Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.mft
File:                     biMhBwGL_QMoH3lexopxGcWA7CU.mft (raw, json)
Hash identifier:          hkwZL/5GJRswVYBwRt4DV/W2YBAFkV2Rc2LJN/WcJk4=
Subject key identifier:   D3:CE:CF:D4:D1:E7:94:52:BC:8B:C3:04:C7:78:B8:04:99:AB:D2:D4
Authority key identifier: 6E:23:21:07:01:8B:FD:03:28:1F:79:5E:C6:8A:71:19:C5:80:EC:25
Certificate issuer:       /CN=6e232107018bfd03281f795ec68a7119c580ec25
Certificate serial:       01976C2B709628FBB2117D98D2A66133DCF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/biMhBwGL_QMoH3lexopxGcWA7CU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 02:01:15 +0000
Manifest this update:     Sat 14 Jun 2025 02:01:15 +0000
Manifest next update:     Sun 15 Jun 2025 02:01:15 +0000
Files and hashes:         1: biMhBwGL_QMoH3lexopxGcWA7CU.crl (hash: s/vCsACjuHbq+YFInY4U2oBNdl/HeZ2P88GDiujUHMQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/biMhBwGL_QMoH3lexopxGcWA7CU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2b:70:96:28:fb:b2:11:7d:98:d2:a6:61:33:dc:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e232107018bfd03281f795ec68a7119c580ec25
        Validity
            Not Before: Jun 14 02:01:15 2025 GMT
            Not After : Jun 15 02:01:15 2025 GMT
        Subject: CN=d3cecfd4d1e79452bc8bc304c778b80499abd2d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:81:fc:85:1a:4b:3c:cd:e9:40:30:27:c2:1f:
                    e1:6a:e3:17:e9:95:e0:e0:44:c1:02:f6:3e:68:8b:
                    85:c1:5e:71:81:85:59:45:15:19:43:9e:75:02:34:
                    06:74:25:71:49:bc:5c:2f:e7:b4:0c:57:bc:41:51:
                    9a:94:4e:2b:68:16:3c:2d:69:3c:06:85:95:fd:1a:
                    0a:2e:8c:a7:ef:00:86:0e:2b:15:0c:4e:57:eb:e2:
                    94:25:10:35:df:09:69:9e:2e:33:10:7d:c7:e4:66:
                    b3:db:ab:30:7f:e5:c7:f6:6a:b6:08:d1:ad:32:1c:
                    bb:73:33:09:4a:a1:c8:1d:15:82:91:09:79:6d:d6:
                    3e:49:c7:57:c3:45:34:34:1f:1b:5d:35:dd:4d:5b:
                    dc:8a:2c:5f:e9:5f:16:59:a1:52:cc:64:35:45:52:
                    86:2b:21:8a:df:44:6a:cb:7e:e7:c8:09:f4:74:02:
                    29:38:7c:aa:0e:f3:12:ed:b9:3c:55:13:41:60:32:
                    69:57:d2:90:df:42:6e:46:5f:b3:d8:33:07:87:91:
                    43:a6:fa:2d:d1:0b:92:c4:0e:0e:c1:fd:3c:0f:ab:
                    79:d6:74:5e:2a:ad:0e:4f:6a:44:75:a3:d9:e4:61:
                    79:b3:90:b5:ff:91:29:64:69:9a:96:00:89:09:68:
                    a5:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:CE:CF:D4:D1:E7:94:52:BC:8B:C3:04:C7:78:B8:04:99:AB:D2:D4
            X509v3 Authority Key Identifier:
                keyid:6E:23:21:07:01:8B:FD:03:28:1F:79:5E:C6:8A:71:19:C5:80:EC:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/biMhBwGL_QMoH3lexopxGcWA7CU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:cd:53:89:1d:be:d4:40:10:d2:af:88:1e:90:62:f8:21:8b:
         97:c9:70:3e:02:61:8e:cf:17:1c:32:55:09:9e:3b:9c:4f:0d:
         07:f3:89:c6:bc:46:31:f9:0a:61:13:24:98:8b:0d:c8:05:07:
         59:6d:6d:51:02:b1:20:52:30:be:da:29:f5:80:49:1f:ed:f4:
         87:cf:d8:79:9e:20:12:5a:7c:a1:77:99:4a:3d:b7:52:c8:62:
         eb:95:09:b4:e5:e3:5c:e9:bb:59:9f:a3:e7:e7:1a:2a:c8:4f:
         19:69:d8:38:16:c6:76:b9:3a:3c:27:97:3c:13:1d:2c:41:b6:
         c0:e6:d1:9a:78:eb:91:17:1d:45:d8:88:08:95:7e:f3:e1:b5:
         02:2c:56:1c:73:45:82:8d:61:e1:5d:94:83:41:b5:ca:91:69:
         38:b9:0e:19:e6:02:b1:8e:d3:69:81:33:48:e8:11:06:07:2f:
         9e:d4:07:51:46:6c:38:ac:2a:89:bd:9b:c9:84:39:cf:9f:f3:
         75:90:3a:d2:54:db:f2:f8:7b:34:a4:60:a7:56:6a:32:f9:81:
         3b:6f:20:17:07:24:6b:01:19:c3:fd:7e:26:79:3d:f6:e3:b7:
         82:87:ad:12:a8:11:dd:20:63:29:5a:17:6a:ac:83:db:44:77:
         60:99:84:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsK3CWKPuyEX2Y0qZhM9z2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMjMyMTA3MDE4YmZkMDMyODFmNzk1ZWM2OGE3MTE5YzU4
MGVjMjUwHhcNMjUwNjE0MDIwMTE1WhcNMjUwNjE1MDIwMTE1WjAzMTEwLwYDVQQD
EyhkM2NlY2ZkNGQxZTc5NDUyYmM4YmMzMDRjNzc4YjgwNDk5YWJkMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYH8hRpLPM3pQDAnwh/hauMX6ZXg
4ETBAvY+aIuFwV5xgYVZRRUZQ551AjQGdCVxSbxcL+e0DFe8QVGalE4raBY8LWk8
BoWV/RoKLoyn7wCGDisVDE5X6+KUJRA13wlpni4zEH3H5Gaz26swf+XH9mq2CNGt
Mhy7czMJSqHIHRWCkQl5bdY+ScdXw0U0NB8bXTXdTVvciixf6V8WWaFSzGQ1RVKG
KyGK30Rqy37nyAn0dAIpOHyqDvMS7bk8VRNBYDJpV9KQ30JuRl+z2DMHh5FDpvot
0QuSxA4Owf08D6t51nReKq0OT2pEdaPZ5GF5s5C1/5EpZGmalgCJCWilZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPOz9TR55RSvIvDBMd4uASZq9LUMB8GA1UdIwQY
MBaAFG4jIQcBi/0DKB95XsaKcRnFgOwlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmlNaEJ3R0xfUU1vSDNsZXhvcHhHY1dBN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9lNDc1M2MtNjU4Yi00ZDdjLThiM2Mt
YjEzODI5YTk4YzU3LzEvYmlNaEJ3R0xfUU1vSDNsZXhvcHhHY1dBN0NVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9lNDc1M2MtNjU4Yi00ZDdjLThiM2MtYjEzODI5YTk4YzU3
LzEvYmlNaEJ3R0xfUU1vSDNsZXhvcHhHY1dBN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbc1TiR2+
1EAQ0q+IHpBi+CGLl8lwPgJhjs8XHDJVCZ47nE8NB/OJxrxGMfkKYRMkmIsNyAUH
WW1tUQKxIFIwvtop9YBJH+30h8/YeZ4gElp8oXeZSj23Ushi65UJtOXjXOm7WZ+j
5+caKshPGWnYOBbGdrk6PCeXPBMdLEG2wObRmnjrkRcdRdiICJV+8+G1AixWHHNF
go1h4V2Ug0G1ypFpOLkOGeYCsY7TaYEzSOgRBgcvntQHUUZsOKwqib2byYQ5z5/z
dZA60lTb8vh7NKRgp1ZqMvmBO28gFwckawEZw/1+Jnk99uO3goetEqgR3SBjKVoX
aqyD20R3YJmEog==
-----END CERTIFICATE-----