Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          HnwBaHaBiBhn5xhxDPQlG64lso4o16kF/EnrfaK5tTo=
Subject key identifier:   AA:1C:F3:CE:F6:54:00:B1:46:BF:8D:C4:58:48:3F:38:69:15:82:74
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       01976E872A7D20F834F540903EE1F508C682
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          158E
Signing time:             Sat 14 Jun 2025 13:00:41 +0000
Manifest this update:     Sat 14 Jun 2025 13:00:41 +0000
Manifest next update:     Sun 15 Jun 2025 13:00:41 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: Kn43RfnEZwLfNqJUnrGWczgNhWddP4GjPvrThG5Mhcg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:87:2a:7d:20:f8:34:f5:40:90:3e:e1:f5:08:c6:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Jun 14 13:00:41 2025 GMT
            Not After : Jun 15 13:00:41 2025 GMT
        Subject: CN=aa1cf3cef65400b146bf8dc458483f3869158274
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:27:3a:81:dd:72:17:75:16:fb:32:0f:ec:1e:
                    1d:c7:cf:fd:11:26:2e:bf:72:4e:6d:37:7f:b8:4c:
                    8f:c7:b3:d9:1d:91:9a:e0:aa:a5:7e:9b:38:69:c0:
                    03:d4:46:8a:02:0a:d0:eb:08:2c:c1:a8:a2:db:90:
                    45:e1:9c:07:04:84:ef:7a:d4:a7:a3:78:7e:72:fd:
                    ec:ec:0d:f6:57:36:04:1a:71:36:9e:bd:de:1e:f8:
                    02:2a:43:db:8e:91:59:21:06:1e:40:e9:30:00:00:
                    57:00:a8:25:a0:e8:c6:de:d2:6e:c7:2c:69:39:90:
                    2d:bb:a1:7a:0b:90:c6:50:5d:8b:aa:64:7a:e1:e2:
                    df:c8:08:13:cc:a2:ce:d0:02:cd:ff:67:1d:f2:e7:
                    48:d3:cc:45:f9:58:b7:45:c4:32:4a:32:65:a8:01:
                    c9:e9:64:31:3e:91:0c:2f:98:85:cf:dc:b1:ec:cf:
                    d8:75:b6:d1:f8:bc:5e:7f:e2:77:4e:76:f0:70:45:
                    32:82:68:9a:d1:c0:ab:54:be:0b:5e:0a:a4:5c:15:
                    9d:b4:1a:91:1e:2a:9f:ce:a9:ad:19:a7:ca:c3:3d:
                    c6:1b:0c:a7:8b:e8:1e:44:d4:2c:3a:ee:ad:7b:ed:
                    ff:ed:3c:02:85:dd:cb:c0:85:3e:e4:3f:d7:4a:59:
                    c7:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:1C:F3:CE:F6:54:00:B1:46:BF:8D:C4:58:48:3F:38:69:15:82:74
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:d1:a0:2e:12:ff:ec:af:ac:fe:76:14:75:f7:48:3b:0f:dd:
         71:c1:7e:e0:98:b6:35:7d:04:0c:d3:0d:58:66:3d:09:d8:44:
         14:47:d3:97:57:c4:ea:84:3a:2f:a3:1c:6b:ad:fa:e5:48:a7:
         c6:f4:47:e1:a3:88:2d:e8:13:96:37:4e:ed:1b:86:f5:03:c5:
         db:3b:34:c0:1d:70:23:e4:cd:22:8c:5f:ee:a6:ec:61:93:23:
         d4:c5:90:f7:9a:41:94:3b:9c:78:6d:c3:96:23:a9:7b:b6:5f:
         dd:48:7d:0d:22:69:0f:da:84:4a:f8:fc:d3:31:60:c7:08:43:
         be:9b:b3:8b:9f:1c:ea:dc:04:cd:63:b6:ce:c3:c6:7e:e9:3f:
         ce:44:2d:5b:2c:ea:cb:e2:b6:87:8e:5a:3a:d0:35:89:8e:ec:
         f2:c0:11:18:bf:17:b7:0a:08:32:a0:92:a0:8e:3e:11:64:ec:
         18:81:07:42:f7:d3:3d:49:ba:d2:dc:46:a4:30:ae:c5:03:55:
         57:73:ec:39:b4:ee:53:2b:fa:9e:8e:49:45:52:2b:39:34:9c:
         0e:67:a3:13:37:ca:10:08:9a:42:4c:b4:98:40:32:fc:8f:95:
         78:b1:28:21:ea:be:19:b8:67:f2:67:77:98:ec:60:f2:4c:aa:
         d6:d5:be:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduhyp9IPg09UCQPuH1CMaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUwNjE0MTMwMDQxWhcNMjUwNjE1MTMwMDQxWjAzMTEwLwYDVQQD
EyhhYTFjZjNjZWY2NTQwMGIxNDZiZjhkYzQ1ODQ4M2YzODY5MTU4Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Sc6gd1yF3UW+zIP7B4dx8/9ESYu
v3JObTd/uEyPx7PZHZGa4Kqlfps4acAD1EaKAgrQ6wgswaii25BF4ZwHBITvetSn
o3h+cv3s7A32VzYEGnE2nr3eHvgCKkPbjpFZIQYeQOkwAABXAKgloOjG3tJuxyxp
OZAtu6F6C5DGUF2LqmR64eLfyAgTzKLO0ALN/2cd8udI08xF+Vi3RcQySjJlqAHJ
6WQxPpEML5iFz9yx7M/YdbbR+Lxef+J3TnbwcEUygmia0cCrVL4LXgqkXBWdtBqR
HiqfzqmtGafKwz3GGwyni+geRNQsOu6te+3/7TwChd3LwIU+5D/XSlnHwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoc8872VACxRr+NxFhIPzhpFYJ0MB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF9GgLhL/
7K+s/nYUdfdIOw/dccF+4Ji2NX0EDNMNWGY9CdhEFEfTl1fE6oQ6L6Mca6365Uin
xvRH4aOILegTljdO7RuG9QPF2zs0wB1wI+TNIoxf7qbsYZMj1MWQ95pBlDuceG3D
liOpe7Zf3Uh9DSJpD9qESvj80zFgxwhDvpuzi58c6twEzWO2zsPGfuk/zkQtWyzq
y+K2h45aOtA1iY7s8sARGL8XtwoIMqCSoI4+EWTsGIEHQvfTPUm60txGpDCuxQNV
V3PsObTuUyv6no5JRVIrOTScDmejEzfKEAiaQky0mEAy/I+VeLEoIeq+Gbhn8md3
mOxg8kyq1tW+7g==
-----END CERTIFICATE-----