Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
File:                     _oN5mWfs0ExTYUie5M-gmM5DaHE.mft (raw, json)
Hash identifier:          jFAcPiY3ucC5sb9d1qr0AMGHytXRupsJEn8oxqEQMSA=
Subject key identifier:   93:93:6E:EE:1D:ED:45:AE:E8:83:CA:C9:E7:0B:99:96:3F:51:AD:66
Authority key identifier: FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71
Certificate issuer:       /CN=fe83799967ecd04c5361489ee4cfa098ce436871
Certificate serial:       01976D3DA90000DD14E5E49A78C28AC4BD21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 07:00:46 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:46 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:46 +0000
Files and hashes:         1: _oN5mWfs0ExTYUie5M-gmM5DaHE.crl (hash: arR5le1lbPD35LZ+uvVvMsprDjQMKROGxhOZbh/s3Fg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:a9:00:00:dd:14:e5:e4:9a:78:c2:8a:c4:bd:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe83799967ecd04c5361489ee4cfa098ce436871
        Validity
            Not Before: Jun 14 07:00:46 2025 GMT
            Not After : Jun 15 07:00:46 2025 GMT
        Subject: CN=93936eee1ded45aee883cac9e70b99963f51ad66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:6e:97:cc:73:c0:d5:5b:5a:02:83:ba:22:55:
                    e9:a0:1b:a7:3c:00:8a:f6:16:eb:c5:b2:8b:a7:4e:
                    78:9b:9f:8f:c5:e9:52:c0:08:2d:9c:61:de:61:2d:
                    cd:7e:12:ab:8c:76:17:57:f5:c7:6d:26:fa:00:7a:
                    cc:f5:ea:e8:a3:bb:b3:51:93:92:19:ec:f7:c6:7c:
                    19:ec:21:89:a5:62:39:d9:a5:12:a6:ae:5e:87:ec:
                    06:e4:63:f4:cc:c2:76:e0:8c:45:8c:7c:4e:47:79:
                    79:4b:90:e8:4f:50:10:e8:9d:c1:a1:d0:d3:68:38:
                    d4:c6:25:bd:11:d2:ec:27:6c:de:28:65:8c:05:17:
                    fc:5f:de:a1:d1:ac:c6:04:a4:70:bc:e8:e2:c5:0f:
                    2e:9c:c0:31:11:86:4f:f3:50:ea:db:2b:00:6f:db:
                    fd:d1:1c:15:e5:6e:de:4c:16:df:e9:e3:ec:17:73:
                    10:13:66:93:2b:fc:95:8b:e3:70:b2:3f:cc:96:2d:
                    4a:64:19:94:cd:3a:67:0c:5e:c7:30:b0:70:f0:75:
                    45:55:9d:f1:56:80:c1:06:e1:23:ba:c4:66:f8:99:
                    2f:22:17:34:01:c7:29:db:2f:24:22:b3:a2:fa:de:
                    88:3c:89:5c:8d:1c:f0:f7:00:a5:8d:08:15:a7:9a:
                    4d:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:93:6E:EE:1D:ED:45:AE:E8:83:CA:C9:E7:0B:99:96:3F:51:AD:66
            X509v3 Authority Key Identifier:
                keyid:FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:97:2e:5f:a8:fe:94:98:2e:30:37:93:10:51:38:13:91:50:
         d0:96:9b:8e:92:1f:b3:b4:65:6a:a2:9a:1e:12:da:ca:66:09:
         8f:02:e8:49:f7:3d:cd:67:56:e9:44:83:ba:bd:dd:c8:a9:b4:
         b6:6c:26:fd:56:aa:90:63:ac:a6:a9:84:c3:9c:07:ac:c7:87:
         cc:49:cc:91:8c:ef:0d:fe:1a:dc:0b:0c:23:4f:db:3e:b5:02:
         25:59:fc:d0:72:c2:8b:2a:1b:d7:04:2b:2f:6d:2d:5b:80:8c:
         81:40:61:dd:c0:a4:83:7a:5b:ed:4c:f8:f4:70:b6:9c:38:11:
         21:66:34:b5:15:78:ca:ac:bc:f1:55:74:dc:4a:f6:9a:02:2c:
         45:3a:a2:b4:fe:fe:a4:9f:0b:90:f0:90:6e:1b:1d:ed:05:35:
         7b:7c:fa:49:91:f7:46:1d:0c:15:f3:34:58:bf:59:23:bf:ba:
         c4:8d:a3:93:9a:08:1b:43:e3:97:17:20:7e:98:a3:04:ed:38:
         cf:1d:56:b5:5d:92:91:86:cf:ca:63:d2:c2:a5:62:68:a5:e1:
         4a:a6:42:94:08:e1:d5:5a:4a:76:55:f0:27:da:ed:9e:d1:c7:
         c1:94:fe:92:29:bf:44:74:8f:af:fc:d3:ab:2a:46:af:58:b7:
         5e:a1:f2:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPakAAN0U5eSaeMKKxL0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODM3OTk5NjdlY2QwNGM1MzYxNDg5ZWU0Y2ZhMDk4Y2U0
MzY4NzEwHhcNMjUwNjE0MDcwMDQ2WhcNMjUwNjE1MDcwMDQ2WjAzMTEwLwYDVQQD
Eyg5MzkzNmVlZTFkZWQ0NWFlZTg4M2NhYzllNzBiOTk5NjNmNTFhZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW6XzHPA1VtaAoO6IlXpoBunPACK
9hbrxbKLp054m5+PxelSwAgtnGHeYS3NfhKrjHYXV/XHbSb6AHrM9eroo7uzUZOS
Gez3xnwZ7CGJpWI52aUSpq5eh+wG5GP0zMJ24IxFjHxOR3l5S5DoT1AQ6J3BodDT
aDjUxiW9EdLsJ2zeKGWMBRf8X96h0azGBKRwvOjixQ8unMAxEYZP81Dq2ysAb9v9
0RwV5W7eTBbf6ePsF3MQE2aTK/yVi+Nwsj/Mli1KZBmUzTpnDF7HMLBw8HVFVZ3x
VoDBBuEjusRm+JkvIhc0Accp2y8kIrOi+t6IPIlcjRzw9wCljQgVp5pNyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOTbu4d7UWu6IPKyecLmZY/Ua1mMB8GA1UdIwQY
MBaAFP6DeZln7NBMU2FInuTPoJjOQ2hxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYt
YzczYmVkY2RjYTZkLzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYtYzczYmVkY2RjYTZk
LzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG5cuX6j+
lJguMDeTEFE4E5FQ0JabjpIfs7RlaqKaHhLaymYJjwLoSfc9zWdW6USDur3dyKm0
tmwm/VaqkGOspqmEw5wHrMeHzEnMkYzvDf4a3AsMI0/bPrUCJVn80HLCiyob1wQr
L20tW4CMgUBh3cCkg3pb7Uz49HC2nDgRIWY0tRV4yqy88VV03Er2mgIsRTqitP7+
pJ8LkPCQbhsd7QU1e3z6SZH3Rh0MFfM0WL9ZI7+6xI2jk5oIG0PjlxcgfpijBO04
zx1WtV2SkYbPymPSwqViaKXhSqZClAjh1VpKdlXwJ9rtntHHwZT+kim/RHSPr/zT
qypGr1i3XqHywg==
-----END CERTIFICATE-----