Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
File:                     cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft (raw, json)
Hash identifier:          lckSfL6zPvuWm6yHKZpth65w2iB5zqL/ThibytcuUP8=
Subject key identifier:   F9:41:83:98:2C:4F:E0:A3:38:AC:73:DF:50:2A:AD:75:AF:63:68:17
Authority key identifier: 70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4
Certificate issuer:       /CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
Certificate serial:       01974EC56CDDF0FC137565E0D54A7FB42F49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
Manifest number:          157C
Signing time:             Sun 08 Jun 2025 09:00:50 +0000
Manifest this update:     Sun 08 Jun 2025 09:00:50 +0000
Manifest next update:     Mon 09 Jun 2025 09:00:50 +0000
Files and hashes:         1: cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl (hash: CNgp+4FmR1A8QygOREZ6dOyD+Nr/Eu5Fk3ZoJqmcAlk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:c5:6c:dd:f0:fc:13:75:65:e0:d5:4a:7f:b4:2f:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
        Validity
            Not Before: Jun  8 09:00:50 2025 GMT
            Not After : Jun  9 09:00:50 2025 GMT
        Subject: CN=f94183982c4fe0a338ac73df502aad75af636817
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ea:3c:f1:eb:e7:4b:0b:d6:9b:5c:0a:97:00:
                    01:87:93:c6:76:b1:41:0d:d4:3f:b6:42:3d:b4:89:
                    97:9a:31:d1:50:bc:9f:e0:f9:91:91:1b:2c:ad:96:
                    9f:b8:a3:71:c1:db:9a:ce:83:56:d9:38:0d:e4:4c:
                    df:7d:9b:6f:53:62:64:5a:19:a2:6d:a9:d9:77:34:
                    89:43:54:9b:1b:1b:4a:1f:e7:70:a6:9f:c7:c0:de:
                    78:57:4a:4e:46:2d:b2:33:a0:74:1e:95:b0:23:ad:
                    cf:80:5a:17:8f:0f:93:aa:08:44:62:67:70:41:c7:
                    a1:cf:d9:06:33:5c:69:51:bf:10:19:e1:24:eb:6c:
                    69:f3:38:75:e4:34:f8:e3:05:e0:ba:8f:ee:af:c1:
                    5d:e0:d0:ea:fa:66:98:9a:d2:ab:8c:c3:71:81:37:
                    1c:e2:44:2e:04:ea:fb:3f:dd:15:91:05:8c:02:36:
                    f9:bb:b1:40:57:9e:fe:f0:5c:01:6b:56:c8:e4:39:
                    34:10:2e:52:65:d6:4b:a3:fa:2d:ce:15:b3:1c:90:
                    86:4f:5c:25:33:c5:aa:89:62:47:35:df:fa:b1:90:
                    17:8c:7c:63:10:46:85:d1:d0:fa:3c:5b:82:5e:6e:
                    7c:58:44:7c:90:b9:ce:6f:14:8b:08:4a:06:1d:8b:
                    35:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:41:83:98:2C:4F:E0:A3:38:AC:73:DF:50:2A:AD:75:AF:63:68:17
            X509v3 Authority Key Identifier:
                keyid:70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:9a:4c:cf:51:0d:17:77:f9:f9:e9:8a:9a:d8:8c:7b:10:6e:
         c9:9c:84:72:29:fc:f6:da:55:c1:b6:e4:53:c3:53:00:34:e0:
         8c:de:c1:e9:50:ff:18:88:d1:8b:52:71:a6:0f:7e:4d:b5:2c:
         a0:19:dd:5c:c3:fe:58:3b:21:0a:08:e2:04:a8:f2:24:b8:b8:
         b8:f7:eb:13:ec:03:e4:94:df:33:57:72:96:7b:05:91:3f:76:
         37:f5:84:6c:50:18:e2:1c:41:8e:ce:7e:28:a0:1b:14:3c:da:
         0b:96:9c:76:2a:db:78:d6:78:1a:39:3a:ed:d9:b7:ad:bd:71:
         c2:f0:4a:be:47:0f:97:6a:d1:ea:a4:8a:d3:7c:5a:e3:6f:21:
         34:de:f4:23:ea:b1:81:c0:18:5a:0a:54:52:52:40:f1:21:d1:
         b1:e0:4a:a5:e4:21:a6:63:3d:c2:46:7c:79:61:ec:ca:6d:fd:
         6c:5e:71:40:dd:c0:d3:ce:60:5a:55:88:f2:8f:1f:ff:d9:38:
         55:10:72:1b:19:50:c2:f1:73:0c:bc:35:a7:27:04:ce:e8:13:
         95:a7:fa:5f:12:ea:57:9a:00:37:42:f8:80:53:25:fa:bf:66:
         8e:7e:25:43:f7:e6:5a:df:56:69:00:d8:8b:72:12:49:fa:ee:
         00:f5:32:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxWzd8PwTdWXg1Up/tC9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjQxM2ZhNzgyYTMwNDI4MzBkYTIzYWEzZjM1OTRhN2Q1
ZWEyZjQwHhcNMjUwNjA4MDkwMDUwWhcNMjUwNjA5MDkwMDUwWjAzMTEwLwYDVQQD
EyhmOTQxODM5ODJjNGZlMGEzMzhhYzczZGY1MDJhYWQ3NWFmNjM2ODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeo88evnSwvWm1wKlwABh5PGdrFB
DdQ/tkI9tImXmjHRULyf4PmRkRssrZafuKNxwduazoNW2TgN5EzffZtvU2JkWhmi
banZdzSJQ1SbGxtKH+dwpp/HwN54V0pORi2yM6B0HpWwI63PgFoXjw+TqghEYmdw
Qcehz9kGM1xpUb8QGeEk62xp8zh15DT44wXguo/ur8Fd4NDq+maYmtKrjMNxgTcc
4kQuBOr7P90VkQWMAjb5u7FAV57+8FwBa1bI5Dk0EC5SZdZLo/otzhWzHJCGT1wl
M8WqiWJHNd/6sZAXjHxjEEaF0dD6PFuCXm58WER8kLnObxSLCEoGHYs1ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlBg5gsT+CjOKxz31AqrXWvY2gXMB8GA1UdIwQY
MBaAFHC0E/p4KjBCgw2iOqPzWUp9XqL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2Et
YTMxMzdiYzgzZDBhLzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2EtYTMxMzdiYzgzZDBh
LzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATppMz1EN
F3f5+emKmtiMexBuyZyEcin89tpVwbbkU8NTADTgjN7B6VD/GIjRi1Jxpg9+TbUs
oBndXMP+WDshCgjiBKjyJLi4uPfrE+wD5JTfM1dylnsFkT92N/WEbFAY4hxBjs5+
KKAbFDzaC5acdirbeNZ4Gjk67dm3rb1xwvBKvkcPl2rR6qSK03xa428hNN70I+qx
gcAYWgpUUlJA8SHRseBKpeQhpmM9wkZ8eWHsym39bF5xQN3A085gWlWI8o8f/9k4
VRByGxlQwvFzDLw1pycEzugTlaf6XxLqV5oAN0L4gFMl+r9mjn4lQ/fmWt9WaQDY
i3ISSfruAPUyaw==
-----END CERTIFICATE-----