Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
File:                     ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft (raw, json)
Hash identifier:          lK82D/8oijP1FLgNoUkmpTekkGfPzIRripLvB0Kmy1w=
Subject key identifier:   81:A9:C5:FE:14:C5:54:49:25:13:86:37:F5:F2:66:B2:D2:F1:79:75
Authority key identifier: 44:EC:ED:E7:E0:FF:BD:30:8A:CB:91:12:13:68:DF:8D:6C:B2:E9:61
Certificate issuer:       /CN=44ecede7e0ffbd308acb91121368df8d6cb2e961
Certificate serial:       019748FAAB19E7E04F1FAE603841DBFA4DD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 06:01:16 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:16 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:16 +0000
Files and hashes:         1: ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl (hash: T3I43XNbeP/YI32bhlZFW9uOfbTMJDzLZ+OWnB4Xdyg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:ab:19:e7:e0:4f:1f:ae:60:38:41:db:fa:4d:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecede7e0ffbd308acb91121368df8d6cb2e961
        Validity
            Not Before: Jun  7 06:01:16 2025 GMT
            Not After : Jun  8 06:01:16 2025 GMT
        Subject: CN=81a9c5fe14c5544925138637f5f266b2d2f17975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:77:e3:83:b8:2e:54:3d:d6:12:dd:8c:3c:a6:
                    68:88:25:2c:d8:96:f3:0f:f0:94:e9:4b:db:5b:55:
                    e5:30:cf:59:00:53:2c:ff:5c:4b:48:49:ec:c0:6f:
                    00:f4:14:53:e6:a3:7b:c8:90:e7:e2:f4:41:1f:d3:
                    f9:23:ff:a1:fe:1d:93:e1:c2:f7:f1:32:8b:0b:e0:
                    1a:fe:c7:8f:e9:82:fb:f7:9c:6b:d2:c8:3c:e6:5e:
                    30:c9:16:35:cb:17:4e:f0:c6:2a:f1:fb:1d:b2:b2:
                    6b:8e:06:4c:23:a1:81:71:2b:89:af:aa:33:49:6d:
                    64:16:30:c4:3d:1a:b9:4c:f7:19:fa:cb:bc:cb:18:
                    06:e5:3e:f1:86:bf:84:75:5c:16:1c:5c:d7:6d:d1:
                    3e:c3:0b:62:e9:99:8d:41:99:d9:b0:05:55:9a:d9:
                    e7:e3:9d:ee:25:f3:c1:3d:3d:5d:e8:30:c5:94:72:
                    c7:9b:58:5a:ab:11:0a:3e:3a:05:04:fb:8b:2c:ef:
                    b0:b0:80:27:11:21:cc:71:b0:35:ce:34:4a:00:6a:
                    01:e4:1a:e6:7f:10:18:96:48:b1:7a:1c:ce:50:8d:
                    5e:07:7f:f5:e8:3b:a2:1f:0d:f4:a4:a4:ca:63:30:
                    a4:ec:6e:c1:9c:0f:12:6c:91:f5:f1:59:0f:e1:26:
                    a1:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:A9:C5:FE:14:C5:54:49:25:13:86:37:F5:F2:66:B2:D2:F1:79:75
            X509v3 Authority Key Identifier:
                keyid:44:EC:ED:E7:E0:FF:BD:30:8A:CB:91:12:13:68:DF:8D:6C:B2:E9:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:14:bd:7e:3f:3f:65:c9:20:2d:1d:b5:c8:f9:8e:b2:ec:df:
         e9:38:63:c6:d7:46:5c:4b:b3:3b:d3:01:22:06:6c:74:51:ed:
         12:9a:ff:5e:bc:1d:5f:5f:b6:a5:49:2d:86:7f:5a:04:35:c8:
         82:18:86:c7:22:4c:ca:6d:d5:c5:bb:5b:36:8a:d6:58:51:e7:
         f5:79:c0:51:d4:84:30:43:b1:53:ee:37:25:60:f9:72:04:b9:
         76:d4:1c:53:f8:0f:48:5f:dd:5f:e7:72:50:a1:cf:01:ad:fc:
         af:c8:d0:c5:4a:df:7f:5d:90:cd:02:69:79:c3:95:fb:a6:e0:
         01:54:8d:5b:4f:7b:b2:ea:64:df:fd:e0:15:a2:a6:92:85:03:
         7a:9b:87:16:2b:d9:4a:5a:12:56:11:2a:2c:c5:8a:5e:42:92:
         e7:7f:2b:7f:9a:c8:e3:f2:10:39:17:aa:c1:66:12:14:da:fd:
         7b:fe:28:55:02:b3:fc:90:0f:2c:20:f9:8e:19:67:22:6f:de:
         2f:a3:a8:90:c3:e2:d6:7e:a9:a1:c9:16:89:af:5e:b0:f5:7c:
         4c:1b:9b:8b:33:9a:96:13:40:09:1e:f1:17:bb:01:43:7d:1b:
         46:a8:6e:6f:1a:a6:5b:52:64:93:25:4d:6a:75:00:c8:08:06:
         0d:9d:aa:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+qsZ5+BPH65gOEHb+k3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlZGU3ZTBmZmJkMzA4YWNiOTExMjEzNjhkZjhkNmNi
MmU5NjEwHhcNMjUwNjA3MDYwMTE2WhcNMjUwNjA4MDYwMTE2WjAzMTEwLwYDVQQD
Eyg4MWE5YzVmZTE0YzU1NDQ5MjUxMzg2MzdmNWYyNjZiMmQyZjE3OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXfjg7guVD3WEt2MPKZoiCUs2Jbz
D/CU6UvbW1XlMM9ZAFMs/1xLSEnswG8A9BRT5qN7yJDn4vRBH9P5I/+h/h2T4cL3
8TKLC+Aa/seP6YL795xr0sg85l4wyRY1yxdO8MYq8fsdsrJrjgZMI6GBcSuJr6oz
SW1kFjDEPRq5TPcZ+su8yxgG5T7xhr+EdVwWHFzXbdE+wwti6ZmNQZnZsAVVmtnn
453uJfPBPT1d6DDFlHLHm1haqxEKPjoFBPuLLO+wsIAnESHMcbA1zjRKAGoB5Brm
fxAYlkixehzOUI1eB3/16DuiHw30pKTKYzCk7G7BnA8SbJH18VkP4SahWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGpxf4UxVRJJROGN/XyZrLS8Xl1MB8GA1UdIwQY
MBaAFETs7efg/70wisuREhNo341ssulhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80MzkyNzUtMzBiZi00ZjYxLWI0ZDUt
ODA5MzBiMjg0YTY5LzEvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80MzkyNzUtMzBiZi00ZjYxLWI0ZDUtODA5MzBiMjg0YTY5
LzEvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmRS9fj8/
ZckgLR21yPmOsuzf6ThjxtdGXEuzO9MBIgZsdFHtEpr/XrwdX1+2pUkthn9aBDXI
ghiGxyJMym3VxbtbNorWWFHn9XnAUdSEMEOxU+43JWD5cgS5dtQcU/gPSF/dX+dy
UKHPAa38r8jQxUrff12QzQJpecOV+6bgAVSNW097supk3/3gFaKmkoUDepuHFivZ
SloSVhEqLMWKXkKS538rf5rI4/IQOReqwWYSFNr9e/4oVQKz/JAPLCD5jhlnIm/e
L6OokMPi1n6pockWia9esPV8TBubizOalhNACR7xF7sBQ30bRqhubxqmW1JkkyVN
anUAyAgGDZ2qtA==
-----END CERTIFICATE-----