Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
File:                     rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft (raw, json)
Hash identifier:          HM1idXPCYdsigwsKz05jsTsdcHwJQXi8denY7t8cFlM=
Subject key identifier:   74:AD:29:26:17:8F:93:1B:CA:67:4B:02:B3:4E:19:45:FD:3E:E3:2F
Authority key identifier: AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
Certificate issuer:       /CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Certificate serial:       0197504684ED992937EA8BA3D6FB39873338
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
Manifest number:          158A
Signing time:             Sun 08 Jun 2025 16:01:28 +0000
Manifest this update:     Sun 08 Jun 2025 16:01:28 +0000
Manifest next update:     Mon 09 Jun 2025 16:01:28 +0000
Files and hashes:         1: rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl (hash: FFfyZ1ViiQ+85Rch3/N2eLzD38WuEj3ht0BJgzO8/Cg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 16:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:46:84:ed:99:29:37:ea:8b:a3:d6:fb:39:87:33:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
        Validity
            Not Before: Jun  8 16:01:28 2025 GMT
            Not After : Jun  9 16:01:28 2025 GMT
        Subject: CN=74ad2926178f931bca674b02b34e1945fd3ee32f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:ce:d8:84:d8:5b:43:ff:71:21:f4:51:52:8d:
                    d7:ae:d3:95:9f:7c:0e:3e:88:6e:70:e8:d7:b9:cb:
                    f7:8b:b4:7b:87:09:8b:76:c8:3a:7f:b6:d7:6a:39:
                    fd:d8:6e:cf:ad:0a:79:b9:2e:2a:bf:a2:67:f4:54:
                    cb:05:8c:41:cb:78:d8:00:e0:4a:45:f3:f0:c2:6f:
                    eb:74:f3:5c:29:78:85:4c:45:d8:9b:d7:14:c3:57:
                    72:53:9b:62:7e:d7:97:66:85:eb:43:cd:a0:91:1c:
                    60:f3:4c:b7:4d:95:7a:bd:2a:15:d0:25:10:c3:01:
                    9f:0c:20:37:73:29:04:75:23:da:07:90:c5:a1:7e:
                    6d:63:de:03:73:17:a1:df:8c:45:a9:60:7b:2e:b0:
                    b2:5a:38:7c:7f:28:6c:06:6b:d4:70:01:af:c2:96:
                    0b:c7:bb:da:16:ad:a2:8e:b5:db:ea:8b:8c:0e:c9:
                    60:9b:e2:fc:58:6e:8f:93:12:54:6f:a1:93:4c:18:
                    92:c6:89:57:3b:50:a1:cd:a1:7a:ac:22:96:f2:b1:
                    c7:6d:fd:65:ff:51:73:b4:49:d3:1f:74:a5:aa:1a:
                    bd:82:73:f2:5d:58:f5:46:bd:52:53:46:c5:2c:12:
                    49:8c:d0:4e:88:94:d9:ba:59:08:2c:cc:61:47:ee:
                    4f:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:AD:29:26:17:8F:93:1B:CA:67:4B:02:B3:4E:19:45:FD:3E:E3:2F
            X509v3 Authority Key Identifier:
                keyid:AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:35:f9:2c:08:6e:f1:15:80:55:57:ff:09:aa:ab:b0:da:b9:
         b7:29:ca:ab:a1:7f:1d:61:8c:23:ea:ed:0c:3e:c1:04:1c:54:
         42:59:ce:ce:0b:e2:f4:9a:c9:ce:af:7a:98:20:37:d3:e2:dd:
         7c:97:5a:c4:a2:95:7d:ea:91:75:6f:9f:5a:74:80:a4:17:a9:
         cd:47:71:ef:a6:7b:91:49:8c:b0:6e:6d:83:95:5d:27:d8:9f:
         4c:b4:14:50:b1:b2:cf:04:43:59:06:f1:81:29:2e:33:05:03:
         5f:d7:58:e2:b0:eb:5a:36:3f:11:b8:58:79:26:89:47:a4:62:
         17:d8:e3:10:32:b9:a9:24:ed:30:9d:dd:ef:44:ca:aa:e4:a6:
         c4:63:50:d1:f5:f8:23:88:9a:a3:7f:8f:60:60:fc:aa:81:b0:
         3a:cd:77:b9:09:0c:07:a6:48:0f:a5:af:e5:95:ab:48:e3:43:
         50:c6:a8:e7:9f:01:6a:12:ec:bd:cf:ad:fb:2c:81:09:c3:12:
         27:5f:29:1a:77:77:29:57:e4:d2:34:be:e0:ae:0c:24:48:ce:
         88:d8:f7:2f:93:a0:1b:9d:6f:e6:e4:49:ba:41:56:9f:15:0a:
         c0:a6:34:66:60:be:4f:d8:1a:6c:5e:7f:54:88:25:4c:88:04:
         a1:50:4e:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRoTtmSk36ouj1vs5hzM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDkyMDc5OTRiYTljN2Q5MWVhN2U0NzlmZWZkMWI4MDk5
ZjYyY2UwHhcNMjUwNjA4MTYwMTI4WhcNMjUwNjA5MTYwMTI4WjAzMTEwLwYDVQQD
Eyg3NGFkMjkyNjE3OGY5MzFiY2E2NzRiMDJiMzRlMTk0NWZkM2VlMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6c7YhNhbQ/9xIfRRUo3XrtOVn3wO
PohucOjXucv3i7R7hwmLdsg6f7bXajn92G7PrQp5uS4qv6Jn9FTLBYxBy3jYAOBK
RfPwwm/rdPNcKXiFTEXYm9cUw1dyU5tifteXZoXrQ82gkRxg80y3TZV6vSoV0CUQ
wwGfDCA3cykEdSPaB5DFoX5tY94Dcxeh34xFqWB7LrCyWjh8fyhsBmvUcAGvwpYL
x7vaFq2ijrXb6ouMDslgm+L8WG6PkxJUb6GTTBiSxolXO1ChzaF6rCKW8rHHbf1l
/1FztEnTH3Slqhq9gnPyXVj1Rr1SU0bFLBJJjNBOiJTZulkILMxhR+5PswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHStKSYXj5MbymdLArNOGUX9PuMvMB8GA1UdIwQY
MBaAFK3ZIHmUupx9kep+R5/v0bgJn2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAt
ZTUyMTI1NzRmOWVjLzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAtZTUyMTI1NzRmOWVj
LzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApDX5LAhu
8RWAVVf/CaqrsNq5tynKq6F/HWGMI+rtDD7BBBxUQlnOzgvi9JrJzq96mCA30+Ld
fJdaxKKVfeqRdW+fWnSApBepzUdx76Z7kUmMsG5tg5VdJ9ifTLQUULGyzwRDWQbx
gSkuMwUDX9dY4rDrWjY/EbhYeSaJR6RiF9jjEDK5qSTtMJ3d70TKquSmxGNQ0fX4
I4iao3+PYGD8qoGwOs13uQkMB6ZID6Wv5ZWrSONDUMao558BahLsvc+t+yyBCcMS
J18pGnd3KVfk0jS+4K4MJEjOiNj3L5OgG51v5uRJukFWnxUKwKY0ZmC+T9gabF5/
VIglTIgEoVBOaQ==
-----END CERTIFICATE-----