Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
File:                     aBHhJcs1cHby-jE4yT6aJoGxeJM.mft (raw, json)
Hash identifier:          wYJREh9nMK8YyrC5t8d5If4WONbLQOAw4EIpceTIO24=
Subject key identifier:   5A:A7:53:C2:F4:88:3F:6F:AB:01:1F:DB:04:0D:96:79:54:E0:3B:2D
Authority key identifier: 68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
Certificate issuer:       /CN=6811e125cb357076f2fa3138c93e9a2681b17893
Certificate serial:       01976961B10A822AEB16AA7000C077FB58B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
Manifest number:          158D
Signing time:             Fri 13 Jun 2025 13:01:39 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:39 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:39 +0000
Files and hashes:         1: aBHhJcs1cHby-jE4yT6aJoGxeJM.crl (hash: YrzO3T2+vi0VSMhLFgcuTIFM9sf40fpFI0+dcuq2mis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:b1:0a:82:2a:eb:16:aa:70:00:c0:77:fb:58:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6811e125cb357076f2fa3138c93e9a2681b17893
        Validity
            Not Before: Jun 13 13:01:39 2025 GMT
            Not After : Jun 14 13:01:39 2025 GMT
        Subject: CN=5aa753c2f4883f6fab011fdb040d967954e03b2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ef:15:f2:31:ac:fa:70:fb:79:5e:82:37:e1:
                    a0:73:58:c6:e6:da:08:4b:db:71:00:75:09:1e:be:
                    98:e8:ea:41:b0:f2:0a:c0:35:07:6d:93:1b:1f:40:
                    92:fa:f5:9e:d4:c1:6c:b5:31:b7:2a:d3:b1:34:28:
                    99:bc:ea:a3:e2:b7:ff:10:2b:15:fa:f2:bb:89:5f:
                    95:ed:34:42:c1:b1:6a:cb:fa:d2:ca:70:e5:37:11:
                    92:81:17:f8:99:11:6a:57:0e:0c:1c:e6:46:a5:48:
                    41:43:fc:b5:bc:0a:00:c0:47:7f:d0:1f:3f:7c:e9:
                    63:df:3e:ba:d1:62:2f:e7:c5:ee:09:7b:38:a4:bd:
                    4e:0d:1c:92:71:b0:43:87:1e:69:f1:ba:42:e1:4f:
                    ae:b2:43:f3:13:53:fd:e9:33:a8:4f:b8:9b:55:56:
                    7f:0e:64:38:7e:95:7a:63:11:b1:d2:25:ca:56:97:
                    fa:d5:9b:41:90:96:2f:a9:2b:4a:10:fd:95:33:ef:
                    cf:60:b5:de:89:8e:3c:39:41:e1:59:20:19:4f:30:
                    cd:99:f3:3a:b5:ba:c2:e5:50:49:00:45:53:ce:58:
                    c7:aa:48:7d:f6:be:92:aa:84:e3:f9:71:ab:d0:91:
                    55:6c:2d:58:50:f3:ff:eb:5c:e2:3c:90:94:93:b2:
                    c5:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:A7:53:C2:F4:88:3F:6F:AB:01:1F:DB:04:0D:96:79:54:E0:3B:2D
            X509v3 Authority Key Identifier:
                keyid:68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:08:9a:31:31:a5:7c:2c:b7:80:14:32:b0:eb:0d:91:27:05:
         f5:fb:10:31:80:03:1a:d2:57:29:48:c4:8b:0c:66:56:3f:23:
         1a:20:bb:71:c6:17:e3:bc:5e:53:7c:c8:99:81:20:2c:ab:ec:
         0c:5f:51:a4:d5:09:c4:a8:23:6e:76:6a:74:b2:5a:2d:bd:da:
         a5:3f:cd:b7:0f:b4:d6:11:8b:2e:ae:d9:29:09:75:89:d3:92:
         0a:a0:9d:d7:0b:95:6c:c3:11:fc:15:ef:b7:6f:76:33:f4:8e:
         56:d1:0c:c0:2b:70:0b:9f:d4:ef:c2:3d:df:97:ee:1a:27:d4:
         82:d1:5a:f7:b1:36:17:7e:79:c9:c1:23:15:2a:df:0b:8b:37:
         9a:e7:50:da:33:41:15:ed:b0:81:c0:49:38:2d:17:2c:b8:a1:
         5f:8c:e9:c9:bb:af:de:6b:bf:30:49:f9:3c:22:08:f5:f2:21:
         8e:1b:07:67:e3:4d:d6:5e:f8:22:ce:f1:15:09:19:9a:93:00:
         c7:f8:d6:1d:11:aa:48:86:0f:96:a1:5b:51:af:a8:c0:b5:d8:
         c9:a8:0e:b1:a9:0b:32:0a:4c:53:99:39:53:36:35:91:d5:6c:
         06:54:8c:05:ea:53:c8:62:67:f4:3d:24:13:a5:08:af:93:cf:
         d2:05:bb:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYbEKgirrFqpwAMB3+1i0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTFlMTI1Y2IzNTcwNzZmMmZhMzEzOGM5M2U5YTI2ODFi
MTc4OTMwHhcNMjUwNjEzMTMwMTM5WhcNMjUwNjE0MTMwMTM5WjAzMTEwLwYDVQQD
Eyg1YWE3NTNjMmY0ODgzZjZmYWIwMTFmZGIwNDBkOTY3OTU0ZTAzYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO8V8jGs+nD7eV6CN+Ggc1jG5toI
S9txAHUJHr6Y6OpBsPIKwDUHbZMbH0CS+vWe1MFstTG3KtOxNCiZvOqj4rf/ECsV
+vK7iV+V7TRCwbFqy/rSynDlNxGSgRf4mRFqVw4MHOZGpUhBQ/y1vAoAwEd/0B8/
fOlj3z660WIv58XuCXs4pL1ODRyScbBDhx5p8bpC4U+uskPzE1P96TOoT7ibVVZ/
DmQ4fpV6YxGx0iXKVpf61ZtBkJYvqStKEP2VM+/PYLXeiY48OUHhWSAZTzDNmfM6
tbrC5VBJAEVTzljHqkh99r6SqoTj+XGr0JFVbC1YUPP/61ziPJCUk7LFeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqnU8L0iD9vqwEf2wQNlnlU4DstMB8GA1UdIwQY
MBaAFGgR4SXLNXB28voxOMk+miaBsXiTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2Et
Y2Q0Mzk0OTJiN2FlLzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2EtY2Q0Mzk0OTJiN2Fl
LzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOgiaMTGl
fCy3gBQysOsNkScF9fsQMYADGtJXKUjEiwxmVj8jGiC7ccYX47xeU3zImYEgLKvs
DF9RpNUJxKgjbnZqdLJaLb3apT/Ntw+01hGLLq7ZKQl1idOSCqCd1wuVbMMR/BXv
t292M/SOVtEMwCtwC5/U78I935fuGifUgtFa97E2F355ycEjFSrfC4s3mudQ2jNB
Fe2wgcBJOC0XLLihX4zpybuv3mu/MEn5PCII9fIhjhsHZ+NN1l74Is7xFQkZmpMA
x/jWHRGqSIYPlqFbUa+owLXYyagOsakLMgpMU5k5UzY1kdVsBlSMBepTyGJn9D0k
E6UIr5PP0gW7tQ==
-----END CERTIFICATE-----