Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
File:                     3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft (raw, json)
Hash identifier:          ghcZcHbMilTyeO7OhsyPzkB+E1QO2ygDhlu8efdn9IU=
Subject key identifier:   2A:C3:7F:95:78:A0:6D:59:5F:B2:4C:0A:18:FF:7A:D4:AA:A6:FE:1A
Authority key identifier: DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E
Certificate issuer:       /CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
Certificate serial:       01976DABA19A985844F1364BF271E0A1E5A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
Manifest number:          158A
Signing time:             Sat 14 Jun 2025 09:00:53 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:53 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:53 +0000
Files and hashes:         1: 3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl (hash: oacHg03E5ubzS5NWdJaD17d2xTDgxhwyrJI+HSgOzBI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:a1:9a:98:58:44:f1:36:4b:f2:71:e0:a1:e5:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
        Validity
            Not Before: Jun 14 09:00:53 2025 GMT
            Not After : Jun 15 09:00:53 2025 GMT
        Subject: CN=2ac37f9578a06d595fb24c0a18ff7ad4aaa6fe1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6a:e6:51:dc:97:ac:f6:f5:85:5f:91:c4:3f:
                    74:e8:16:df:46:e2:b8:19:70:3c:86:36:2a:ae:5a:
                    e0:00:c2:4a:31:f6:e0:5b:ac:87:13:ec:c9:8b:97:
                    25:c5:e6:c2:27:72:29:fa:ca:91:66:d4:c6:ba:55:
                    ee:57:74:06:e8:7b:25:77:1b:29:58:e0:24:d4:a6:
                    54:c3:bc:66:0c:52:fb:c5:0b:1e:50:4d:20:16:31:
                    bb:7e:c9:4c:1d:31:65:31:9e:b3:86:28:93:6f:32:
                    b8:65:a5:f6:d2:72:a3:3c:48:f7:2d:7f:d5:77:5d:
                    53:72:67:2f:78:a7:e5:8f:02:27:24:6a:46:f6:f3:
                    af:f1:eb:d7:47:8f:79:b9:a7:b8:db:af:0d:d4:10:
                    81:e3:9e:53:ad:1d:28:27:bd:02:d8:90:24:a5:49:
                    52:ef:21:bd:20:16:82:40:ba:f1:ca:e2:a0:5b:1f:
                    10:8a:4e:71:a4:c2:38:1a:85:15:f5:c5:42:38:bc:
                    91:93:75:1c:f2:88:2c:34:87:8e:35:72:b9:a9:6a:
                    dc:64:2c:46:51:d8:19:b2:9a:69:86:57:24:93:28:
                    37:ef:b9:46:aa:a9:9d:91:95:ad:49:87:60:8a:ff:
                    fa:83:b2:6e:3b:d6:23:28:c3:41:bb:d1:b6:ff:3e:
                    0c:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:C3:7F:95:78:A0:6D:59:5F:B2:4C:0A:18:FF:7A:D4:AA:A6:FE:1A
            X509v3 Authority Key Identifier:
                keyid:DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:eb:c7:14:c0:d1:6b:b7:2e:94:13:70:41:1b:d6:ef:b6:60:
         31:9f:6f:ad:67:22:f4:80:0b:99:ee:4f:be:84:97:60:23:49:
         36:cb:05:74:ad:17:42:3a:0b:96:81:07:2e:05:bd:04:9e:1b:
         26:ac:7e:f2:ee:f1:e4:1d:22:6a:ea:81:6d:34:40:8b:ec:b2:
         49:bd:05:52:68:ee:1e:eb:15:da:fc:3e:35:0e:47:5a:b7:e1:
         df:dd:1f:1b:42:82:94:eb:c8:f2:5b:12:b6:f0:51:6e:2b:66:
         85:07:54:f1:c0:86:85:48:05:62:f9:e0:c4:5b:73:3a:c5:18:
         ea:4c:c5:00:c5:77:a5:9d:a8:f2:a3:2b:3c:26:70:c6:0c:ec:
         a2:77:77:cf:00:4c:78:b4:0e:4f:13:26:ce:fd:20:98:98:20:
         bc:71:1f:70:ba:06:c2:c0:a1:c1:47:9c:40:36:c0:e0:4a:fd:
         ef:56:c4:70:78:a5:e1:29:2d:c4:59:d3:b7:28:9f:8c:94:c9:
         ee:1c:71:05:82:e5:97:c0:0b:d9:c9:41:29:a5:31:f7:ee:9a:
         69:64:df:00:c5:31:4a:e2:4d:f0:66:ec:6f:5f:bc:cd:20:83:
         27:bf:91:4f:d4:9f:fc:04:64:41:d2:69:e3:a4:e8:19:ca:1a:
         e8:ba:1c:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq6GamFhE8TZL8nHgoeWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYjdiMDAxOWUxOWYxMTJmNGQyYmNmZDZlYTEyZDkwODFm
YzU4N2UwHhcNMjUwNjE0MDkwMDUzWhcNMjUwNjE1MDkwMDUzWjAzMTEwLwYDVQQD
EygyYWMzN2Y5NTc4YTA2ZDU5NWZiMjRjMGExOGZmN2FkNGFhYTZmZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2rmUdyXrPb1hV+RxD906BbfRuK4
GXA8hjYqrlrgAMJKMfbgW6yHE+zJi5clxebCJ3Ip+sqRZtTGulXuV3QG6Hsldxsp
WOAk1KZUw7xmDFL7xQseUE0gFjG7fslMHTFlMZ6zhiiTbzK4ZaX20nKjPEj3LX/V
d11TcmcveKfljwInJGpG9vOv8evXR495uae4268N1BCB455TrR0oJ70C2JAkpUlS
7yG9IBaCQLrxyuKgWx8Qik5xpMI4GoUV9cVCOLyRk3Uc8ogsNIeONXK5qWrcZCxG
UdgZsppphlckkyg377lGqqmdkZWtSYdgiv/6g7JuO9YjKMNBu9G2/z4MdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrDf5V4oG1ZX7JMChj/etSqpv4aMB8GA1UdIwQY
MBaAFN23sAGeGfES9NK8/W6hLZCB/Fh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEt
YTg2ZGY5ODNhNzRjLzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEtYTg2ZGY5ODNhNzRj
LzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu+vHFMDR
a7culBNwQRvW77ZgMZ9vrWci9IALme5PvoSXYCNJNssFdK0XQjoLloEHLgW9BJ4b
Jqx+8u7x5B0iauqBbTRAi+yySb0FUmjuHusV2vw+NQ5HWrfh390fG0KClOvI8lsS
tvBRbitmhQdU8cCGhUgFYvngxFtzOsUY6kzFAMV3pZ2o8qMrPCZwxgzsond3zwBM
eLQOTxMmzv0gmJggvHEfcLoGwsChwUecQDbA4Er971bEcHil4SktxFnTtyifjJTJ
7hxxBYLll8AL2clBKaUx9+6aaWTfAMUxSuJN8Gbsb1+8zSCDJ7+RT9Sf/ARkQdJp
46ToGcoa6Loc8g==
-----END CERTIFICATE-----