Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.mft
File:                     4fLKlRgjMUpfTRCmangiOY-4iWs.mft (raw, json)
Hash identifier:          hQz4/oePEohZhuZpQXq9wr5DlVstt8WceWD1P1//Zgs=
Subject key identifier:   90:7D:3F:1B:E0:C1:24:B7:12:D5:2E:A2:62:7C:62:C5:3F:3E:1F:ED
Authority key identifier: E1:F2:CA:95:18:23:31:4A:5F:4D:10:A6:6A:78:22:39:8F:B8:89:6B
Certificate issuer:       /CN=e1f2ca951823314a5f4d10a66a7822398fb8896b
Certificate serial:       01976F2C5EAF1A60F23D0D3DB9B02C4375F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4fLKlRgjMUpfTRCmangiOY-4iWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 16:01:08 +0000
Manifest this update:     Sat 14 Jun 2025 16:01:08 +0000
Manifest next update:     Sun 15 Jun 2025 16:01:08 +0000
Files and hashes:         1: 4fLKlRgjMUpfTRCmangiOY-4iWs.crl (hash: 6SJoMxPGJTI/pTNKtV5rpXI6JaDECQqjadECgR3ZjOs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4fLKlRgjMUpfTRCmangiOY-4iWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:5e:af:1a:60:f2:3d:0d:3d:b9:b0:2c:43:75:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1f2ca951823314a5f4d10a66a7822398fb8896b
        Validity
            Not Before: Jun 14 16:01:08 2025 GMT
            Not After : Jun 15 16:01:08 2025 GMT
        Subject: CN=907d3f1be0c124b712d52ea2627c62c53f3e1fed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:78:52:f4:e7:2d:51:15:8a:6c:db:40:97:cf:
                    a7:93:40:71:3d:da:7a:f0:26:12:5b:c4:7c:08:8b:
                    4e:34:d1:94:fb:d9:44:9a:12:97:f8:75:58:cf:da:
                    d6:38:01:77:7b:05:76:a0:cb:e3:22:0e:16:b7:8a:
                    c8:01:74:35:9c:1a:9a:e1:ac:58:68:8e:be:9a:99:
                    1d:0c:f1:e3:56:59:13:85:73:5a:3e:0a:e8:4b:b8:
                    fe:5b:31:84:ca:63:9f:d1:32:54:e0:ea:54:52:4e:
                    23:3a:a0:2d:fb:ed:1b:f0:14:f1:81:19:cc:02:1c:
                    59:9d:3b:cb:5d:5c:db:38:83:88:50:8c:e4:61:e6:
                    a6:3c:2e:e5:ea:dc:a8:99:9f:0b:d0:60:01:f6:20:
                    27:e3:58:dc:b2:d6:b6:ef:e0:5d:4f:a1:b0:97:d0:
                    cf:59:76:78:fd:02:60:b8:08:8d:7d:d5:7d:da:04:
                    7d:d5:0a:a1:b8:a0:63:51:95:2f:a3:f2:e0:40:c3:
                    42:f6:42:55:41:b7:86:22:35:56:50:71:2a:3a:96:
                    86:3b:67:39:91:5b:4a:dd:f9:02:44:13:90:fb:26:
                    d2:f0:09:9e:c6:d1:4b:a6:44:f1:60:80:22:ae:ab:
                    09:a3:d1:62:d4:7b:ef:f4:65:8e:5c:83:30:1a:c3:
                    7f:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:7D:3F:1B:E0:C1:24:B7:12:D5:2E:A2:62:7C:62:C5:3F:3E:1F:ED
            X509v3 Authority Key Identifier:
                keyid:E1:F2:CA:95:18:23:31:4A:5F:4D:10:A6:6A:78:22:39:8F:B8:89:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fLKlRgjMUpfTRCmangiOY-4iWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:3d:62:9b:60:2d:f8:66:00:e1:1b:e9:ec:9f:f6:b3:e2:4e:
         3d:d7:ea:c6:f7:0e:5f:70:61:44:4c:e9:21:81:36:86:a1:a0:
         1a:fc:af:93:e5:10:50:6d:49:8e:09:fb:81:31:29:46:d1:44:
         ba:53:c5:b7:c4:a4:11:2e:e0:89:d0:5a:3e:98:81:8c:19:7a:
         4f:03:bc:fc:7b:75:02:09:a3:6c:f3:3a:46:bb:5e:fa:58:6e:
         bb:fb:e5:65:08:83:31:9c:2d:a2:7c:ef:5b:83:08:2b:eb:e5:
         e0:2e:bb:5e:69:3a:98:8d:27:8a:8e:91:54:08:4c:da:40:79:
         71:5e:9a:bd:3e:d2:23:61:66:bf:a4:d6:a2:ce:84:05:3c:c8:
         37:d1:a9:06:ca:8c:e7:53:2a:72:74:8f:b2:85:b7:c7:98:b5:
         48:50:61:c0:f7:7c:2b:18:15:f3:8a:31:08:51:a3:4f:f1:09:
         5d:32:60:3e:9c:d0:3c:a8:5b:84:b6:e7:90:5a:99:81:56:b9:
         01:3a:ef:d6:de:68:72:00:77:95:8b:e8:62:bc:bb:88:de:2e:
         f1:fb:ee:c1:b3:27:43:82:5e:5c:58:ce:5f:46:03:47:a1:81:
         0a:92:86:55:2e:44:44:bf:7e:6d:13:43:bd:a8:04:f5:8b:72:
         45:31:d4:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLF6vGmDyPQ09ubAsQ3XyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZjJjYTk1MTgyMzMxNGE1ZjRkMTBhNjZhNzgyMjM5OGZi
ODg5NmIwHhcNMjUwNjE0MTYwMTA4WhcNMjUwNjE1MTYwMTA4WjAzMTEwLwYDVQQD
Eyg5MDdkM2YxYmUwYzEyNGI3MTJkNTJlYTI2MjdjNjJjNTNmM2UxZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHhS9OctURWKbNtAl8+nk0BxPdp6
8CYSW8R8CItONNGU+9lEmhKX+HVYz9rWOAF3ewV2oMvjIg4Wt4rIAXQ1nBqa4axY
aI6+mpkdDPHjVlkThXNaPgroS7j+WzGEymOf0TJU4OpUUk4jOqAt++0b8BTxgRnM
AhxZnTvLXVzbOIOIUIzkYeamPC7l6tyomZ8L0GAB9iAn41jcsta27+BdT6Gwl9DP
WXZ4/QJguAiNfdV92gR91QqhuKBjUZUvo/LgQMNC9kJVQbeGIjVWUHEqOpaGO2c5
kVtK3fkCRBOQ+ybS8AmextFLpkTxYIAirqsJo9Fi1Hvv9GWOXIMwGsN/8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJB9PxvgwSS3EtUuomJ8YsU/Ph/tMB8GA1UdIwQY
MBaAFOHyypUYIzFKX00Qpmp4IjmPuIlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGZMS2xSZ2pNVXBmVFJDbWFuZ2lPWS00aVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC80ZjY5YWEtMjEzYS00OTdiLWIwNTkt
ZDI4ODRhMTliZTBhLzEvNGZMS2xSZ2pNVXBmVFJDbWFuZ2lPWS00aVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC80ZjY5YWEtMjEzYS00OTdiLWIwNTktZDI4ODRhMTliZTBh
LzEvNGZMS2xSZ2pNVXBmVFJDbWFuZ2lPWS00aVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJD1im2At
+GYA4Rvp7J/2s+JOPdfqxvcOX3BhREzpIYE2hqGgGvyvk+UQUG1Jjgn7gTEpRtFE
ulPFt8SkES7gidBaPpiBjBl6TwO8/Ht1AgmjbPM6Rrte+lhuu/vlZQiDMZwtonzv
W4MIK+vl4C67Xmk6mI0nio6RVAhM2kB5cV6avT7SI2Fmv6TWos6EBTzIN9GpBsqM
51MqcnSPsoW3x5i1SFBhwPd8KxgV84oxCFGjT/EJXTJgPpzQPKhbhLbnkFqZgVa5
ATrv1t5ocgB3lYvoYry7iN4u8fvuwbMnQ4JeXFjOX0YDR6GBCpKGVS5ERL9+bRND
vagE9YtyRTHUtw==
-----END CERTIFICATE-----