDVkZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlfITdcCnXErtYTJWkEmXJzBrcjA
2tzjJX7Hp+qlRnuMWfVbopUSRwmQQnwrPtavtZIHRPSz763f479Fvvhh480/fXU6
oY8nKR76mm/+thuzpwUbCg/kuLr9Bwb0l7n3h+Ygbs4IVf2MhAFo0O9Dm661Wf5Q
7DbcrCQ9HwQ7gPy49MbTwwdtoXe2DezpOGsWZq2klCU6hTuzEtT9Bd1KtRO44WA7
wSdsY4ZuPkotv2ev5Wwz07sjpWvRD6dZbUBY0NoVhEFAsh7L+ALQcEzt4Oig/p6M
IN8Tn6CzB2SYpAiZSvK5gIyUj/ZKci9VsrwHRYMFhFM7J/Z2ZXbgWYef1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItNkoNgus5l2VjR7d1qqqePBd7MMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeNs9Cgvo
ksj7oFwiIe/fxs77qvkUlZq5zvEdrDkbsVFgDgNfwn81NwEp04+yirjyzEiLpFeg
/6Fwjsy4Vygr3ekoyD4lATgDIssRIiQlwtxAT6Iux0LAC2jTmDoWS35Ni3xKYt37
k3QP4iwQDHNQIpb05WY3ch0X8nYUP/reMpp+/DuztDWlOKF77scWV+AvHZR/Fp+0
SbRsWLTCkNlWax/7aR0OGtpAxoRGG3hUYg6UbU7Pd+gBr4XR2EOgkeG+NIkuBYVQ
vDlEqcWlWRp3TN2gy5Vi2CT/P2tPStG9iELRZfAPlQh/vDM7DEYUKMRJvn5RaDDr
WrrJvkjCIbZEIQ==
-----END CERTIFICATE-----