Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          PxDZT/ySEIhlLwfQTgspjLaj1MzNzaGyjF9iS5ov2Gs=
Subject key identifier:   0D:24:19:F0:45:00:E3:07:CC:81:E3:6D:3E:66:0A:1C:9F:29:26:A4
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       0197718854251F77CC346F3D0582AE32F902
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          158E
Signing time:             Sun 15 Jun 2025 03:00:49 +0000
Manifest this update:     Sun 15 Jun 2025 03:00:49 +0000
Manifest next update:     Mon 16 Jun 2025 03:00:49 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: eQwN+zWwPb6Sy301iDYkZiAWTDx2k7bw8hFiaiVNtzs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:88:54:25:1f:77:cc:34:6f:3d:05:82:ae:32:f9:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Jun 15 03:00:49 2025 GMT
            Not After : Jun 16 03:00:49 2025 GMT
        Subject: CN=0d2419f04500e307cc81e36d3e660a1c9f2926a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9b:10:47:6b:e1:90:df:67:77:15:48:bc:d9:
                    4f:96:cd:f9:ca:5b:dd:7e:11:25:e1:9e:67:84:fa:
                    91:ab:da:34:89:c1:7c:91:ff:c6:88:61:7b:57:a1:
                    ca:c3:77:50:c8:17:1e:af:a6:4e:5d:c5:06:78:a7:
                    7c:7d:b0:0c:2c:87:b8:da:11:fb:14:aa:a8:b6:ff:
                    83:89:64:e0:4b:7e:97:82:67:09:b0:95:c0:8e:a9:
                    12:a6:e1:38:9f:33:4c:3c:d2:1d:d3:50:b9:c9:22:
                    f1:dd:c7:67:f4:9e:10:47:2d:11:3e:a1:c3:ef:17:
                    f5:4f:c5:f5:d5:b8:82:f8:7d:62:e6:91:b6:10:20:
                    0a:75:2e:53:ad:b2:60:03:9d:a2:cf:fe:f2:98:20:
                    c5:13:4a:81:6e:b4:a0:da:07:cc:81:4e:ec:8a:13:
                    42:32:a1:2a:24:9d:4d:1e:ec:27:b0:36:a5:82:07:
                    ca:ed:3c:8d:5f:18:81:f1:4a:7f:f2:c2:4c:3f:b2:
                    21:61:5b:d5:07:3e:1a:a7:c0:a4:b9:c0:41:3c:33:
                    8b:47:f2:90:9f:02:5e:90:eb:c8:54:c5:81:39:a6:
                    f0:16:9a:6d:e0:c7:3a:37:7d:25:33:11:87:97:cd:
                    79:c7:18:81:3b:72:24:e5:a6:06:91:02:35:41:f4:
                    a8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:24:19:F0:45:00:E3:07:CC:81:E3:6D:3E:66:0A:1C:9F:29:26:A4
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:a0:6f:ae:10:25:2e:fb:89:91:92:7e:97:ed:47:aa:dc:ac:
         a8:0a:1c:6b:32:d3:e5:1c:b7:dd:6c:30:5f:7b:b3:a9:05:f8:
         f3:32:83:b1:3c:31:c2:bf:9c:c9:28:87:24:00:ce:25:b9:f7:
         89:78:24:1e:91:80:b9:2c:04:a5:25:7a:25:00:5c:b8:47:fc:
         3d:29:43:00:45:08:b3:0c:31:79:e6:69:21:b0:26:24:d3:e7:
         fa:94:17:70:95:47:d4:ca:4c:81:9e:d7:7e:d8:07:d2:d5:05:
         8e:13:ec:43:71:e0:7f:df:70:96:f2:d7:a5:04:de:7c:2a:79:
         d8:f6:45:b0:47:5a:d0:7d:ea:ad:55:4c:2c:3c:f7:1f:f2:21:
         a3:2e:a2:f5:3a:5a:22:58:59:b3:7a:32:66:10:06:e0:87:39:
         a4:72:9d:91:e2:b1:5b:3c:f7:39:dc:c1:19:9a:a4:26:7d:c6:
         a7:fd:fb:a9:5f:87:0f:2d:46:a0:d1:4a:0d:1c:32:95:a5:1a:
         da:13:8b:18:dc:47:4d:d0:2d:00:4d:b4:c7:29:58:7d:5a:2e:
         6e:56:5e:e7:4e:1b:10:57:bb:d7:ca:d4:cc:f6:7a:8d:5e:af:
         cb:f4:3c:67:14:5e:f0:ae:32:1a:c4:19:5a:2c:e9:9e:cf:43:
         45:61:60:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxiFQlH3fMNG89BYKuMvkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjUwNjE1MDMwMDQ5WhcNMjUwNjE2MDMwMDQ5WjAzMTEwLwYDVQQD
EygwZDI0MTlmMDQ1MDBlMzA3Y2M4MWUzNmQzZTY2MGExYzlmMjkyNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpsQR2vhkN9ndxVIvNlPls35ylvd
fhEl4Z5nhPqRq9o0icF8kf/GiGF7V6HKw3dQyBcer6ZOXcUGeKd8fbAMLIe42hH7
FKqotv+DiWTgS36XgmcJsJXAjqkSpuE4nzNMPNId01C5ySLx3cdn9J4QRy0RPqHD
7xf1T8X11biC+H1i5pG2ECAKdS5TrbJgA52iz/7ymCDFE0qBbrSg2gfMgU7sihNC
MqEqJJ1NHuwnsDalggfK7TyNXxiB8Up/8sJMP7IhYVvVBz4ap8CkucBBPDOLR/KQ
nwJekOvIVMWBOabwFppt4Mc6N30lMxGHl815xxiBO3Ik5aYGkQI1QfSoPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0kGfBFAOMHzIHjbT5mChyfKSakMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKqBvrhAl
LvuJkZJ+l+1HqtysqAocazLT5Ry33WwwX3uzqQX48zKDsTwxwr+cySiHJADOJbn3
iXgkHpGAuSwEpSV6JQBcuEf8PSlDAEUIswwxeeZpIbAmJNPn+pQXcJVH1MpMgZ7X
ftgH0tUFjhPsQ3Hgf99wlvLXpQTefCp52PZFsEda0H3qrVVMLDz3H/Ihoy6i9Tpa
IlhZs3oyZhAG4Ic5pHKdkeKxWzz3OdzBGZqkJn3Gp/37qV+HDy1GoNFKDRwylaUa
2hOLGNxHTdAtAE20xylYfVoublZe504bEFe718rUzPZ6jV6vy/Q8ZxRe8K4yGsQZ
Wizpns9DRWFgng==
-----END CERTIFICATE-----