Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          SZYvPssvmUbg81DOaEFig3PuQshz5EMjhzT9KtdvXLA=
Subject key identifier:   B4:39:15:43:2D:E7:20:73:37:3D:AC:D9:E4:B7:4F:49:DF:8D:B0:63
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       01976997CD2D6D98D8559F6F8104A3352C24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          158D
Signing time:             Fri 13 Jun 2025 14:00:45 +0000
Manifest this update:     Fri 13 Jun 2025 14:00:45 +0000
Manifest next update:     Sat 14 Jun 2025 14:00:45 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: jmSlUMcZkf+k1y1PXdQ1A4uS9h9oj5ZccCpT2iOML78=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:97:cd:2d:6d:98:d8:55:9f:6f:81:04:a3:35:2c:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Jun 13 14:00:45 2025 GMT
            Not After : Jun 14 14:00:45 2025 GMT
        Subject: CN=b43915432de72073373dacd9e4b74f49df8db063
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ca:47:e0:e5:a8:04:4a:3a:3a:c7:fc:2f:bf:
                    d9:02:f2:df:bc:9c:1a:11:42:53:07:ac:c0:0f:a8:
                    ae:0f:93:53:34:8f:a0:10:25:6b:f9:17:6b:8c:99:
                    9c:6d:93:2b:26:f9:e8:c4:9b:ed:a5:87:19:59:49:
                    ea:67:44:0c:88:22:28:a4:2c:bf:61:e9:8c:de:94:
                    1a:8d:8c:56:d3:f9:ba:b9:e1:87:68:af:9e:f2:31:
                    ee:a1:81:a2:49:78:ea:fc:f9:9e:06:4f:d7:28:6d:
                    da:18:54:86:1b:1d:df:3d:1a:0f:5b:76:59:6b:2f:
                    bb:87:0a:58:78:3a:b5:55:8b:da:94:3f:79:44:4d:
                    f0:6b:a6:f4:4b:73:4b:64:65:d9:c1:57:b6:57:d1:
                    f3:df:52:c0:29:f0:4e:68:c4:cd:0f:4c:c2:49:83:
                    85:24:e3:08:e6:92:2b:20:80:0e:83:8d:9a:eb:f5:
                    f8:b7:92:b2:cd:cd:2b:77:0f:4f:8a:b5:90:7a:19:
                    90:bc:45:06:70:f2:1b:ea:c0:9a:43:50:df:c9:4b:
                    52:b6:f7:f5:da:f2:98:7e:ea:63:93:97:04:21:59:
                    92:6a:f1:e8:ec:69:02:7f:0e:8c:22:8e:df:22:d7:
                    f6:79:b9:38:c8:af:88:cc:88:ed:07:e4:7d:ba:92:
                    72:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:39:15:43:2D:E7:20:73:37:3D:AC:D9:E4:B7:4F:49:DF:8D:B0:63
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:70:13:b4:37:a7:6d:fc:d0:3c:0e:4f:fd:09:f6:93:d2:f9:
         1f:25:2f:63:a1:fb:5a:83:3c:be:a1:2c:d1:60:45:52:b4:ad:
         3f:73:6a:e3:33:bd:d1:6a:88:dd:74:db:1e:a6:30:79:f0:e4:
         37:c6:df:3a:89:b8:ca:23:c0:b6:02:0a:14:f5:11:ac:76:82:
         68:6a:d8:0c:5e:ad:ff:ef:88:bf:b8:31:ba:d2:5f:87:47:2e:
         67:1c:2d:6a:08:7b:32:4d:b7:19:17:76:a5:23:de:dd:63:a2:
         ba:d8:f8:15:95:39:c8:84:f2:1d:dd:57:aa:46:9a:f3:e4:22:
         40:df:ab:fa:74:0a:4a:8f:59:ce:aa:d0:c8:a6:4f:b2:ef:4f:
         21:b0:23:3d:5a:51:66:e0:a5:76:8d:86:2a:9c:24:fc:34:bd:
         37:5d:8c:a0:2b:9d:30:f8:11:ad:85:35:52:b8:5d:cf:0e:9d:
         f1:34:fb:de:ae:bb:47:ef:31:31:b2:a6:27:43:a1:60:15:86:
         ae:e2:81:aa:90:f5:07:37:49:78:02:09:d9:b0:18:a3:63:00:
         2b:48:7b:0f:ca:42:1a:0d:0f:20:20:34:82:e0:e8:3c:a0:03:
         21:2a:80:e3:52:c8:90:52:ad:d5:18:b1:d8:73:48:88:61:78:
         da:e0:d0:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpl80tbZjYVZ9vgQSjNSwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjUwNjEzMTQwMDQ1WhcNMjUwNjE0MTQwMDQ1WjAzMTEwLwYDVQQD
EyhiNDM5MTU0MzJkZTcyMDczMzczZGFjZDllNGI3NGY0OWRmOGRiMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuspH4OWoBEo6Osf8L7/ZAvLfvJwa
EUJTB6zAD6iuD5NTNI+gECVr+RdrjJmcbZMrJvnoxJvtpYcZWUnqZ0QMiCIopCy/
YemM3pQajYxW0/m6ueGHaK+e8jHuoYGiSXjq/PmeBk/XKG3aGFSGGx3fPRoPW3ZZ
ay+7hwpYeDq1VYvalD95RE3wa6b0S3NLZGXZwVe2V9Hz31LAKfBOaMTND0zCSYOF
JOMI5pIrIIAOg42a6/X4t5Kyzc0rdw9PirWQehmQvEUGcPIb6sCaQ1DfyUtStvf1
2vKYfupjk5cEIVmSavHo7GkCfw6MIo7fItf2ebk4yK+IzIjtB+R9upJyiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQ5FUMt5yBzNz2s2eS3T0nfjbBjMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFXATtDen
bfzQPA5P/Qn2k9L5HyUvY6H7WoM8vqEs0WBFUrStP3Nq4zO90WqI3XTbHqYwefDk
N8bfOom4yiPAtgIKFPURrHaCaGrYDF6t/++Iv7gxutJfh0cuZxwtagh7Mk23GRd2
pSPe3WOiutj4FZU5yITyHd1Xqkaa8+QiQN+r+nQKSo9ZzqrQyKZPsu9PIbAjPVpR
ZuCldo2GKpwk/DS9N12MoCudMPgRrYU1Urhdzw6d8TT73q67R+8xMbKmJ0OhYBWG
ruKBqpD1BzdJeAIJ2bAYo2MAK0h7D8pCGg0PICA0guDoPKADISqA41LIkFKt1Rix
2HNIiGF42uDQmw==
-----END CERTIFICATE-----