Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
File:                     KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft (raw, json)
Hash identifier:          yPZbdruHBPSehxxmTr7l6V1m33yGXkIuLbBb2x1z5DQ=
Subject key identifier:   AC:42:E8:E9:A8:9E:41:0E:0F:62:76:D1:5C:A5:B2:20:76:C1:40:A8
Authority key identifier: 29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0
Certificate issuer:       /CN=293bc3a5749733104f7b9cc0512dade136d70ad0
Certificate serial:       01976D3DB75D08A640FEA4939D0A95422141
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 07:00:50 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:50 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:50 +0000
Files and hashes:         1: KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl (hash: e1YLVAu9SCGvTStXTpQeTQT1ludsO1AD5azhXwCAn30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:b7:5d:08:a6:40:fe:a4:93:9d:0a:95:42:21:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=293bc3a5749733104f7b9cc0512dade136d70ad0
        Validity
            Not Before: Jun 14 07:00:50 2025 GMT
            Not After : Jun 15 07:00:50 2025 GMT
        Subject: CN=ac42e8e9a89e410e0f6276d15ca5b22076c140a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0a:3e:71:5f:ee:43:4a:71:b6:1e:42:96:ad:
                    cf:a5:8b:82:73:14:e8:02:ee:20:ea:8f:cb:77:60:
                    a8:70:e4:93:9d:1d:09:2d:f6:29:8c:8c:10:9c:b0:
                    d4:82:f9:f1:38:96:c2:2a:59:75:c5:ff:d4:34:1e:
                    15:40:f9:27:ea:66:e2:8d:70:6c:eb:4b:3d:22:e8:
                    25:79:71:1b:96:7f:1f:7f:e2:52:0f:e4:3c:ef:40:
                    dd:11:43:cf:b9:2b:83:de:58:ef:1c:0d:ac:14:ee:
                    ac:12:57:91:d0:0c:c9:20:a4:77:71:94:b7:b2:9b:
                    e2:a4:17:ba:56:c6:5b:bd:0b:7f:71:e9:64:b2:73:
                    89:f1:66:d1:db:52:1f:e7:23:e9:12:6d:7c:72:ba:
                    f0:cc:29:3d:3d:92:f8:dc:16:d6:d7:77:b9:b3:26:
                    59:fe:6e:43:02:da:d6:7f:3e:a3:b0:48:37:92:d7:
                    fc:0f:2c:b1:24:56:6e:df:79:82:ea:d9:c2:78:c1:
                    30:b7:db:af:13:94:c9:75:80:c6:9c:d5:6d:06:bc:
                    c7:48:af:9f:b1:fe:97:cb:dc:1f:f6:65:9a:40:55:
                    ae:d7:ad:81:c1:98:99:f0:48:77:c7:f6:35:76:96:
                    bb:b4:38:0a:c8:eb:94:ff:8c:47:1f:32:30:ae:7f:
                    05:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:42:E8:E9:A8:9E:41:0E:0F:62:76:D1:5C:A5:B2:20:76:C1:40:A8
            X509v3 Authority Key Identifier:
                keyid:29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:b5:b2:de:18:51:41:bc:c9:30:4a:e1:1d:ae:ef:c2:e9:7c:
         74:4f:1b:12:26:1d:61:54:cb:10:d2:5c:e6:40:c3:e6:2c:0d:
         28:2e:81:30:93:20:41:3b:55:b9:b8:b2:58:a6:1f:92:c1:93:
         c7:d8:f8:31:5d:53:d5:78:e1:f1:94:78:07:68:42:95:18:2b:
         64:13:3f:eb:3f:9c:28:3f:e7:7b:75:34:35:8c:bf:c8:41:8b:
         57:53:73:c2:f1:72:f2:4d:2a:c4:91:14:e4:c3:49:42:0b:27:
         36:2d:14:ca:79:19:d3:4e:60:61:68:fe:c4:68:cb:f7:1b:22:
         e8:73:b7:5e:a7:5f:0d:dd:51:62:77:8f:cc:96:11:81:20:f9:
         b4:96:b9:9a:1c:67:9e:63:68:a6:be:96:e2:08:57:fa:05:80:
         1c:8b:b0:20:e6:1b:57:ae:d7:81:33:0f:22:ce:c9:54:09:de:
         b9:0b:33:97:57:8f:ae:27:29:e0:7c:8b:f0:2d:28:a0:42:4a:
         04:ff:57:e3:5d:43:48:be:7d:a6:e5:66:39:85:03:0f:77:55:
         52:5f:88:1a:5e:c7:5e:f3:8e:e8:e4:e6:b7:e5:04:9d:75:f6:
         d1:d4:33:5c:36:8b:f3:54:f4:57:48:c7:cb:5a:36:70:f4:aa:
         3e:9d:f3:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPbddCKZA/qSTnQqVQiFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2JjM2E1NzQ5NzMzMTA0ZjdiOWNjMDUxMmRhZGUxMzZk
NzBhZDAwHhcNMjUwNjE0MDcwMDUwWhcNMjUwNjE1MDcwMDUwWjAzMTEwLwYDVQQD
EyhhYzQyZThlOWE4OWU0MTBlMGY2Mjc2ZDE1Y2E1YjIyMDc2YzE0MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQo+cV/uQ0pxth5Clq3PpYuCcxTo
Au4g6o/Ld2CocOSTnR0JLfYpjIwQnLDUgvnxOJbCKll1xf/UNB4VQPkn6mbijXBs
60s9IugleXEbln8ff+JSD+Q870DdEUPPuSuD3ljvHA2sFO6sEleR0AzJIKR3cZS3
spvipBe6VsZbvQt/celksnOJ8WbR21If5yPpEm18crrwzCk9PZL43BbW13e5syZZ
/m5DAtrWfz6jsEg3ktf8DyyxJFZu33mC6tnCeMEwt9uvE5TJdYDGnNVtBrzHSK+f
sf6Xy9wf9mWaQFWu162BwZiZ8Eh3x/Y1dpa7tDgKyOuU/4xHHzIwrn8FPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxC6OmonkEOD2J20VylsiB2wUCoMB8GA1UdIwQY
MBaAFCk7w6V0lzMQT3ucwFEtreE21wrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmIt
NjA5YTFlODYyN2ZkLzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmItNjA5YTFlODYyN2Zk
LzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqbWy3hhR
QbzJMErhHa7vwul8dE8bEiYdYVTLENJc5kDD5iwNKC6BMJMgQTtVubiyWKYfksGT
x9j4MV1T1Xjh8ZR4B2hClRgrZBM/6z+cKD/ne3U0NYy/yEGLV1NzwvFy8k0qxJEU
5MNJQgsnNi0UynkZ005gYWj+xGjL9xsi6HO3XqdfDd1RYnePzJYRgSD5tJa5mhxn
nmNopr6W4ghX+gWAHIuwIOYbV67XgTMPIs7JVAneuQszl1ePricp4HyL8C0ooEJK
BP9X411DSL59puVmOYUDD3dVUl+IGl7HXvOO6OTmt+UEnXX20dQzXDaL81T0V0jH
y1o2cPSqPp3zaA==
-----END CERTIFICATE-----