Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.mft
File:                     Fh4OrnepjDYj0XgfmvRVfTVB0ro.mft (raw, json)
Hash identifier:          MK5zbVrwh2n+BAGMQLshpkWchnVjz92oMYIAmormXAA=
Subject key identifier:   D5:34:4D:66:3C:C8:6E:E4:77:06:F0:9C:DD:C8:63:48:C5:29:1C:B1
Authority key identifier: 16:1E:0E:AE:77:A9:8C:36:23:D1:78:1F:9A:F4:55:7D:35:41:D2:BA
Certificate issuer:       /CN=161e0eae77a98c3623d1781f9af4557d3541d2ba
Certificate serial:       019769CEEDA1E6D1B09081B7492D804E7477
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fh4OrnepjDYj0XgfmvRVfTVB0ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 15:00:58 +0000
Manifest this update:     Fri 13 Jun 2025 15:00:58 +0000
Manifest next update:     Sat 14 Jun 2025 15:00:58 +0000
Files and hashes:         1: Fh4OrnepjDYj0XgfmvRVfTVB0ro.crl (hash: cmpZtYQoo0Fgd9HbSZ70GTt6GB0U9bG8m69HzMymZZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Fh4OrnepjDYj0XgfmvRVfTVB0ro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:ce:ed:a1:e6:d1:b0:90:81:b7:49:2d:80:4e:74:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=161e0eae77a98c3623d1781f9af4557d3541d2ba
        Validity
            Not Before: Jun 13 15:00:58 2025 GMT
            Not After : Jun 14 15:00:58 2025 GMT
        Subject: CN=d5344d663cc86ee47706f09cddc86348c5291cb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:89:a3:55:fa:15:51:e0:b7:04:20:99:e2:16:
                    61:1c:6f:66:9a:e1:ef:de:a3:d3:4e:51:e9:97:27:
                    7e:67:8a:7f:1f:ae:48:07:2a:d6:b3:c2:84:30:97:
                    4b:84:1c:7d:2d:08:c7:6f:80:9f:dd:71:fe:a9:4f:
                    d4:5a:64:40:4e:fc:77:2e:b2:71:ae:e6:4d:5a:b0:
                    95:35:f4:c0:51:9b:89:b8:7f:ea:5c:a9:df:b5:e1:
                    f1:16:1f:5d:e4:4d:13:6d:b6:0a:12:86:43:c3:59:
                    97:b8:ea:98:68:15:03:41:02:24:a6:94:d5:26:70:
                    ee:4e:a0:2e:55:ad:db:ea:b9:c7:d9:02:0b:c0:8f:
                    29:5d:66:12:fd:0f:fa:db:7c:d1:1f:37:02:53:ad:
                    6a:4c:90:16:e0:54:b5:89:12:2e:a0:02:32:05:71:
                    6f:91:44:b5:06:4a:c7:c2:69:56:95:cf:7a:ab:cd:
                    fb:2f:42:89:02:d1:29:d6:16:c2:30:67:2f:2b:a6:
                    a0:db:77:ea:30:88:e2:5d:98:c1:78:35:55:45:45:
                    c4:87:39:71:98:cc:c7:bd:ea:85:e9:a9:21:c6:18:
                    91:c9:fa:96:d6:ab:fb:09:9a:75:90:99:70:a5:72:
                    ee:15:01:5c:0b:72:b2:58:49:7a:4e:86:dc:64:bd:
                    34:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:34:4D:66:3C:C8:6E:E4:77:06:F0:9C:DD:C8:63:48:C5:29:1C:B1
            X509v3 Authority Key Identifier:
                keyid:16:1E:0E:AE:77:A9:8C:36:23:D1:78:1F:9A:F4:55:7D:35:41:D2:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fh4OrnepjDYj0XgfmvRVfTVB0ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:3b:49:c8:18:8b:37:2c:89:96:bf:cb:57:4b:bd:46:1d:a2:
         e0:d2:69:5f:81:a6:93:c2:84:e7:10:f4:cf:b2:65:83:21:7e:
         24:7f:f0:f5:f6:60:98:26:9d:ac:a7:fd:07:b1:f9:6f:0a:90:
         92:8b:b5:26:46:ed:9d:13:ae:c5:2d:2d:71:36:02:d3:8f:31:
         07:2c:a7:8d:8d:33:00:75:9a:eb:e5:23:10:2a:0d:4a:ba:b1:
         75:c4:a0:c3:0f:a6:3d:4e:82:42:00:f9:38:65:cc:ee:68:65:
         19:0e:f4:0a:27:ac:d5:ef:4e:5a:aa:3c:24:e6:34:ef:3d:f8:
         77:d8:a7:64:0c:26:52:3f:98:cd:47:c8:66:00:e4:3d:c6:14:
         ec:8e:13:6f:e9:0b:75:07:88:c7:94:5f:ab:ab:d1:a2:30:19:
         e3:58:51:13:fb:28:04:a7:65:ca:89:6d:32:2f:cd:0c:7f:db:
         f4:af:20:b7:51:f0:ba:80:1c:ba:75:a9:63:5f:49:0d:f1:f4:
         ef:23:2b:af:c7:1d:17:11:85:7b:54:98:94:78:07:42:a0:52:
         27:bf:38:46:7f:bc:8e:5c:e4:c2:53:cf:4d:15:20:5f:0f:d4:
         80:98:bd:ef:0c:fa:31:bd:fe:30:e8:ad:86:cc:20:2e:d0:4b:
         92:33:84:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzu2h5tGwkIG3SS2ATnR3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MWUwZWFlNzdhOThjMzYyM2QxNzgxZjlhZjQ1NTdkMzU0
MWQyYmEwHhcNMjUwNjEzMTUwMDU4WhcNMjUwNjE0MTUwMDU4WjAzMTEwLwYDVQQD
EyhkNTM0NGQ2NjNjYzg2ZWU0NzcwNmYwOWNkZGM4NjM0OGM1MjkxY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ImjVfoVUeC3BCCZ4hZhHG9mmuHv
3qPTTlHplyd+Z4p/H65IByrWs8KEMJdLhBx9LQjHb4Cf3XH+qU/UWmRATvx3LrJx
ruZNWrCVNfTAUZuJuH/qXKnfteHxFh9d5E0TbbYKEoZDw1mXuOqYaBUDQQIkppTV
JnDuTqAuVa3b6rnH2QILwI8pXWYS/Q/623zRHzcCU61qTJAW4FS1iRIuoAIyBXFv
kUS1BkrHwmlWlc96q837L0KJAtEp1hbCMGcvK6ag23fqMIjiXZjBeDVVRUXEhzlx
mMzHveqF6akhxhiRyfqW1qv7CZp1kJlwpXLuFQFcC3KyWEl6TobcZL00mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNU0TWY8yG7kdwbwnN3IY0jFKRyxMB8GA1UdIwQY
MBaAFBYeDq53qYw2I9F4H5r0VX01QdK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmg0T3JuZXBqRFlqMFhnZm12UlZmVFZCMHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85Njk3MDgtZTRiOS00YWIyLWI1MGIt
MjlkYzk1MzYyMGMxLzEvRmg0T3JuZXBqRFlqMFhnZm12UlZmVFZCMHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85Njk3MDgtZTRiOS00YWIyLWI1MGItMjlkYzk1MzYyMGMx
LzEvRmg0T3JuZXBqRFlqMFhnZm12UlZmVFZCMHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVjtJyBiL
NyyJlr/LV0u9Rh2i4NJpX4Gmk8KE5xD0z7JlgyF+JH/w9fZgmCadrKf9B7H5bwqQ
kou1JkbtnROuxS0tcTYC048xByynjY0zAHWa6+UjECoNSrqxdcSgww+mPU6CQgD5
OGXM7mhlGQ70Cies1e9OWqo8JOY07z34d9inZAwmUj+YzUfIZgDkPcYU7I4Tb+kL
dQeIx5Rfq6vRojAZ41hRE/soBKdlyoltMi/NDH/b9K8gt1HwuoAcunWpY19JDfH0
7yMrr8cdFxGFe1SYlHgHQqBSJ784Rn+8jlzkwlPPTRUgXw/UgJi97wz6Mb3+MOit
hswgLtBLkjOElg==
-----END CERTIFICATE-----