Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
File:                     16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft (raw, json)
Hash identifier:          ujmRp8yp0no01c7CV07UQCqQUcw7tEziWiTml5QZI7c=
Subject key identifier:   73:12:96:62:01:04:6D:22:73:C1:0A:09:24:FC:A5:33:70:D7:9C:6E
Authority key identifier: D7:A4:FF:66:3F:A6:71:5D:B0:C6:BF:E7:9A:92:87:EA:DA:6C:B3:E6
Certificate issuer:       /CN=d7a4ff663fa6715db0c6bfe79a9287eada6cb3e6
Certificate serial:       01976960B4690DF2BBFE8358787C8C30751F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 13:00:34 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:34 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:34 +0000
Files and hashes:         1: 16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl (hash: x8XV76mHEOx4yy/0B62TFKFJRSYaYpkQWy4mw4DSKfU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:60:b4:69:0d:f2:bb:fe:83:58:78:7c:8c:30:75:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7a4ff663fa6715db0c6bfe79a9287eada6cb3e6
        Validity
            Not Before: Jun 13 13:00:34 2025 GMT
            Not After : Jun 14 13:00:34 2025 GMT
        Subject: CN=7312966201046d2273c10a0924fca53370d79c6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:0b:f8:bc:82:9c:64:ba:09:2a:ae:09:87:d9:
                    da:aa:e7:90:10:f8:38:2d:45:81:ad:05:20:9c:51:
                    31:af:18:b3:c7:0e:a2:f2:2c:ad:6c:94:20:15:8f:
                    b2:0a:57:36:e6:04:79:12:2e:f5:13:12:17:6a:2a:
                    5a:5d:c1:61:cc:b1:38:7d:5f:b3:43:ce:2d:8d:3f:
                    4a:bd:cd:4d:b1:3b:23:a8:7b:65:66:c9:7e:b2:be:
                    13:90:b2:cb:f0:b3:ab:82:ba:2e:97:46:00:88:03:
                    f5:2b:47:c3:12:18:ad:68:d1:fa:67:34:73:69:e0:
                    c4:8d:ae:72:82:cb:eb:41:a9:38:f7:67:40:71:43:
                    c0:de:7b:31:87:ba:0c:9b:9a:40:81:89:24:e4:5f:
                    db:07:25:18:35:91:8a:88:a4:62:ce:68:22:bb:f4:
                    e7:39:81:94:e8:67:3a:40:60:8a:b5:ae:7f:46:88:
                    ba:e3:b4:de:5c:39:2f:fd:1f:48:98:f7:20:96:59:
                    2d:bf:91:34:52:50:26:6f:c5:39:d2:d8:2f:ea:cc:
                    ca:d9:87:49:98:73:e2:04:08:a6:8d:20:78:f6:1e:
                    2e:0c:12:c1:bc:1b:e5:ed:2c:28:4f:c2:ab:b9:a2:
                    0d:e1:b0:3f:91:c7:76:70:da:54:9f:9a:6b:c2:c2:
                    11:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:12:96:62:01:04:6D:22:73:C1:0A:09:24:FC:A5:33:70:D7:9C:6E
            X509v3 Authority Key Identifier:
                keyid:D7:A4:FF:66:3F:A6:71:5D:B0:C6:BF:E7:9A:92:87:EA:DA:6C:B3:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/16T_Zj-mcV2wxr_nmpKH6tpss-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0aab87-c85b-4a8a-9dc5-6ce67e0f2593/1/16T_Zj-mcV2wxr_nmpKH6tpss-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:82:02:c4:09:5c:ca:f5:6a:cf:56:40:85:97:ac:2b:dd:ea:
         ae:a4:76:32:8c:03:ca:ee:79:17:c2:ef:3e:42:68:c6:4b:11:
         39:7a:de:1b:3f:5f:ca:38:8f:3a:ae:c4:4e:c2:a2:55:d9:82:
         ca:cd:6d:15:c6:0c:b6:e1:b6:c7:90:b3:f8:74:77:5d:3e:f4:
         9f:36:ca:4d:28:bd:ce:04:56:a5:b3:f5:78:0a:9f:a8:e2:70:
         2c:a9:b3:33:f9:49:0b:61:7a:d1:09:9a:77:5e:22:2b:43:aa:
         80:33:a9:93:b7:4a:28:6c:23:4c:97:db:a5:45:8c:6b:a3:85:
         e6:25:34:d9:32:77:33:ba:d4:3c:36:5f:95:9d:49:10:f5:97:
         4c:9e:87:b5:7f:11:52:b4:85:76:25:5b:bb:c2:ab:64:79:8c:
         6b:84:64:fc:11:2b:bb:c0:ec:93:e2:1a:1f:e6:0c:5b:59:fc:
         06:e7:63:3b:fa:84:f5:54:af:10:f4:ae:3f:34:f9:8d:97:e5:
         47:a9:31:20:f7:71:10:24:a0:37:4c:d3:59:08:98:41:8d:22:
         7a:ed:39:e9:68:b1:f9:c1:8a:75:5a:81:b3:6d:66:82:88:26:
         b3:7d:db:31:6d:e5:8d:2a:f8:41:e4:ff:37:fd:54:e4:ce:66:
         81:54:4a:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYLRpDfK7/oNYeHyMMHUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3YTRmZjY2M2ZhNjcxNWRiMGM2YmZlNzlhOTI4N2VhZGE2
Y2IzZTYwHhcNMjUwNjEzMTMwMDM0WhcNMjUwNjE0MTMwMDM0WjAzMTEwLwYDVQQD
Eyg3MzEyOTY2MjAxMDQ2ZDIyNzNjMTBhMDkyNGZjYTUzMzcwZDc5YzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Qv4vIKcZLoJKq4Jh9naqueQEPg4
LUWBrQUgnFExrxizxw6i8iytbJQgFY+yClc25gR5Ei71ExIXaipaXcFhzLE4fV+z
Q84tjT9Kvc1NsTsjqHtlZsl+sr4TkLLL8LOrgroul0YAiAP1K0fDEhitaNH6ZzRz
aeDEja5ygsvrQak492dAcUPA3nsxh7oMm5pAgYkk5F/bByUYNZGKiKRizmgiu/Tn
OYGU6Gc6QGCKta5/Roi647TeXDkv/R9ImPcgllktv5E0UlAmb8U50tgv6szK2YdJ
mHPiBAimjSB49h4uDBLBvBvl7SwoT8KruaIN4bA/kcd2cNpUn5prwsIRYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMSlmIBBG0ic8EKCST8pTNw15xuMB8GA1UdIwQY
MBaAFNek/2Y/pnFdsMa/55qSh+rabLPmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8wYWFiODctYzg1Yi00YThhLTlkYzUt
NmNlNjdlMGYyNTkzLzEvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8wYWFiODctYzg1Yi00YThhLTlkYzUtNmNlNjdlMGYyNTkz
LzEvMTZUX1pqLW1jVjJ3eHJfbm1wS0g2dHBzcy1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa4ICxAlc
yvVqz1ZAhZesK93qrqR2MowDyu55F8LvPkJoxksROXreGz9fyjiPOq7ETsKiVdmC
ys1tFcYMtuG2x5Cz+HR3XT70nzbKTSi9zgRWpbP1eAqfqOJwLKmzM/lJC2F60Qma
d14iK0OqgDOpk7dKKGwjTJfbpUWMa6OF5iU02TJ3M7rUPDZflZ1JEPWXTJ6HtX8R
UrSFdiVbu8KrZHmMa4Rk/BEru8Dsk+IaH+YMW1n8BudjO/qE9VSvEPSuPzT5jZfl
R6kxIPdxECSgN0zTWQiYQY0ieu056Wix+cGKdVqBs21mgogms33bMW3ljSr4QeT/
N/1U5M5mgVRKtw==
-----END CERTIFICATE-----