Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          wghhA0J91zfF1Njq7a/seF84lTk6hq5CEVxCPk2jZq0=
Subject key identifier:   F1:1F:DF:5E:21:22:6C:7A:A7:7C:CA:A4:DE:FF:9E:94:EB:F3:0E:4F
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       01974C6905943911F9E93DBBE7CB333B671B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 22:00:40 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:40 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:40 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: DzVOMFFw/fr4397TINGm4Dma1WJ6VehaE3rlHb4VEvA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:05:94:39:11:f9:e9:3d:bb:e7:cb:33:3b:67:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Jun  7 22:00:40 2025 GMT
            Not After : Jun  8 22:00:40 2025 GMT
        Subject: CN=f11fdf5e21226c7aa77ccaa4deff9e94ebf30e4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:15:3b:b6:6e:40:bf:be:e9:38:1b:fc:33:ac:
                    79:ab:47:53:06:4b:9b:dd:8f:85:e4:57:f0:b9:0e:
                    ad:d0:df:1e:89:c8:bd:e0:64:94:d6:ef:42:a9:3d:
                    81:ff:2e:9c:5b:07:49:70:d8:cb:fb:30:d6:df:dc:
                    b6:e5:d3:82:8f:77:72:fd:d6:c0:cf:5d:a0:58:2b:
                    c9:42:8d:6d:a9:46:ca:04:18:bb:27:cb:1f:f9:04:
                    5a:14:09:b9:b9:b9:ea:84:41:06:58:d9:a2:21:7f:
                    f7:d5:ac:a1:17:83:28:e9:ce:b6:ac:8c:96:c8:6c:
                    38:21:a0:b9:00:80:45:0f:66:c0:2c:f6:fa:78:47:
                    cc:a2:c2:86:58:7a:5a:7f:10:a0:b4:05:c8:e0:44:
                    29:93:9c:2b:5a:47:08:01:90:42:ac:b6:db:16:7c:
                    d5:49:6d:53:81:c4:33:ba:3e:dd:bf:b7:c2:85:6c:
                    61:0f:4f:6e:1e:8f:55:70:d1:a8:2d:11:66:5c:3b:
                    4a:23:ef:ff:6e:92:4b:5b:75:04:cf:94:18:aa:0b:
                    0c:f2:b7:7a:e9:cc:b2:b1:29:02:da:e5:56:a8:dd:
                    e3:86:63:35:db:cb:8c:69:63:13:5c:7f:a6:ea:f1:
                    93:94:59:35:3c:c2:21:1b:85:e6:fa:2e:f7:e8:ce:
                    5c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:1F:DF:5E:21:22:6C:7A:A7:7C:CA:A4:DE:FF:9E:94:EB:F3:0E:4F
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:5d:34:62:d4:81:ab:d1:69:32:05:84:99:f3:ab:2a:1c:4f:
         ee:92:29:a7:18:6c:22:81:b6:10:3c:03:59:07:f6:e1:f0:e6:
         cc:5b:f1:1d:67:3a:c1:51:d1:f9:fe:a0:cc:7d:5d:95:a0:bd:
         38:d6:29:7b:90:0a:18:40:37:5e:13:a7:2e:8b:e0:eb:8e:1f:
         76:c7:94:ca:44:cc:f4:72:83:11:0b:b3:72:2b:91:44:df:09:
         37:80:6b:43:8f:ff:35:01:b7:d0:29:6c:a9:96:ec:32:c1:bf:
         67:4b:32:15:a6:c0:dc:89:5b:c8:a7:e7:1a:e1:d4:37:21:2a:
         69:bc:40:8c:9d:3b:c3:22:ae:71:59:cd:ea:fc:f2:b5:6c:48:
         01:73:f2:e1:1b:4d:00:14:1c:d4:f1:82:a6:0d:40:1f:f2:15:
         c9:98:30:4b:89:26:c9:cc:16:1b:00:fb:3f:1f:84:cf:73:6d:
         25:bb:a3:de:b3:4f:50:1c:3b:3a:3d:10:df:94:a1:cb:6a:14:
         ca:84:ab:c2:87:3d:47:e3:7e:76:f7:6c:1e:c7:95:05:a1:fb:
         78:62:c8:15:68:36:7b:03:51:82:84:0f:77:2d:e5:0a:b6:0a:
         98:31:b6:79:22:ed:44:25:7c:2c:57:f7:3d:cc:24:b5:73:95:
         50:19:02:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaQWUORH56T2758szO2cbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjUwNjA3MjIwMDQwWhcNMjUwNjA4MjIwMDQwWjAzMTEwLwYDVQQD
EyhmMTFmZGY1ZTIxMjI2YzdhYTc3Y2NhYTRkZWZmOWU5NGViZjMwZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhU7tm5Av77pOBv8M6x5q0dTBkub
3Y+F5FfwuQ6t0N8eici94GSU1u9CqT2B/y6cWwdJcNjL+zDW39y25dOCj3dy/dbA
z12gWCvJQo1tqUbKBBi7J8sf+QRaFAm5ubnqhEEGWNmiIX/31ayhF4Mo6c62rIyW
yGw4IaC5AIBFD2bALPb6eEfMosKGWHpafxCgtAXI4EQpk5wrWkcIAZBCrLbbFnzV
SW1TgcQzuj7dv7fChWxhD09uHo9VcNGoLRFmXDtKI+//bpJLW3UEz5QYqgsM8rd6
6cyysSkC2uVWqN3jhmM128uMaWMTXH+m6vGTlFk1PMIhG4Xm+i736M5c6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPEf314hImx6p3zKpN7/npTr8w5PMB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmF00YtSB
q9FpMgWEmfOrKhxP7pIppxhsIoG2EDwDWQf24fDmzFvxHWc6wVHR+f6gzH1dlaC9
ONYpe5AKGEA3XhOnLovg644fdseUykTM9HKDEQuzciuRRN8JN4BrQ4//NQG30Cls
qZbsMsG/Z0syFabA3IlbyKfnGuHUNyEqabxAjJ07wyKucVnN6vzytWxIAXPy4RtN
ABQc1PGCpg1AH/IVyZgwS4kmycwWGwD7Px+Ez3NtJbuj3rNPUBw7Oj0Q35Shy2oU
yoSrwoc9R+N+dvdsHseVBaH7eGLIFWg2ewNRgoQPdy3lCrYKmDG2eSLtRCV8LFf3
PcwktXOVUBkCXw==
-----END CERTIFICATE-----