Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
File:                     dtAtj564761YOO-TGIVJb8-vHGE.mft (raw, json)
Hash identifier:          s5CXNsU0wXhOPAl3TfROxsJ4fTNhTRoU1AU7UaOh/IE=
Subject key identifier:   DB:FB:44:54:BB:2F:07:89:04:AC:05:7F:41:2E:14:B7:B6:93:FA:56
Authority key identifier: 76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61
Certificate issuer:       /CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
Certificate serial:       0197488D3BA97EB0DD8B8F7E71508CF445B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 04:01:44 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:44 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:44 +0000
Files and hashes:         1: dtAtj564761YOO-TGIVJb8-vHGE.crl (hash: tb601Ed5pyh5SvA2ZAWhPhiAWyRjp2abP4kAe3p3V/8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:3b:a9:7e:b0:dd:8b:8f:7e:71:50:8c:f4:45:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
        Validity
            Not Before: Jun  7 04:01:44 2025 GMT
            Not After : Jun  8 04:01:44 2025 GMT
        Subject: CN=dbfb4454bb2f078904ac057f412e14b7b693fa56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:e4:e9:91:86:c3:7e:78:2d:a3:80:4b:0e:14:
                    6b:23:a4:1f:f4:c8:0f:c9:a2:1e:83:ba:c3:ce:ce:
                    cf:3b:02:90:bc:9e:1b:5b:4b:51:c1:22:c6:f5:78:
                    90:7e:17:f0:78:14:89:4c:8b:88:0a:98:40:02:8d:
                    af:85:13:07:91:cd:a8:19:12:ab:77:79:c2:da:39:
                    0a:e3:62:e4:91:e1:5e:50:2a:b9:cc:d4:2c:e6:5c:
                    3d:c7:4e:63:b4:b5:73:68:33:54:7d:19:b5:2c:ad:
                    37:3d:dc:82:3e:e9:7c:e5:77:11:4b:cc:3a:4e:a9:
                    12:c9:d1:b7:8a:04:7a:2e:6c:eb:80:df:9d:1c:ba:
                    a1:db:10:4a:de:31:2d:d7:0b:72:1a:ec:1c:cf:d1:
                    85:8e:4e:05:4f:09:0e:f8:49:51:b2:2e:e2:99:77:
                    f0:3c:b4:29:92:a1:07:bb:88:5f:66:00:4b:c4:a1:
                    49:97:85:3d:39:1b:fe:63:de:9c:58:6d:ed:ae:e2:
                    62:f8:49:ec:5a:45:0f:bc:8a:9e:45:83:36:32:11:
                    90:b0:79:34:70:e0:29:7a:b7:1a:7c:61:40:74:69:
                    73:eb:03:1f:1a:a1:67:e3:ab:77:df:23:65:13:88:
                    cb:8f:5a:2e:e3:38:02:9b:b6:05:fe:0a:8a:9f:4e:
                    e6:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:FB:44:54:BB:2F:07:89:04:AC:05:7F:41:2E:14:B7:B6:93:FA:56
            X509v3 Authority Key Identifier:
                keyid:76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:ef:15:a2:37:d6:d4:90:88:97:26:a9:d6:2e:34:13:d3:0d:
         79:25:fa:44:27:7b:8b:0e:14:c2:c9:89:d9:2d:aa:52:61:fa:
         20:32:50:b0:b9:7c:2d:77:23:2e:a5:c0:b2:4f:bc:2c:89:f5:
         11:85:9f:8d:fa:9e:f6:96:38:52:31:6c:1f:da:1e:68:ed:43:
         df:3f:fb:0d:eb:59:f6:39:f6:9f:8b:1b:c6:e1:07:19:4b:61:
         d4:29:6d:93:a5:43:f8:49:9c:6e:cf:c0:74:a2:b2:40:d3:3a:
         99:7b:51:33:d6:97:e9:e0:e6:82:fa:ee:dd:99:80:c2:3f:81:
         71:6d:a3:35:1d:ce:e1:03:2e:7b:00:c5:1d:df:81:68:e9:6d:
         fa:1b:c2:1d:30:57:b8:7e:6b:f6:2e:d4:d0:5e:08:2e:dd:cc:
         33:6e:e1:10:69:be:dc:ee:81:99:6b:fd:5c:e4:6f:bf:20:da:
         c6:ca:fa:1c:c0:fd:63:0e:9f:11:e3:4d:9e:85:b2:07:3b:0d:
         d1:ad:d6:e1:a3:90:5c:90:4f:54:ac:70:2f:f7:8e:b3:75:7b:
         29:ff:ec:f7:c5:9c:71:e9:46:6d:55:dc:17:58:04:3d:19:da:
         93:6d:39:0a:d7:00:e4:3a:0f:32:49:17:30:12:e2:a3:1c:33:
         00:d3:28:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjTupfrDdi49+cVCM9EW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDAyZDhmOWViOGVmYWQ1ODM4ZWY5MzE4ODU0OTZmY2Zh
ZjFjNjEwHhcNMjUwNjA3MDQwMTQ0WhcNMjUwNjA4MDQwMTQ0WjAzMTEwLwYDVQQD
EyhkYmZiNDQ1NGJiMmYwNzg5MDRhYzA1N2Y0MTJlMTRiN2I2OTNmYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OTpkYbDfngto4BLDhRrI6Qf9MgP
yaIeg7rDzs7POwKQvJ4bW0tRwSLG9XiQfhfweBSJTIuICphAAo2vhRMHkc2oGRKr
d3nC2jkK42LkkeFeUCq5zNQs5lw9x05jtLVzaDNUfRm1LK03PdyCPul85XcRS8w6
TqkSydG3igR6LmzrgN+dHLqh2xBK3jEt1wtyGuwcz9GFjk4FTwkO+ElRsi7imXfw
PLQpkqEHu4hfZgBLxKFJl4U9ORv+Y96cWG3truJi+EnsWkUPvIqeRYM2MhGQsHk0
cOApercafGFAdGlz6wMfGqFn46t33yNlE4jLj1ou4zgCm7YF/gqKn07mRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNv7RFS7LweJBKwFf0EuFLe2k/pWMB8GA1UdIwQY
MBaAFHbQLY+euO+tWDjvkxiFSW/PrxxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2Yjgt
MDUxNjFmZjcxZDgwLzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2YjgtMDUxNjFmZjcxZDgw
LzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArO8VojfW
1JCIlyap1i40E9MNeSX6RCd7iw4UwsmJ2S2qUmH6IDJQsLl8LXcjLqXAsk+8LIn1
EYWfjfqe9pY4UjFsH9oeaO1D3z/7DetZ9jn2n4sbxuEHGUth1Cltk6VD+Emcbs/A
dKKyQNM6mXtRM9aX6eDmgvru3ZmAwj+BcW2jNR3O4QMuewDFHd+BaOlt+hvCHTBX
uH5r9i7U0F4ILt3MM27hEGm+3O6BmWv9XORvvyDaxsr6HMD9Yw6fEeNNnoWyBzsN
0a3W4aOQXJBPVKxwL/eOs3V7Kf/s98WccelGbVXcF1gEPRnak205CtcA5DoPMkkX
MBLioxwzANMozQ==
-----END CERTIFICATE-----