Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
File:                     BaQevhJyohyuDqGzXcCD-taKXX0.mft (raw, json)
Hash identifier:          o8zKIxTbGmZLffAsN5S4iYzYv9i4gGQmuxKqXXeJbaA=
Subject key identifier:   FD:E9:5D:4C:AE:03:24:E8:33:A1:86:4A:27:A9:EE:B8:B5:4A:06:C9
Authority key identifier: 05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D
Certificate issuer:       /CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d
Certificate serial:       01976D3DEDD295A9D4C32169C2025FD91008
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 07:01:04 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:04 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:04 +0000
Files and hashes:         1: BaQevhJyohyuDqGzXcCD-taKXX0.crl (hash: sZIvLb2UUkQ7MWCgJFQMw/hC9YqF1U7rJFGR4+bvNtE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:ed:d2:95:a9:d4:c3:21:69:c2:02:5f:d9:10:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d
        Validity
            Not Before: Jun 14 07:01:04 2025 GMT
            Not After : Jun 15 07:01:04 2025 GMT
        Subject: CN=fde95d4cae0324e833a1864a27a9eeb8b54a06c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:fc:fd:e0:13:a5:f4:2a:87:22:85:36:29:90:
                    88:c0:15:cf:a5:84:0e:40:b3:31:a2:09:66:6b:93:
                    53:03:72:d8:76:ec:16:47:6d:df:d7:a1:e7:29:8e:
                    ff:eb:d6:0b:cc:f5:5b:be:0b:ce:3b:65:70:c3:ce:
                    79:07:5b:3f:75:ee:1f:6c:ee:45:84:7a:d7:eb:c5:
                    14:a7:7c:0e:e9:59:bf:c4:80:7a:0d:24:e4:94:37:
                    c6:b8:ae:b4:02:68:0f:63:5f:93:32:ba:aa:43:73:
                    1c:5d:85:e4:6b:d5:a0:a1:ee:31:14:9f:6c:2d:3b:
                    04:79:64:e8:47:83:52:5a:2e:cf:ed:f2:b8:54:e4:
                    ed:28:bb:55:18:ba:b0:a7:fd:34:4b:8a:a8:75:1f:
                    69:0a:ee:29:4c:3a:ef:ef:7a:b7:b4:81:b3:41:ca:
                    c8:55:82:eb:4c:3a:6d:70:03:08:cd:31:5b:bc:b7:
                    75:78:69:9e:4d:1b:37:d7:d5:60:d0:e2:35:d9:fe:
                    d4:8d:3d:a7:53:1d:37:56:21:03:8e:cb:22:fe:72:
                    93:19:a3:83:e3:56:a9:a2:59:4f:ad:94:d8:84:7a:
                    cd:6b:b0:fd:f4:69:f8:a8:7f:b6:e3:01:78:e2:be:
                    63:d1:41:3d:31:f6:17:22:6a:8f:90:7e:03:f4:84:
                    45:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:E9:5D:4C:AE:03:24:E8:33:A1:86:4A:27:A9:EE:B8:B5:4A:06:C9
            X509v3 Authority Key Identifier:
                keyid:05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:9c:ab:1b:f6:3c:65:92:f2:cf:92:12:67:75:74:8f:d4:4c:
         f3:34:79:6f:6d:04:71:02:10:b6:54:ac:99:d0:f6:f2:46:40:
         84:ba:1d:e5:be:5e:33:ad:be:37:e0:40:09:9f:55:99:94:0a:
         78:4d:fe:fc:d9:48:ba:b0:9a:94:07:6e:a2:a5:f4:fa:70:f2:
         74:65:21:6d:0f:f3:20:cf:bf:ff:28:d0:9d:f9:16:86:dd:a8:
         f4:01:90:37:ca:62:f4:55:a7:c2:ed:ed:c2:da:ad:7d:65:a2:
         a4:15:59:02:ee:62:c1:91:aa:c9:f7:b6:2b:f6:d5:05:70:50:
         46:71:11:3e:73:79:a4:d5:04:b6:3d:46:91:17:cf:2a:da:8b:
         65:21:21:6c:66:9f:1e:ef:82:2f:57:a0:ff:4f:90:f0:d6:75:
         aa:23:dd:77:99:ac:e5:37:0f:7c:f6:a9:a1:e8:67:f8:ed:2e:
         6a:cd:58:be:60:d9:d2:96:38:01:d1:6c:e4:7b:36:5b:0f:91:
         b3:27:00:60:df:56:bb:67:99:c1:a8:98:47:58:15:20:54:b1:
         d2:0d:f3:95:70:4b:1a:c7:6d:04:9c:f5:49:f7:ea:b8:81:fa:
         c4:db:98:a3:a9:e2:93:9a:d7:11:71:b0:16:7c:3c:c3:c2:0e:
         54:38:bc:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPe3SlanUwyFpwgJf2RAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YTQxZWJlMTI3MmEyMWNhZTBlYTFiMzVkYzA4M2ZhZDY4
YTVkN2QwHhcNMjUwNjE0MDcwMTA0WhcNMjUwNjE1MDcwMTA0WjAzMTEwLwYDVQQD
EyhmZGU5NWQ0Y2FlMDMyNGU4MzNhMTg2NGEyN2E5ZWViOGI1NGEwNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fz94BOl9CqHIoU2KZCIwBXPpYQO
QLMxoglma5NTA3LYduwWR23f16HnKY7/69YLzPVbvgvOO2Vww855B1s/de4fbO5F
hHrX68UUp3wO6Vm/xIB6DSTklDfGuK60AmgPY1+TMrqqQ3McXYXka9Wgoe4xFJ9s
LTsEeWToR4NSWi7P7fK4VOTtKLtVGLqwp/00S4qodR9pCu4pTDrv73q3tIGzQcrI
VYLrTDptcAMIzTFbvLd1eGmeTRs319Vg0OI12f7UjT2nUx03ViEDjssi/nKTGaOD
41apollPrZTYhHrNa7D99Gn4qH+24wF44r5j0UE9MfYXImqPkH4D9IRFkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3pXUyuAyToM6GGSiep7ri1SgbJMB8GA1UdIwQY
MBaAFAWkHr4ScqIcrg6hs13Ag/rWil19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAt
MTY3ODMxNjEzMTQ1LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAtMTY3ODMxNjEzMTQ1
LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOJyrG/Y8
ZZLyz5ISZ3V0j9RM8zR5b20EcQIQtlSsmdD28kZAhLod5b5eM62+N+BACZ9VmZQK
eE3+/NlIurCalAduoqX0+nDydGUhbQ/zIM+//yjQnfkWht2o9AGQN8pi9FWnwu3t
wtqtfWWipBVZAu5iwZGqyfe2K/bVBXBQRnERPnN5pNUEtj1GkRfPKtqLZSEhbGaf
Hu+CL1eg/0+Q8NZ1qiPdd5ms5TcPfPapoehn+O0uas1YvmDZ0pY4AdFs5Hs2Ww+R
sycAYN9Wu2eZwaiYR1gVIFSx0g3zlXBLGsdtBJz1SffquIH6xNuYo6nik5rXEXGw
Fnw8w8IOVDi89Q==
-----END CERTIFICATE-----