Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File:                     Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier:          RjiUuDlRoAVsLMm+gAKtbooBp3EIeiIg2uUvv2Bd+xM=
Subject key identifier:   02:72:AF:E6:9C:B0:D8:E5:15:2C:D0:2A:5C:85:AA:7E:08:F9:12:10
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer:       /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial:       01976C2B69D7694707CF8C67ACBC628FDC30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 02:01:13 +0000
Manifest this update:     Sat 14 Jun 2025 02:01:13 +0000
Manifest next update:     Sun 15 Jun 2025 02:01:13 +0000
Files and hashes:         1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: K22La8KqM5fhOLKzCsx1nRwZDQ/ZYwHEknSCPyqqcMg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2b:69:d7:69:47:07:cf:8c:67:ac:bc:62:8f:dc:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
        Validity
            Not Before: Jun 14 02:01:13 2025 GMT
            Not After : Jun 15 02:01:13 2025 GMT
        Subject: CN=0272afe69cb0d8e5152cd02a5c85aa7e08f91210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:32:ff:b9:06:d1:fc:c1:e3:fc:12:ea:13:72:
                    47:a7:0c:d2:fd:03:f7:ab:38:f1:ba:5e:e3:ec:cd:
                    f3:16:e3:43:5b:8f:a1:23:50:d8:54:20:31:91:1c:
                    8f:73:44:a0:2e:42:a8:0d:ba:35:6d:6d:cd:20:02:
                    af:66:26:db:bc:ec:3e:a1:9a:f8:42:3f:41:2f:eb:
                    5e:56:e8:c3:7e:95:81:ef:cb:5a:4b:db:00:10:d6:
                    97:41:6a:77:5b:81:60:cb:e1:47:63:e6:83:bd:2f:
                    c1:93:c6:87:3e:45:e0:c4:34:ba:ac:1b:42:c7:6b:
                    39:fd:a5:1f:c5:04:76:49:ae:c8:9c:1d:a4:12:6c:
                    b2:dc:9a:e7:cd:bb:a0:94:ac:7f:b6:f7:d6:a5:8d:
                    c4:88:cc:f0:97:7c:69:39:19:34:31:2c:d8:10:e5:
                    ae:b2:aa:86:5b:dd:40:0c:23:1f:9c:30:02:37:73:
                    99:40:3f:1d:ca:4b:32:d6:ba:a7:ad:64:5f:78:85:
                    2f:68:05:b3:93:73:23:52:a1:97:7e:8f:53:03:3c:
                    31:d7:73:76:b8:8a:6b:46:36:1c:25:dd:01:d6:5d:
                    67:5a:8a:45:56:f7:57:49:60:4e:7a:83:d5:a9:1b:
                    b6:27:2c:20:83:31:dd:da:81:24:1b:ca:32:04:5c:
                    ae:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:72:AF:E6:9C:B0:D8:E5:15:2C:D0:2A:5C:85:AA:7E:08:F9:12:10
            X509v3 Authority Key Identifier:
                keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:f8:f3:8b:36:b8:b5:00:0e:20:56:29:0b:54:38:cb:e0:b4:
         be:a5:87:18:07:15:a0:34:3e:64:96:fb:88:e9:37:ee:cb:ee:
         f9:58:39:a6:f4:50:d9:c5:71:84:db:49:6e:d6:21:2c:f1:0d:
         28:c1:b3:97:80:6a:8d:04:75:60:e7:1c:a6:dd:7e:9d:b1:ec:
         de:84:e4:28:f1:09:c0:8a:12:4c:fb:23:78:49:05:69:92:41:
         fb:65:2a:2f:3d:63:b0:48:29:64:d9:0e:f1:06:d3:c6:52:3b:
         66:c3:51:b5:a4:5b:98:6e:90:09:e6:ed:9e:af:6a:9d:17:15:
         05:c3:25:b9:36:cd:f6:fc:d7:1d:9f:91:f0:28:9a:01:6e:21:
         ee:44:46:30:5a:8b:51:10:d5:75:2d:42:d7:4e:e8:93:96:32:
         46:24:80:62:1b:71:ca:1d:e9:4c:74:b2:c4:b0:8f:8a:89:92:
         69:cb:01:9a:ad:25:46:52:2e:7b:f4:e2:d1:ee:69:70:09:a3:
         63:99:dc:09:f1:f5:d3:4b:52:5f:a9:f7:35:d5:86:e2:67:11:
         8b:1a:bf:18:b2:1f:f4:31:f7:9c:cd:87:0c:4c:1e:bc:37:ed:
         9d:00:05:8f:f0:c1:67:e6:11:02:88:6f:85:dd:38:2a:5f:b9:
         40:22:cc:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsK2nXaUcHz4xnrLxij9wwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjUwNjE0MDIwMTEzWhcNMjUwNjE1MDIwMTEzWjAzMTEwLwYDVQQD
EygwMjcyYWZlNjljYjBkOGU1MTUyY2QwMmE1Yzg1YWE3ZTA4ZjkxMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDL/uQbR/MHj/BLqE3JHpwzS/QP3
qzjxul7j7M3zFuNDW4+hI1DYVCAxkRyPc0SgLkKoDbo1bW3NIAKvZibbvOw+oZr4
Qj9BL+teVujDfpWB78taS9sAENaXQWp3W4Fgy+FHY+aDvS/Bk8aHPkXgxDS6rBtC
x2s5/aUfxQR2Sa7InB2kEmyy3JrnzbuglKx/tvfWpY3EiMzwl3xpORk0MSzYEOWu
sqqGW91ADCMfnDACN3OZQD8dyksy1rqnrWRfeIUvaAWzk3MjUqGXfo9TAzwx13N2
uIprRjYcJd0B1l1nWopFVvdXSWBOeoPVqRu2JywggzHd2oEkG8oyBFyudQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJyr+acsNjlFSzQKlyFqn4I+RIQMB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhPjziza4
tQAOIFYpC1Q4y+C0vqWHGAcVoDQ+ZJb7iOk37svu+Vg5pvRQ2cVxhNtJbtYhLPEN
KMGzl4BqjQR1YOccpt1+nbHs3oTkKPEJwIoSTPsjeEkFaZJB+2UqLz1jsEgpZNkO
8QbTxlI7ZsNRtaRbmG6QCebtnq9qnRcVBcMluTbN9vzXHZ+R8CiaAW4h7kRGMFqL
URDVdS1C107ok5YyRiSAYhtxyh3pTHSyxLCPiomSacsBmq0lRlIue/Ti0e5pcAmj
Y5ncCfH100tSX6n3NdWG4mcRixq/GLIf9DH3nM2HDEwevDftnQAFj/DBZ+YRAohv
hd04Kl+5QCLM3w==
-----END CERTIFICATE-----