Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
File:                     ROzsULCd1G04TQgbUH0juv71HJw.mft (raw, json)
Hash identifier:          x/2JKepvk27L0CS0bOL7lneg841EftUnhoWsWwrv690=
Subject key identifier:   CF:16:9F:EB:26:C7:96:87:60:88:76:A6:5B:83:6C:11:F2:63:1C:4F
Authority key identifier: 44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C
Certificate issuer:       /CN=44ecec50b09dd46d384d081b507d23bafef51c9c
Certificate serial:       019771BF9881B4945B083DEC15847008036C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
Manifest number:          158F
Signing time:             Sun 15 Jun 2025 04:01:11 +0000
Manifest this update:     Sun 15 Jun 2025 04:01:11 +0000
Manifest next update:     Mon 16 Jun 2025 04:01:11 +0000
Files and hashes:         1: ROzsULCd1G04TQgbUH0juv71HJw.crl (hash: 2G4EGPxPlhJVEm2uVYLlgf4GZhimOwv0hb4vfNmnCn4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:bf:98:81:b4:94:5b:08:3d:ec:15:84:70:08:03:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecec50b09dd46d384d081b507d23bafef51c9c
        Validity
            Not Before: Jun 15 04:01:11 2025 GMT
            Not After : Jun 16 04:01:11 2025 GMT
        Subject: CN=cf169feb26c79687608876a65b836c11f2631c4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:b0:62:cb:5b:f5:7c:9a:0f:10:9c:a0:9d:a7:
                    19:3a:50:2c:d0:ce:28:ba:ef:0c:f2:65:cc:d8:4e:
                    43:e0:92:c7:21:4f:18:c4:c1:c5:14:f5:96:4f:9b:
                    27:ed:d0:90:3e:fd:64:ca:d7:dd:a7:cf:0a:1b:b9:
                    58:30:0a:4e:ab:42:c8:14:7b:ef:ca:e1:53:66:2a:
                    1e:9e:6c:c7:bc:e4:e6:09:ec:78:fe:0c:b5:f0:46:
                    dd:ab:b3:95:fb:fc:aa:4b:ed:87:29:fb:2e:3a:29:
                    85:2e:71:3d:af:ca:47:3a:13:8c:4d:0e:ab:9a:9d:
                    76:ae:6b:39:e0:f3:09:90:b5:18:60:3a:d2:dc:c8:
                    e6:b6:62:8c:52:54:95:bc:1d:f3:40:9c:e9:1a:be:
                    f1:bc:95:34:cb:17:b0:86:a4:35:96:37:d3:9a:3f:
                    47:c8:20:cb:0e:42:3c:8f:b2:e3:d8:12:29:ed:c2:
                    c5:f7:fe:c1:5e:e4:95:b7:70:38:cd:c6:8a:d0:d8:
                    4a:f9:b6:ee:f2:4c:06:f5:77:51:b6:6a:94:56:82:
                    96:79:00:f9:91:f1:6c:1c:e6:8e:19:0d:f0:66:21:
                    74:62:b4:86:81:ac:e2:5a:60:f7:fd:d9:f9:e2:bf:
                    0e:f4:01:a6:3a:c1:69:c0:2f:6b:a2:fa:da:3f:c1:
                    26:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:16:9F:EB:26:C7:96:87:60:88:76:A6:5B:83:6C:11:F2:63:1C:4F
            X509v3 Authority Key Identifier:
                keyid:44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:2b:e3:c8:2a:87:5b:3f:95:6c:2c:5a:40:c6:31:cb:11:77:
         a8:79:df:5d:45:d8:ed:48:01:df:22:9a:f0:1a:60:94:02:bf:
         1f:6b:5a:45:a8:21:1f:1c:c2:fd:df:27:85:bc:5a:08:d4:9a:
         68:c1:d9:ab:06:f4:09:fb:6c:6a:52:eb:35:00:2f:93:1d:fe:
         3b:79:c8:b1:10:6f:4a:5e:8c:b0:3b:d2:57:f3:f6:e5:24:f0:
         b4:89:59:9d:b0:4d:ce:f1:d1:96:da:98:06:60:01:33:17:64:
         01:67:10:8c:74:84:19:a6:9a:7e:e1:80:41:06:91:df:ed:80:
         6f:b9:eb:6b:71:55:a9:ad:f7:ba:a0:bd:aa:04:6b:10:32:84:
         a4:ae:87:5a:7d:3c:a9:4d:c0:08:66:41:f0:1e:00:23:47:8b:
         a1:e5:91:54:0c:48:5a:08:57:f1:16:a5:9c:9c:c2:27:a2:e2:
         12:eb:60:5e:ff:76:3f:25:96:e3:ff:84:c1:84:f6:85:10:28:
         3d:55:f1:1c:1a:c6:59:06:f0:66:c2:c0:72:69:e2:0e:7c:9a:
         60:b3:56:98:91:cc:a8:08:ba:ab:97:91:ac:18:60:99:06:de:
         ed:ef:22:bd:81:39:9a:f4:c6:a4:65:10:ef:65:23:d3:e1:2b:
         51:aa:b5:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxv5iBtJRbCD3sFYRwCANsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlYzUwYjA5ZGQ0NmQzODRkMDgxYjUwN2QyM2JhZmVm
NTFjOWMwHhcNMjUwNjE1MDQwMTExWhcNMjUwNjE2MDQwMTExWjAzMTEwLwYDVQQD
EyhjZjE2OWZlYjI2Yzc5Njg3NjA4ODc2YTY1YjgzNmMxMWYyNjMxYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47Biy1v1fJoPEJygnacZOlAs0M4o
uu8M8mXM2E5D4JLHIU8YxMHFFPWWT5sn7dCQPv1kytfdp88KG7lYMApOq0LIFHvv
yuFTZioenmzHvOTmCex4/gy18Ebdq7OV+/yqS+2HKfsuOimFLnE9r8pHOhOMTQ6r
mp12rms54PMJkLUYYDrS3MjmtmKMUlSVvB3zQJzpGr7xvJU0yxewhqQ1ljfTmj9H
yCDLDkI8j7Lj2BIp7cLF9/7BXuSVt3A4zcaK0NhK+bbu8kwG9XdRtmqUVoKWeQD5
kfFsHOaOGQ3wZiF0YrSGgaziWmD3/dn54r8O9AGmOsFpwC9rovraP8EmJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8Wn+smx5aHYIh2pluDbBHyYxxPMB8GA1UdIwQY
MBaAFETs7FCwndRtOE0IG1B9I7r+9RycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAt
ZTMyZDZmNmYzY2NjLzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAtZTMyZDZmNmYzY2Nj
LzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfyvjyCqH
Wz+VbCxaQMYxyxF3qHnfXUXY7UgB3yKa8BpglAK/H2taRaghHxzC/d8nhbxaCNSa
aMHZqwb0CftsalLrNQAvkx3+O3nIsRBvSl6MsDvSV/P25STwtIlZnbBNzvHRltqY
BmABMxdkAWcQjHSEGaaafuGAQQaR3+2Ab7nra3FVqa33uqC9qgRrEDKEpK6HWn08
qU3ACGZB8B4AI0eLoeWRVAxIWghX8RalnJzCJ6LiEutgXv92PyWW4/+EwYT2hRAo
PVXxHBrGWQbwZsLAcmniDnyaYLNWmJHMqAi6q5eRrBhgmQbe7e8ivYE5mvTGpGUQ
72Uj0+ErUaq1Qw==
-----END CERTIFICATE-----