Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          HExJNltFjG9HgtdSyNWTbdwm6oDUfzvSMpgPuOtIVdI=
Subject key identifier:   FB:6F:07:75:93:24:41:3F:27:B5:54:4B:15:F7:23:BF:BB:A6:8A:55
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       01976D3E66894A549F144ADECD64AC694EB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 07:01:35 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:35 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:35 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: v1iM59fNJtI3NtsVg5bcBYNtY4PPKdtUCiO0HQJeFTQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:66:89:4a:54:9f:14:4a:de:cd:64:ac:69:4e:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: Jun 14 07:01:35 2025 GMT
            Not After : Jun 15 07:01:35 2025 GMT
        Subject: CN=fb6f07759324413f27b5544b15f723bfbba68a55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:05:74:eb:f8:85:66:5c:c2:30:96:9a:2a:0b:
                    ad:a1:96:74:51:6e:a6:d7:a3:19:96:72:ad:e7:6e:
                    a1:3e:90:5a:b8:2e:0c:d6:a3:78:bc:2d:cf:16:01:
                    7c:1e:2c:d1:7f:16:d2:f7:c3:95:fe:7e:00:f2:d0:
                    9d:b7:2c:1f:f4:9e:7f:72:a2:72:e2:71:05:15:0e:
                    95:96:20:94:a6:7b:8f:66:1e:d5:84:4a:af:5e:e9:
                    c8:1c:22:9a:d7:e1:ee:78:d5:92:a5:5a:3a:31:fb:
                    dd:80:f5:a9:d2:23:22:84:f5:c5:23:81:50:bd:e9:
                    18:49:37:63:e9:41:51:52:0a:e7:72:62:1a:f3:af:
                    a5:ea:eb:c9:02:20:e3:06:35:61:f5:c6:33:30:18:
                    eb:ad:1c:41:b9:26:65:dd:7d:08:ef:b8:e1:0c:06:
                    54:e3:05:dc:95:ed:09:93:cc:dd:4c:25:51:54:cf:
                    6a:af:c4:41:0d:90:43:2a:9d:40:1f:70:6e:c5:bc:
                    b4:8d:de:ff:58:3b:44:9c:1e:b8:e5:ef:9b:46:e6:
                    ee:d6:53:4c:87:e9:a9:0f:5d:d2:af:c8:13:0a:a9:
                    98:fe:91:7c:15:af:65:60:82:1a:7a:79:50:68:b8:
                    ef:97:dc:1e:81:73:36:05:90:fd:7e:c0:e1:70:5d:
                    01:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:6F:07:75:93:24:41:3F:27:B5:54:4B:15:F7:23:BF:BB:A6:8A:55
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:5a:d7:d4:6d:8d:89:23:c1:c9:ef:c2:24:a0:74:59:7b:12:
         d5:96:b1:8f:41:17:d7:26:2a:05:92:3c:72:d1:38:8d:36:d0:
         99:eb:e0:7b:21:f5:3d:c2:03:ef:64:0c:72:f2:62:21:85:1b:
         d2:fa:be:9d:e1:72:a3:4d:dd:99:1f:94:3d:92:fa:df:e1:7c:
         f0:44:b8:8e:1b:2c:04:9c:89:dc:8d:36:9e:1f:2f:99:f3:41:
         61:5c:f1:a1:2e:79:d3:7b:5a:2b:47:2e:4a:ba:97:b8:68:b7:
         1e:38:56:a8:02:d8:73:99:3d:bd:4d:31:f4:a3:fb:8c:9f:b0:
         04:fc:55:81:a6:72:d2:b5:ba:e2:3e:d4:ca:df:36:01:eb:fb:
         77:3f:18:98:9b:87:4b:f1:6b:91:91:e5:fe:12:a1:cf:25:15:
         b4:4a:f1:0b:65:30:e4:63:68:cf:20:65:06:e7:4d:a5:0c:69:
         63:94:ff:05:c1:2b:42:9d:6b:ed:c3:64:fe:36:91:7a:0c:29:
         55:6d:99:a4:71:87:ad:1f:53:58:50:e1:17:6d:1a:2c:cd:55:
         ab:40:9c:7d:ea:ef:b7:d4:56:0b:78:6f:f4:cc:2c:e4:25:cc:
         4f:28:7a:d5:b2:4e:c7:82:e1:b5:ed:7e:5a:d6:57:d0:e3:dc:
         92:3e:f9:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPmaJSlSfFErezWSsaU6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjUwNjE0MDcwMTM1WhcNMjUwNjE1MDcwMTM1WjAzMTEwLwYDVQQD
EyhmYjZmMDc3NTkzMjQ0MTNmMjdiNTU0NGIxNWY3MjNiZmJiYTY4YTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAV06/iFZlzCMJaaKgutoZZ0UW6m
16MZlnKt526hPpBauC4M1qN4vC3PFgF8HizRfxbS98OV/n4A8tCdtywf9J5/cqJy
4nEFFQ6VliCUpnuPZh7VhEqvXunIHCKa1+HueNWSpVo6MfvdgPWp0iMihPXFI4FQ
vekYSTdj6UFRUgrncmIa86+l6uvJAiDjBjVh9cYzMBjrrRxBuSZl3X0I77jhDAZU
4wXcle0Jk8zdTCVRVM9qr8RBDZBDKp1AH3Buxby0jd7/WDtEnB645e+bRubu1lNM
h+mpD13Sr8gTCqmY/pF8Fa9lYIIaenlQaLjvl9wegXM2BZD9fsDhcF0BOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtvB3WTJEE/J7VUSxX3I7+7popVMB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAFrX1G2N
iSPBye/CJKB0WXsS1Zaxj0EX1yYqBZI8ctE4jTbQmevgeyH1PcID72QMcvJiIYUb
0vq+neFyo03dmR+UPZL63+F88ES4jhssBJyJ3I02nh8vmfNBYVzxoS5503taK0cu
SrqXuGi3HjhWqALYc5k9vU0x9KP7jJ+wBPxVgaZy0rW64j7Uyt82Aev7dz8YmJuH
S/FrkZHl/hKhzyUVtErxC2Uw5GNozyBlBudNpQxpY5T/BcErQp1r7cNk/jaRegwp
VW2ZpHGHrR9TWFDhF20aLM1Vq0Ccfervt9RWC3hv9Mws5CXMTyh61bJOx4Lhte1+
WtZX0OPckj75dw==
-----END CERTIFICATE-----