Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File:                     u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier:          oPM3zXRIjunV9IRNPX/vmZloaYiGvNu/zmfiWZhSye4=
Subject key identifier:   6C:1D:18:40:21:09:A9:6F:6F:B5:96:2A:43:EE:6F:78:E6:86:2A:AF
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer:       /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial:       01976D3DEEAF2023C6F268C2E48CCBF1CD07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 07:01:04 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:04 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:04 +0000
Files and hashes:         1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: 8VdPJyG/w8S7rDf8Oru/nRIxMnm6cNZZ1to9AX/bYw4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:ee:af:20:23:c6:f2:68:c2:e4:8c:cb:f1:cd:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
        Validity
            Not Before: Jun 14 07:01:04 2025 GMT
            Not After : Jun 15 07:01:04 2025 GMT
        Subject: CN=6c1d18402109a96f6fb5962a43ee6f78e6862aaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:49:75:e1:de:ee:1f:21:36:d8:f6:ed:d4:98:
                    3c:c2:63:4c:ec:0a:6b:1d:07:83:be:73:71:3b:e0:
                    3a:a9:1c:be:d4:6d:c4:71:ef:83:48:97:85:50:10:
                    67:8c:55:8b:9c:fe:99:48:5d:21:ae:3e:a1:2c:c3:
                    78:f4:45:33:30:5d:b2:7a:75:25:3f:46:04:a3:af:
                    9b:88:05:fe:66:c4:79:df:37:6d:79:4a:11:0a:e6:
                    dd:52:e5:12:cf:5e:8b:61:83:26:6e:1e:98:42:88:
                    5d:a3:58:94:3e:64:70:18:74:4a:18:7d:98:07:de:
                    b7:3b:cd:db:fb:46:6e:aa:39:34:a8:a9:0f:58:74:
                    34:b1:e7:19:68:1c:b3:22:95:5c:0e:d9:61:4c:bf:
                    ec:4d:2b:7c:5c:80:7d:92:ca:75:2b:45:d6:d3:de:
                    24:bb:32:89:73:de:f3:e7:3c:97:aa:ba:fb:eb:af:
                    c3:a8:1e:b0:bb:6e:3a:33:e8:eb:25:b7:8f:72:9b:
                    0a:25:67:bb:1e:b4:f2:05:40:44:97:9b:8c:17:68:
                    aa:5f:ce:ec:9e:26:c6:d8:ec:b3:6a:26:d2:2a:ec:
                    af:b0:bd:49:dd:72:7c:3b:97:30:a1:d2:e0:8f:dc:
                    8f:8c:9a:4b:e6:b9:77:22:1c:16:a8:6a:78:f8:72:
                    30:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:1D:18:40:21:09:A9:6F:6F:B5:96:2A:43:EE:6F:78:E6:86:2A:AF
            X509v3 Authority Key Identifier:
                keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:9e:1f:05:68:d3:fd:27:e1:d7:53:0b:33:ac:0f:a2:07:fe:
         2f:a5:85:1e:6c:f9:c6:ce:93:5a:b9:ca:cf:7d:11:c1:f2:3e:
         6b:8f:ab:14:8b:cb:48:3e:3b:80:ff:f3:da:8c:77:13:75:dd:
         02:d4:85:26:af:da:08:d3:02:4b:d5:70:8b:fa:92:2d:27:ba:
         3c:bc:1d:a8:20:ce:be:b3:3a:7e:85:2c:b9:6c:4d:ee:ea:e3:
         d5:61:ca:5e:ca:ea:57:43:c5:1b:09:06:53:7b:34:19:47:e6:
         58:61:af:b7:02:6b:66:3f:7b:e9:17:a5:50:ef:e0:1f:b3:ef:
         38:a8:2d:d7:ae:5b:9c:cd:5a:fe:c5:02:12:a0:84:d6:ba:e4:
         4e:65:1c:20:92:a3:ad:83:8e:5e:d7:1e:71:81:b6:86:fa:6b:
         ec:60:6a:99:b2:56:e1:c5:74:66:49:48:1b:fc:24:8f:54:ae:
         96:3a:c5:cb:c9:fd:89:15:d1:d6:c7:61:25:ea:9c:ff:be:5e:
         d4:3e:62:40:f4:b0:0b:24:e1:68:2a:e1:4d:58:cc:a8:15:57:
         9c:1d:4f:62:d1:01:e4:d1:73:01:b4:a7:1b:cb:54:94:dc:73:
         ca:ac:ec:12:35:1e:8c:66:33:02:5c:3a:81:a8:8e:30:c3:21:
         7a:8c:a6:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPe6vICPG8mjC5IzL8c0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjUwNjE0MDcwMTA0WhcNMjUwNjE1MDcwMTA0WjAzMTEwLwYDVQQD
Eyg2YzFkMTg0MDIxMDlhOTZmNmZiNTk2MmE0M2VlNmY3OGU2ODYyYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEl14d7uHyE22Pbt1Jg8wmNM7Apr
HQeDvnNxO+A6qRy+1G3Ece+DSJeFUBBnjFWLnP6ZSF0hrj6hLMN49EUzMF2yenUl
P0YEo6+biAX+ZsR53zdteUoRCubdUuUSz16LYYMmbh6YQohdo1iUPmRwGHRKGH2Y
B963O83b+0Zuqjk0qKkPWHQ0secZaByzIpVcDtlhTL/sTSt8XIB9ksp1K0XW094k
uzKJc97z5zyXqrr766/DqB6wu246M+jrJbePcpsKJWe7HrTyBUBEl5uMF2iqX87s
nibG2OyzaibSKuyvsL1J3XJ8O5cwodLgj9yPjJpL5rl3IhwWqGp4+HIwBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGwdGEAhCalvb7WWKkPub3jmhiqvMB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPJ4fBWjT
/Sfh11MLM6wPogf+L6WFHmz5xs6TWrnKz30RwfI+a4+rFIvLSD47gP/z2ox3E3Xd
AtSFJq/aCNMCS9Vwi/qSLSe6PLwdqCDOvrM6foUsuWxN7urj1WHKXsrqV0PFGwkG
U3s0GUfmWGGvtwJrZj976RelUO/gH7PvOKgt165bnM1a/sUCEqCE1rrkTmUcIJKj
rYOOXtcecYG2hvpr7GBqmbJW4cV0ZklIG/wkj1SuljrFy8n9iRXR1sdhJeqc/75e
1D5iQPSwCyThaCrhTVjMqBVXnB1PYtEB5NFzAbSnG8tUlNxzyqzsEjUejGYzAlw6
gaiOMMMheoymQA==
-----END CERTIFICATE-----