Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
File:                     s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json)
Hash identifier:          bPIE6q3YWJT49294B79x8O1FS1M39YmNtswFygOQ9U4=
Subject key identifier:   1E:06:51:3C:22:6B:E8:3B:27:0C:E8:AD:A7:9B:BA:DC:FC:04:F4:DC
Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98
Certificate issuer:       /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
Certificate serial:       01976D3E7C250F408585A49285C3788E479D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
Manifest number:          158A
Signing time:             Sat 14 Jun 2025 07:01:40 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:40 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:40 +0000
Files and hashes:         1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: V0qFbAWr3zZvonarp7QgErQmeH+o1qm5Yq0xyh70Tq0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:7c:25:0f:40:85:85:a4:92:85:c3:78:8e:47:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
        Validity
            Not Before: Jun 14 07:01:40 2025 GMT
            Not After : Jun 15 07:01:40 2025 GMT
        Subject: CN=1e06513c226be83b270ce8ada79bbadcfc04f4dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b6:20:79:ef:10:68:ac:f3:cd:85:5f:4a:e9:
                    64:c7:98:cc:01:50:70:a1:53:86:ad:35:52:b8:74:
                    1d:f6:b3:5f:dc:08:8b:64:49:02:9f:3d:0b:db:03:
                    ce:2b:ec:69:a6:64:d1:15:ad:46:a1:ea:6c:20:5f:
                    97:e8:60:e3:2b:80:5b:fa:3a:2b:70:85:84:6f:d9:
                    e5:0b:3f:9f:41:59:09:64:d9:6e:a9:6b:7a:3e:3c:
                    d2:b9:84:7a:72:e8:d0:e2:9f:c9:a6:11:71:fc:9f:
                    0d:e6:45:7d:e7:4b:63:56:02:86:e4:53:de:49:77:
                    33:c7:69:67:78:c8:46:62:93:b5:34:49:02:ca:28:
                    2e:ab:d6:ef:c1:d7:41:56:6f:c3:c1:94:58:6a:21:
                    b6:fa:4c:15:2b:64:77:d5:c0:90:cb:c5:62:ea:ad:
                    35:c6:b1:73:f2:47:47:fb:37:1a:85:64:db:af:b0:
                    dc:93:7d:17:01:b9:7f:38:95:07:00:50:f7:5a:5c:
                    a7:49:2a:22:a7:35:70:bd:28:d0:27:c9:0b:39:d9:
                    f2:71:4d:ef:79:d3:14:3d:b6:88:4d:b2:a4:b3:2e:
                    09:3b:29:7e:58:df:99:84:86:03:9f:9a:a8:d5:8e:
                    f2:ec:b4:fe:bc:88:46:ea:25:10:c3:dd:e0:39:a5:
                    53:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:06:51:3C:22:6B:E8:3B:27:0C:E8:AD:A7:9B:BA:DC:FC:04:F4:DC
            X509v3 Authority Key Identifier:
                keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:4d:48:95:55:2d:98:06:a6:30:ce:f2:c9:fc:03:be:a2:1f:
         1e:8f:11:c3:e9:83:e2:cb:9f:a6:17:4c:65:86:df:2d:63:ef:
         35:c3:ca:c9:c5:b8:44:54:25:38:b0:1f:84:02:24:93:83:e2:
         b4:3a:d3:f4:82:ee:38:78:e9:55:38:4f:d4:fa:7e:14:b9:c8:
         4a:37:9f:f7:d0:93:2b:21:cf:48:c9:39:7c:ae:32:f2:7f:a1:
         bd:02:18:7a:29:cf:1c:9b:83:79:db:80:22:c8:6a:6c:c2:d6:
         2b:0a:f5:b0:6b:2c:31:bb:36:1b:f4:20:a2:ef:32:5e:c5:91:
         22:27:59:0b:c4:11:01:0b:9e:d9:be:8b:55:b5:43:df:98:0f:
         76:30:8f:01:30:0a:db:37:f9:7f:cb:c3:4d:a1:f6:6b:f0:71:
         c7:62:b8:a5:59:d0:b6:c4:00:a8:3b:f8:90:b4:e7:de:30:6a:
         d5:8a:be:e5:6a:40:4c:17:d8:21:72:44:1f:f8:69:1f:a2:cd:
         bd:67:70:9c:3c:5b:77:4e:98:ea:ce:2a:93:58:08:de:0a:23:
         40:0e:86:8c:ac:4c:da:6e:e3:65:ed:92:43:ec:e2:a9:ee:8a:
         89:89:a5:ad:d1:3b:2a:e2:49:30:e4:1a:16:e8:72:b8:4e:8c:
         3d:6f:fb:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPnwlD0CFhaSShcN4jkedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm
MGE0OTgwHhcNMjUwNjE0MDcwMTQwWhcNMjUwNjE1MDcwMTQwWjAzMTEwLwYDVQQD
EygxZTA2NTEzYzIyNmJlODNiMjcwY2U4YWRhNzliYmFkY2ZjMDRmNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7Ygee8QaKzzzYVfSulkx5jMAVBw
oVOGrTVSuHQd9rNf3AiLZEkCnz0L2wPOK+xppmTRFa1GoepsIF+X6GDjK4Bb+jor
cIWEb9nlCz+fQVkJZNluqWt6PjzSuYR6cujQ4p/JphFx/J8N5kV950tjVgKG5FPe
SXczx2lneMhGYpO1NEkCyiguq9bvwddBVm/DwZRYaiG2+kwVK2R31cCQy8Vi6q01
xrFz8kdH+zcahWTbr7Dck30XAbl/OJUHAFD3WlynSSoipzVwvSjQJ8kLOdnycU3v
edMUPbaITbKksy4JOyl+WN+ZhIYDn5qo1Y7y7LT+vIhG6iUQw93gOaVTDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4GUTwia+g7Jwzoraebutz8BPTcMB8GA1UdIwQY
MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt
MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2
LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASk1IlVUt
mAamMM7yyfwDvqIfHo8Rw+mD4sufphdMZYbfLWPvNcPKycW4RFQlOLAfhAIkk4Pi
tDrT9ILuOHjpVThP1Pp+FLnISjef99CTKyHPSMk5fK4y8n+hvQIYeinPHJuDeduA
IshqbMLWKwr1sGssMbs2G/Qgou8yXsWRIidZC8QRAQue2b6LVbVD35gPdjCPATAK
2zf5f8vDTaH2a/Bxx2K4pVnQtsQAqDv4kLTn3jBq1Yq+5WpATBfYIXJEH/hpH6LN
vWdwnDxbd06Y6s4qk1gI3gojQA6GjKxM2m7jZe2SQ+ziqe6KiYmlrdE7KuJJMOQa
FuhyuE6MPW/7tw==
-----END CERTIFICATE-----