Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft
File:                     vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft (raw, json)
Hash identifier:          FqALSPSQd0itLqxfOtqyaP3e1E77PSapKmuRhp3w61E=
Subject key identifier:   9F:53:9C:C9:8F:68:E9:22:42:03:04:89:8A:A0:14:D2:E1:E5:23:A1
Authority key identifier: BC:77:CB:89:64:C4:ED:60:14:48:A4:36:86:85:BF:08:DC:B5:E1:F4
Certificate issuer:       /CN=bc77cb8964c4ed601448a4368685bf08dcb5e1f4
Certificate serial:       0197827C232AB92E1572C697FD7BA58B9B91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft
Manifest number:          159A
Signing time:             Wed 18 Jun 2025 10:01:02 +0000
Manifest this update:     Wed 18 Jun 2025 10:01:02 +0000
Manifest next update:     Thu 19 Jun 2025 10:01:02 +0000
Files and hashes:         1: vHfLiWTE7WAUSKQ2hoW_CNy14fQ.crl (hash: ahkZmC3efsl++rkQULF0H7aqLWyTlNA8l2EUshNCOb8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:82:7c:23:2a:b9:2e:15:72:c6:97:fd:7b:a5:8b:9b:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc77cb8964c4ed601448a4368685bf08dcb5e1f4
        Validity
            Not Before: Jun 18 10:01:02 2025 GMT
            Not After : Jun 19 10:01:02 2025 GMT
        Subject: CN=9f539cc98f68e922420304898aa014d2e1e523a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:56:ee:8c:66:93:f0:58:ec:65:7a:d6:97:1e:
                    f9:a9:d8:e5:7f:32:27:f2:0c:38:73:30:4c:91:46:
                    0f:10:83:a9:0a:0d:a5:0a:ec:53:6d:5e:24:12:b4:
                    5c:be:8a:18:b8:cc:94:c8:f8:9e:28:23:b8:24:cf:
                    90:1a:8c:57:05:6e:c4:33:d2:1a:2c:0c:2f:00:ad:
                    57:70:c0:0b:fb:5a:50:44:31:dc:1d:7f:79:b8:2c:
                    42:13:af:b6:a1:7c:c1:d4:a4:0b:bf:3e:7d:1d:4d:
                    ed:c4:84:53:2b:8c:d3:d0:8b:5c:e6:a4:a3:74:cc:
                    f4:15:8b:26:27:33:fd:b0:99:39:ef:84:0d:d9:c2:
                    5f:9d:d7:f9:38:ee:8f:f4:5b:74:80:91:1b:5d:ec:
                    08:25:d2:95:cd:ab:1c:70:a1:54:ef:ea:8c:c7:1f:
                    b1:6f:dd:8d:3c:61:52:ec:66:5f:5a:1a:f5:13:72:
                    f2:e4:0a:59:a4:ac:d5:29:64:d1:e3:48:cf:25:c7:
                    c2:02:8c:b7:68:a5:89:14:d7:62:6f:e7:1a:69:da:
                    94:6d:c5:1a:f8:a2:d1:f3:fe:0a:ae:3e:c7:13:5e:
                    ad:50:1f:a2:3c:67:51:f9:e3:35:af:0a:2d:5a:12:
                    9a:75:6c:f4:85:68:11:cf:e3:b3:4c:f6:31:b2:15:
                    d3:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:53:9C:C9:8F:68:E9:22:42:03:04:89:8A:A0:14:D2:E1:E5:23:A1
            X509v3 Authority Key Identifier:
                keyid:BC:77:CB:89:64:C4:ED:60:14:48:A4:36:86:85:BF:08:DC:B5:E1:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:eb:80:42:4c:9a:77:26:14:dd:43:22:ed:02:b6:cf:bf:35:
         b9:32:5f:dc:ea:34:71:57:63:4b:d9:50:95:3a:3b:e5:32:a8:
         81:e6:98:e2:68:3e:bf:92:5e:a3:4d:87:33:7a:9a:61:c0:ef:
         25:3f:55:28:8f:e2:0e:c8:9e:e4:dd:47:d6:6a:30:0f:3c:06:
         2b:80:c6:dc:dc:56:99:65:4c:2e:0e:33:ea:e2:fc:b0:0c:cc:
         37:37:6e:e6:46:75:ce:64:28:00:df:25:db:cc:cc:45:33:cd:
         da:0a:d0:07:d6:e2:93:a5:a7:98:6a:9d:0e:d8:1e:85:b5:44:
         d7:4f:2a:f2:01:f2:eb:1d:fd:75:82:dd:30:98:b5:ec:ed:df:
         1f:d6:55:c2:cc:b8:5a:de:94:ed:be:cf:2b:3d:de:48:65:57:
         2c:0a:7c:81:d8:2c:19:a9:ac:1c:76:74:0c:16:8b:7f:eb:45:
         4d:f2:1d:19:0c:dc:94:fe:2c:14:97:ee:fd:1f:06:95:0e:af:
         74:99:cb:e4:02:dd:6a:b7:c9:d3:d8:c8:9e:f6:27:0c:69:1d:
         df:9c:ee:b5:74:4f:47:4c:5e:50:c3:a6:00:ec:a7:e0:36:37:
         55:a7:66:43:59:6e:e6:77:eb:1f:dd:17:e4:ad:7b:83:0f:90:
         35:c8:7c:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeCfCMquS4VcsaX/Xuli5uRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNzdjYjg5NjRjNGVkNjAxNDQ4YTQzNjg2ODViZjA4ZGNi
NWUxZjQwHhcNMjUwNjE4MTAwMTAyWhcNMjUwNjE5MTAwMTAyWjAzMTEwLwYDVQQD
Eyg5ZjUzOWNjOThmNjhlOTIyNDIwMzA0ODk4YWEwMTRkMmUxZTUyM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolbujGaT8FjsZXrWlx75qdjlfzIn
8gw4czBMkUYPEIOpCg2lCuxTbV4kErRcvooYuMyUyPieKCO4JM+QGoxXBW7EM9Ia
LAwvAK1XcMAL+1pQRDHcHX95uCxCE6+2oXzB1KQLvz59HU3txIRTK4zT0Itc5qSj
dMz0FYsmJzP9sJk574QN2cJfndf5OO6P9Ft0gJEbXewIJdKVzasccKFU7+qMxx+x
b92NPGFS7GZfWhr1E3Ly5ApZpKzVKWTR40jPJcfCAoy3aKWJFNdib+caadqUbcUa
+KLR8/4Krj7HE16tUB+iPGdR+eM1rwotWhKadWz0hWgRz+OzTPYxshXTwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9TnMmPaOkiQgMEiYqgFNLh5SOhMB8GA1UdIwQY
MBaAFLx3y4lkxO1gFEikNoaFvwjcteH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkhmTGlXVEU3V0FVU0tRMmhvV19DTnkxNGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jNzVlMTYtNjY0Ny00MDdhLWEyMDEt
ZDAzMjdkZjAyNjI4LzEvdkhmTGlXVEU3V0FVU0tRMmhvV19DTnkxNGZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jNzVlMTYtNjY0Ny00MDdhLWEyMDEtZDAzMjdkZjAyNjI4
LzEvdkhmTGlXVEU3V0FVU0tRMmhvV19DTnkxNGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW+uAQkya
dyYU3UMi7QK2z781uTJf3Oo0cVdjS9lQlTo75TKogeaY4mg+v5Jeo02HM3qaYcDv
JT9VKI/iDsie5N1H1mowDzwGK4DG3NxWmWVMLg4z6uL8sAzMNzdu5kZ1zmQoAN8l
28zMRTPN2grQB9bik6WnmGqdDtgehbVE108q8gHy6x39dYLdMJi17O3fH9ZVwsy4
Wt6U7b7PKz3eSGVXLAp8gdgsGamsHHZ0DBaLf+tFTfIdGQzclP4sFJfu/R8GlQ6v
dJnL5ALdarfJ09jInvYnDGkd35zutXRPR0xeUMOmAOyn4DY3VadmQ1lu5nfrH90X
5K17gw+QNch8yQ==
-----END CERTIFICATE-----