Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
File:                     0NxXC8HJZLq37VbGc6pAUY-FRXg.mft (raw, json)
Hash identifier:          QyYu8bcj2uQBGF1gt+xbuWzOYJ5IR8iVAEBMjqYZhT4=
Subject key identifier:   B3:08:D9:40:85:C2:D5:6A:A8:A4:E0:5B:2E:F8:DE:E3:65:C4:E8:E0
Authority key identifier: D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78
Certificate issuer:       /CN=d0dc570bc1c964bab7ed56c673aa40518f854578
Certificate serial:       01976F2C1D4C01E0ACEFF222BE4929F083C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
Manifest number:          158E
Signing time:             Sat 14 Jun 2025 16:00:51 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:51 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:51 +0000
Files and hashes:         1: 0NxXC8HJZLq37VbGc6pAUY-FRXg.crl (hash: rxCr/+b6Y2DopJvzz4zfMOK3G/6Vie+FVNfxruJeSpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:1d:4c:01:e0:ac:ef:f2:22:be:49:29:f0:83:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0dc570bc1c964bab7ed56c673aa40518f854578
        Validity
            Not Before: Jun 14 16:00:51 2025 GMT
            Not After : Jun 15 16:00:51 2025 GMT
        Subject: CN=b308d94085c2d56aa8a4e05b2ef8dee365c4e8e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:22:8b:c8:a4:2e:fb:09:22:80:d0:e2:f8:bf:
                    94:e6:61:ff:21:5e:8f:2b:cb:2f:ee:3a:64:11:24:
                    f1:49:f0:ed:06:20:79:95:7e:c8:26:d5:5a:fd:2b:
                    bb:4b:17:43:ec:90:f0:ed:8e:cb:e2:69:fe:5c:4e:
                    1d:9e:2b:83:2c:68:cc:c4:2e:6a:cb:57:6c:6b:6c:
                    59:b4:63:aa:90:d4:9d:d3:de:39:fa:3f:7c:3e:59:
                    ab:1b:ac:f8:6f:0f:c8:dc:92:23:d5:68:f1:16:9f:
                    82:cb:35:7f:e0:e9:fd:44:53:3d:bd:58:95:bf:6d:
                    97:3f:39:f2:8d:7e:c0:cc:2a:9f:03:8b:5b:e7:ba:
                    fd:cb:8e:c5:03:f7:6d:b0:ab:66:c8:ae:db:c5:31:
                    9d:7a:2d:d9:1e:52:b4:ba:e9:31:e5:d1:85:29:3b:
                    b1:fb:a1:2e:16:d8:0e:44:7f:04:fa:6f:25:bf:09:
                    b8:16:4c:16:17:73:e5:5d:24:30:72:20:51:1a:cf:
                    e5:3a:28:73:de:bc:b0:43:b3:cd:01:11:03:e7:49:
                    24:f5:f6:00:84:73:f9:1d:41:89:b0:44:08:42:32:
                    16:7a:a1:3f:a1:06:24:48:c4:9d:1f:da:0c:ba:1f:
                    3a:f7:d6:f2:ca:0d:88:23:8c:d3:ac:d7:02:e0:e3:
                    c2:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:08:D9:40:85:C2:D5:6A:A8:A4:E0:5B:2E:F8:DE:E3:65:C4:E8:E0
            X509v3 Authority Key Identifier:
                keyid:D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:aa:f5:f6:84:f0:f3:93:92:b0:07:a7:2f:3d:ec:83:63:c3:
         11:82:82:e5:8b:02:64:ca:d0:e1:1d:51:3c:d2:2b:64:32:e0:
         68:ca:8b:9b:9b:ca:7b:a4:3d:45:b7:48:0b:c1:82:53:56:3a:
         77:9f:3d:38:ba:5e:77:62:f5:a7:9c:c1:1f:5b:f4:da:69:2a:
         e0:1c:c9:ad:40:9c:5d:6e:02:01:98:f8:a0:13:05:7e:f8:a6:
         c6:ab:ec:ad:58:e7:f7:89:2d:8b:1e:f8:40:b1:de:65:93:f3:
         05:11:71:51:d6:c9:55:ac:c1:4d:85:4f:4e:8e:2b:51:cf:2a:
         2f:af:2f:c6:09:2d:4c:6f:53:74:c6:30:5c:8c:06:ad:af:99:
         5d:80:1f:09:9a:85:b9:94:21:10:d4:94:10:0a:9c:f8:86:96:
         a7:82:44:ee:40:0c:02:46:9c:e3:38:f9:bc:9f:e7:95:3f:e1:
         8f:4e:a7:03:e5:00:89:2e:d3:10:77:9c:f3:1c:f1:bb:cd:4c:
         b5:da:4c:dc:b2:2e:65:39:03:f4:b5:0b:92:7c:14:1c:99:f1:
         41:b7:16:01:47:23:4f:47:1e:ea:31:5b:52:44:36:12:ae:8b:
         a1:cc:06:52:c3:3c:1b:4f:b6:78:c5:9a:d2:ec:5d:ea:35:8a:
         0c:c9:99:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLB1MAeCs7/Iivkkp8IPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZGM1NzBiYzFjOTY0YmFiN2VkNTZjNjczYWE0MDUxOGY4
NTQ1NzgwHhcNMjUwNjE0MTYwMDUxWhcNMjUwNjE1MTYwMDUxWjAzMTEwLwYDVQQD
EyhiMzA4ZDk0MDg1YzJkNTZhYThhNGUwNWIyZWY4ZGVlMzY1YzRlOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSKLyKQu+wkigNDi+L+U5mH/IV6P
K8sv7jpkESTxSfDtBiB5lX7IJtVa/Su7SxdD7JDw7Y7L4mn+XE4dniuDLGjMxC5q
y1dsa2xZtGOqkNSd0945+j98PlmrG6z4bw/I3JIj1WjxFp+CyzV/4On9RFM9vViV
v22XPznyjX7AzCqfA4tb57r9y47FA/dtsKtmyK7bxTGdei3ZHlK0uukx5dGFKTux
+6EuFtgORH8E+m8lvwm4FkwWF3PlXSQwciBRGs/lOihz3rywQ7PNARED50kk9fYA
hHP5HUGJsEQIQjIWeqE/oQYkSMSdH9oMuh8699byyg2II4zTrNcC4OPCmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMI2UCFwtVqqKTgWy743uNlxOjgMB8GA1UdIwQY
MBaAFNDcVwvByWS6t+1WxnOqQFGPhUV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2Yt
ZDM4ZGQwYjc4OTA5LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2YtZDM4ZGQwYjc4OTA5
LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADqr19oTw
85OSsAenLz3sg2PDEYKC5YsCZMrQ4R1RPNIrZDLgaMqLm5vKe6Q9RbdIC8GCU1Y6
d589OLped2L1p5zBH1v02mkq4BzJrUCcXW4CAZj4oBMFfvimxqvsrVjn94ktix74
QLHeZZPzBRFxUdbJVazBTYVPTo4rUc8qL68vxgktTG9TdMYwXIwGra+ZXYAfCZqF
uZQhENSUEAqc+IaWp4JE7kAMAkac4zj5vJ/nlT/hj06nA+UAiS7TEHec8xzxu81M
tdpM3LIuZTkD9LULknwUHJnxQbcWAUcjT0ce6jFbUkQ2Eq6LocwGUsM8G0+2eMWa
0uxd6jWKDMmZ+Q==
-----END CERTIFICATE-----