Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
File:                     tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft (raw, json)
Hash identifier:          oSMhHejhJWBy4pCQ/DUaWfHneYZqP1IApzfWdlXoNNQ=
Subject key identifier:   2A:6D:10:E9:64:72:6E:B5:90:55:65:62:58:2B:A8:85:61:A4:04:1B
Authority key identifier: B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C
Certificate issuer:       /CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
Certificate serial:       01974C692ED7B519626A059C75C1176E444D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 22:00:51 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:51 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:51 +0000
Files and hashes:         1: tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl (hash: 5CrFPzhz16K5CLjnv5/vUw5ZxuDMLkCkDRM20vy6pvI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:2e:d7:b5:19:62:6a:05:9c:75:c1:17:6e:44:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
        Validity
            Not Before: Jun  7 22:00:51 2025 GMT
            Not After : Jun  8 22:00:51 2025 GMT
        Subject: CN=2a6d10e964726eb590556562582ba88561a4041b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a9:c3:c8:6c:c9:e5:26:cc:15:0a:70:5b:1e:
                    58:1e:a1:9e:72:c6:23:84:f2:65:9f:7f:4d:06:98:
                    15:82:d9:8d:ee:46:6a:75:4b:3f:79:e1:a6:81:62:
                    09:0d:b5:f2:b8:b6:3d:7a:5f:f1:78:46:ea:ae:5e:
                    00:ce:61:da:d8:06:e5:22:b9:04:40:e8:76:d3:c2:
                    88:67:ad:dc:9c:65:fa:02:c2:60:dd:b1:a3:51:90:
                    c6:68:0b:1d:d5:38:3a:0d:1c:86:07:3f:dd:9f:c1:
                    5c:b7:6d:00:25:bf:01:94:14:3a:d7:e0:54:a4:6a:
                    72:fc:3d:72:30:c7:24:56:b7:27:58:27:2b:fb:1e:
                    73:94:54:d4:41:a8:62:17:c2:8c:c4:78:8f:89:99:
                    ed:1b:21:07:a1:a3:97:f6:a5:16:a5:0f:0c:a2:d4:
                    d6:eb:70:2a:78:03:98:59:b2:2a:c9:ff:37:46:ea:
                    42:b6:bc:13:fc:88:79:e0:01:9b:14:f3:00:d0:46:
                    b6:fb:5a:bf:26:b7:ae:02:bc:c9:d5:bc:81:85:fd:
                    44:8a:2c:d9:f0:8f:f4:79:98:1c:2e:2c:62:f5:db:
                    38:66:52:db:b5:cf:71:52:b2:9a:48:1a:85:f4:72:
                    88:17:56:cb:d7:86:3d:83:f9:a2:6e:d0:92:ec:5a:
                    1d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:6D:10:E9:64:72:6E:B5:90:55:65:62:58:2B:A8:85:61:A4:04:1B
            X509v3 Authority Key Identifier:
                keyid:B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:bb:af:cd:75:f4:ce:9c:22:66:4e:a9:81:6b:13:c6:b1:58:
         63:a8:43:21:18:9d:67:84:b5:2c:06:89:5e:ae:ab:85:b6:1b:
         29:35:eb:1d:1e:d3:0c:e6:d2:da:97:56:23:be:2e:68:11:2d:
         92:7b:f7:ed:44:40:2f:bb:80:e0:89:38:d2:71:33:56:a8:22:
         57:66:d8:a2:ca:07:5d:c1:7b:e3:8a:ee:2e:f6:28:65:f8:03:
         a4:92:23:91:9a:88:41:03:ef:68:13:3b:dd:1f:01:69:aa:36:
         b0:6a:53:76:a4:5a:2b:14:fd:03:ff:5c:28:df:7c:68:ea:d3:
         64:45:6b:18:d9:62:3b:67:c1:23:36:59:0d:cc:e0:71:54:5a:
         bf:07:4b:9c:8d:09:31:fa:e7:0b:71:ca:f0:0e:ac:3a:32:88:
         01:2f:81:6e:83:9d:8b:33:78:e9:a5:44:b3:5c:1d:b3:3b:4c:
         f0:7d:09:b6:94:88:34:f6:7d:bf:b7:ea:9d:56:bc:b5:b6:1e:
         f0:d4:04:f4:6f:c0:88:5b:d6:5c:32:be:68:d1:1e:0b:2b:97:
         9d:ce:13:0e:8b:49:83:07:3a:02:f0:9c:1d:2c:e3:39:4e:b9:
         25:ce:c0:c2:da:e9:9a:2e:f9:ff:65:43:68:87:bd:d7:05:16:
         ae:b5:19:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaS7XtRliagWcdcEXbkRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTRlYmI2NzQ4ZmRjMTIxMjdjM2Y5MjdlN2ZiOWIxYWY4
OTI2MmMwHhcNMjUwNjA3MjIwMDUxWhcNMjUwNjA4MjIwMDUxWjAzMTEwLwYDVQQD
EygyYTZkMTBlOTY0NzI2ZWI1OTA1NTY1NjI1ODJiYTg4NTYxYTQwNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2anDyGzJ5SbMFQpwWx5YHqGecsYj
hPJln39NBpgVgtmN7kZqdUs/eeGmgWIJDbXyuLY9el/xeEbqrl4AzmHa2AblIrkE
QOh208KIZ63cnGX6AsJg3bGjUZDGaAsd1Tg6DRyGBz/dn8Fct20AJb8BlBQ61+BU
pGpy/D1yMMckVrcnWCcr+x5zlFTUQahiF8KMxHiPiZntGyEHoaOX9qUWpQ8MotTW
63AqeAOYWbIqyf83RupCtrwT/Ih54AGbFPMA0Ea2+1q/JreuArzJ1byBhf1EiizZ
8I/0eZgcLixi9ds4ZlLbtc9xUrKaSBqF9HKIF1bL14Y9g/mibtCS7FodrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCptEOlkcm61kFVlYlgrqIVhpAQbMB8GA1UdIwQY
MBaAFLWU67Z0j9wSEnw/kn5/ubGviSYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAt
ODIxOTM2YjMxNTE4LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAtODIxOTM2YjMxNTE4
LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUruvzXX0
zpwiZk6pgWsTxrFYY6hDIRidZ4S1LAaJXq6rhbYbKTXrHR7TDObS2pdWI74uaBEt
knv37URAL7uA4Ik40nEzVqgiV2bYosoHXcF744ruLvYoZfgDpJIjkZqIQQPvaBM7
3R8Baao2sGpTdqRaKxT9A/9cKN98aOrTZEVrGNliO2fBIzZZDczgcVRavwdLnI0J
MfrnC3HK8A6sOjKIAS+BboOdizN46aVEs1wdsztM8H0JtpSINPZ9v7fqnVa8tbYe
8NQE9G/AiFvWXDK+aNEeCyuXnc4TDotJgwc6AvCcHSzjOU65Jc7Awtrpmi75/2VD
aIe91wUWrrUZ9A==
-----END CERTIFICATE-----