Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
File:                     D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft (raw, json)
Hash identifier:          yPbaRchhnRgxxjKni07TLKgnA5Kw2yWeZJmzMO1wQs8=
Subject key identifier:   20:1C:BB:30:DC:C4:66:45:E8:44:50:9F:C6:AD:AE:51:E1:16:83:9D
Authority key identifier: 0F:79:76:05:20:B7:C1:5C:2E:42:60:30:82:72:B8:49:F8:8E:D6:77
Certificate issuer:       /CN=0f79760520b7c15c2e4260308272b849f88ed677
Certificate serial:       01974EC51BB353CD3A038A52B500DAAA2CFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
Manifest number:          157E
Signing time:             Sun 08 Jun 2025 09:00:29 +0000
Manifest this update:     Sun 08 Jun 2025 09:00:29 +0000
Manifest next update:     Mon 09 Jun 2025 09:00:29 +0000
Files and hashes:         1: D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl (hash: fEVVGk6I++zI3puyKEM7tggNBf977cNubQMFP3IWm3k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:c5:1b:b3:53:cd:3a:03:8a:52:b5:00:da:aa:2c:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f79760520b7c15c2e4260308272b849f88ed677
        Validity
            Not Before: Jun  8 09:00:29 2025 GMT
            Not After : Jun  9 09:00:29 2025 GMT
        Subject: CN=201cbb30dcc46645e844509fc6adae51e116839d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ec:d6:a8:57:8f:ea:13:1c:25:f8:76:05:09:
                    24:9c:e3:09:04:c1:4e:e4:95:e6:57:6f:fa:43:de:
                    4f:5a:92:50:9f:78:27:15:33:80:b0:9b:74:a6:7e:
                    1c:c6:0f:5a:16:87:0e:e1:49:78:f1:9a:0c:a2:91:
                    8e:bf:4e:c0:34:c9:41:de:cb:a4:59:9a:81:04:ea:
                    a2:37:2b:0b:97:94:d6:f3:ca:60:c7:78:80:8a:ab:
                    33:cb:d9:69:d1:09:e4:39:5c:f5:e7:af:47:ff:2a:
                    88:32:57:7a:da:0a:da:ff:d8:bd:5a:25:39:d9:6e:
                    10:fb:27:23:4b:d3:80:d5:42:89:b5:0e:a0:b0:a5:
                    d2:8c:e7:20:92:14:72:92:24:23:c3:c0:62:1e:03:
                    ad:e8:8f:7c:28:a6:97:e9:11:10:a4:8a:d9:70:89:
                    23:6b:1a:12:2f:18:4e:1e:7f:38:32:6f:00:d4:63:
                    9d:65:29:d5:d3:16:fa:75:40:26:6d:6c:33:b1:6d:
                    15:6c:d3:b9:7a:72:72:d0:6b:60:02:5c:a3:d7:e4:
                    91:1e:7d:98:68:25:22:b4:6d:c2:66:ad:e6:f1:3e:
                    95:60:ee:6e:c7:ee:da:b7:09:ee:c5:08:08:52:f2:
                    6f:e8:41:fa:1d:fb:52:d8:72:eb:ba:a0:84:e5:14:
                    57:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:1C:BB:30:DC:C4:66:45:E8:44:50:9F:C6:AD:AE:51:E1:16:83:9D
            X509v3 Authority Key Identifier:
                keyid:0F:79:76:05:20:B7:C1:5C:2E:42:60:30:82:72:B8:49:F8:8E:D6:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d7:ad:fc:cc:08:b4:3f:2d:11:55:94:7b:c8:e1:8a:5e:7f:6f:
         33:5f:e7:03:43:a3:c6:73:89:4a:8c:ba:60:fb:43:21:d4:d4:
         c4:bc:66:d7:4b:65:fc:b9:a4:bf:ea:e7:75:24:b6:8d:08:50:
         8e:34:70:b7:ea:dd:52:c7:87:77:f9:3d:bb:3a:91:c8:8b:11:
         66:52:21:27:43:fd:e0:18:58:e2:b6:25:0b:dd:38:ec:40:3c:
         56:bd:7a:89:ae:75:61:26:9e:1d:6e:75:1b:e6:8b:92:99:a7:
         be:c7:8d:71:ef:0a:4f:95:e0:96:83:2b:5d:d5:0d:68:ab:08:
         95:37:0e:70:38:a1:d0:aa:2f:6d:60:07:9c:9e:8c:fb:12:34:
         e8:98:f1:dc:d3:a9:d0:09:ec:e6:23:cb:80:a5:21:66:ca:15:
         ae:80:65:c2:c6:1f:57:18:ff:c6:ac:5c:f5:d6:27:a9:39:df:
         42:b9:d0:08:5b:b0:f9:88:88:58:f4:c4:9f:d1:4a:80:33:8b:
         46:f8:77:b0:1a:fd:1c:a2:bf:ee:e4:5a:15:5b:47:03:99:4e:
         c8:1c:2c:c7:d8:1c:c4:cd:9a:c5:83:48:51:c7:aa:be:1f:f2:
         4b:95:c2:98:4e:c3:fe:8b:ee:70:67:8f:60:53:57:3f:2e:56:
         59:05:49:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxRuzU806A4pStQDaqiz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNzk3NjA1MjBiN2MxNWMyZTQyNjAzMDgyNzJiODQ5Zjg4
ZWQ2NzcwHhcNMjUwNjA4MDkwMDI5WhcNMjUwNjA5MDkwMDI5WjAzMTEwLwYDVQQD
EygyMDFjYmIzMGRjYzQ2NjQ1ZTg0NDUwOWZjNmFkYWU1MWUxMTY4MzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzezWqFeP6hMcJfh2BQkknOMJBMFO
5JXmV2/6Q95PWpJQn3gnFTOAsJt0pn4cxg9aFocO4Ul48ZoMopGOv07ANMlB3suk
WZqBBOqiNysLl5TW88pgx3iAiqszy9lp0QnkOVz1569H/yqIMld62gra/9i9WiU5
2W4Q+ycjS9OA1UKJtQ6gsKXSjOcgkhRykiQjw8BiHgOt6I98KKaX6REQpIrZcIkj
axoSLxhOHn84Mm8A1GOdZSnV0xb6dUAmbWwzsW0VbNO5enJy0GtgAlyj1+SRHn2Y
aCUitG3CZq3m8T6VYO5ux+7atwnuxQgIUvJv6EH6HftS2HLruqCE5RRXIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAcuzDcxGZF6ERQn8atrlHhFoOdMB8GA1UdIwQY
MBaAFA95dgUgt8FcLkJgMIJyuEn4jtZ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mODQ3NGItNWFlYi00MDU4LTlmNGUt
MDA0MjQyNWJhYjFhLzEvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mODQ3NGItNWFlYi00MDU4LTlmNGUtMDA0MjQyNWJhYjFh
LzEvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1638zAi0
Py0RVZR7yOGKXn9vM1/nA0OjxnOJSoy6YPtDIdTUxLxm10tl/Lmkv+rndSS2jQhQ
jjRwt+rdUseHd/k9uzqRyIsRZlIhJ0P94BhY4rYlC9047EA8Vr16ia51YSaeHW51
G+aLkpmnvseNce8KT5XgloMrXdUNaKsIlTcOcDih0KovbWAHnJ6M+xI06Jjx3NOp
0Ans5iPLgKUhZsoVroBlwsYfVxj/xqxc9dYnqTnfQrnQCFuw+YiIWPTEn9FKgDOL
Rvh3sBr9HKK/7uRaFVtHA5lOyBwsx9gcxM2axYNIUceqvh/yS5XCmE7D/ovucGeP
YFNXPy5WWQVJaQ==
-----END CERTIFICATE-----