Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          BQ8387pw7GMVVrfsFN12rt9IHqS3mSlQdTx1ZHLFF+k=
Subject key identifier:   5B:15:58:9D:E2:8C:51:AF:58:2B:FC:8C:F3:98:27:52:7B:C4:5E:51
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       01976F2BB35D360308D09AB9107904F84DCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 16:00:24 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:24 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:24 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: VcCyBX3wifF5f3hmijPIxqZECedT4nD2T7BuVE37DnM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:b3:5d:36:03:08:d0:9a:b9:10:79:04:f8:4d:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Jun 14 16:00:24 2025 GMT
            Not After : Jun 15 16:00:24 2025 GMT
        Subject: CN=5b15589de28c51af582bfc8cf39827527bc45e51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ca:65:36:0d:f7:8e:a5:dc:30:4c:39:38:8b:
                    95:f2:e7:bf:63:31:69:16:2c:a1:b3:fe:7d:90:08:
                    c3:2c:32:d1:7c:4f:3f:c1:9b:8c:b4:b8:64:c1:c4:
                    a7:40:26:31:6e:fc:b6:14:bc:dc:11:94:07:44:38:
                    54:b1:9e:c9:b3:9a:9e:ff:14:39:57:5d:ae:02:00:
                    11:0a:04:39:af:50:0e:08:24:aa:ea:30:a8:28:34:
                    36:ac:78:eb:03:8e:27:c3:0e:3b:0a:55:cd:1f:cf:
                    dd:7c:40:10:2a:62:cc:f2:40:46:56:68:8e:35:47:
                    26:06:d8:ff:4e:da:74:51:57:25:c2:32:8b:77:e0:
                    e7:e9:e9:42:d9:f8:43:67:75:7e:39:44:4c:04:52:
                    45:87:a0:e0:d3:43:8e:3c:8a:a4:02:8b:7a:ce:29:
                    29:4b:23:82:d5:65:dc:26:08:98:2e:78:7f:66:85:
                    d8:d3:46:d9:dc:cf:f9:72:2c:5d:e4:f1:cb:f5:b3:
                    1f:9c:c8:6b:27:cb:84:38:f9:d9:f0:d1:b5:f7:6b:
                    b0:f9:9e:e3:7d:82:5a:c2:b0:97:43:ef:e8:d3:2e:
                    1e:e3:a8:da:0a:7b:d0:e8:7f:ac:6a:c9:66:78:fa:
                    39:b6:59:b1:7e:bd:73:09:71:c8:dc:b8:c3:56:0c:
                    13:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:15:58:9D:E2:8C:51:AF:58:2B:FC:8C:F3:98:27:52:7B:C4:5E:51
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:8e:e9:1d:b5:7e:67:fe:4d:a1:ab:07:50:12:cd:5c:50:3d:
         d0:e6:3c:65:e8:22:5e:ba:bd:39:5b:2c:b6:87:75:7c:22:c7:
         22:48:82:18:8c:3e:f3:ce:30:56:e2:f3:67:81:11:74:02:5f:
         b9:ee:06:97:71:6a:7f:9f:e8:00:79:ea:86:d8:39:76:69:1e:
         a3:47:48:71:58:c0:84:07:94:af:40:61:e2:8a:c8:1a:ff:62:
         57:94:b4:d2:2a:94:2f:97:b1:ab:3e:38:49:ea:17:c8:98:fb:
         b6:2e:49:c4:fb:3b:8d:ff:6d:3e:9f:64:11:04:34:be:d4:8a:
         18:19:f8:af:4a:59:15:46:86:49:04:07:6e:2b:4b:48:59:60:
         35:b1:42:d2:24:9e:e1:d2:3f:0a:fc:3f:3a:78:b4:65:69:99:
         85:06:bb:a3:0d:ef:c3:3b:00:2d:93:77:17:e3:a0:72:d1:c4:
         9f:d4:cd:d3:d0:74:d2:57:45:5d:c8:7c:bc:ad:9e:a0:9c:ac:
         37:79:a0:5e:1d:dd:18:0d:62:2f:bb:f9:64:2e:00:6c:8f:44:
         db:f8:ca:df:88:44:f2:50:e8:8b:9b:6b:fb:de:e7:bd:01:15:
         c6:ab:86:05:4d:ee:82:78:75:86:9a:f9:3e:ea:77:52:17:0d:
         db:2a:1c:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK7NdNgMI0Jq5EHkE+E3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjUwNjE0MTYwMDI0WhcNMjUwNjE1MTYwMDI0WjAzMTEwLwYDVQQD
Eyg1YjE1NTg5ZGUyOGM1MWFmNTgyYmZjOGNmMzk4Mjc1MjdiYzQ1ZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8plNg33jqXcMEw5OIuV8ue/YzFp
Fiyhs/59kAjDLDLRfE8/wZuMtLhkwcSnQCYxbvy2FLzcEZQHRDhUsZ7Js5qe/xQ5
V12uAgARCgQ5r1AOCCSq6jCoKDQ2rHjrA44nww47ClXNH8/dfEAQKmLM8kBGVmiO
NUcmBtj/Ttp0UVclwjKLd+Dn6elC2fhDZ3V+OURMBFJFh6Dg00OOPIqkAot6zikp
SyOC1WXcJgiYLnh/ZoXY00bZ3M/5cixd5PHL9bMfnMhrJ8uEOPnZ8NG192uw+Z7j
fYJawrCXQ+/o0y4e46jaCnvQ6H+saslmePo5tlmxfr1zCXHI3LjDVgwTCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsVWJ3ijFGvWCv8jPOYJ1J7xF5RMB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANo7pHbV+
Z/5NoasHUBLNXFA90OY8ZegiXrq9OVsstod1fCLHIkiCGIw+884wVuLzZ4ERdAJf
ue4Gl3Fqf5/oAHnqhtg5dmkeo0dIcVjAhAeUr0Bh4orIGv9iV5S00iqUL5exqz44
SeoXyJj7ti5JxPs7jf9tPp9kEQQ0vtSKGBn4r0pZFUaGSQQHbitLSFlgNbFC0iSe
4dI/Cvw/Oni0ZWmZhQa7ow3vwzsALZN3F+OgctHEn9TN09B00ldFXch8vK2eoJys
N3mgXh3dGA1iL7v5ZC4AbI9E2/jK34hE8lDoi5tr+97nvQEVxquGBU3ugnh1hpr5
Pup3UhcN2yocsQ==
-----END CERTIFICATE-----