Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.mft
File:                     cNbQfLZOoOgZ46Cyngk_5Bljspo.mft (raw, json)
Hash identifier:          VfuAnzTjggwvZeFrfMqX4sYjX3agRl8WPZE4jt9HQNI=
Subject key identifier:   92:33:36:39:82:76:00:6A:91:B1:B5:08:3B:90:EA:29:8D:76:FC:01
Authority key identifier: 70:D6:D0:7C:B6:4E:A0:E8:19:E3:A0:B2:9E:09:3F:E4:19:63:B2:9A
Certificate issuer:       /CN=70d6d07cb64ea0e819e3a0b29e093fe41963b29a
Certificate serial:       019773ADC08D7F6DE10C75C28E5A2B32D741
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cNbQfLZOoOgZ46Cyngk_5Bljspo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.mft
Manifest number:          158F
Signing time:             Sun 15 Jun 2025 13:00:56 +0000
Manifest this update:     Sun 15 Jun 2025 13:00:56 +0000
Manifest next update:     Mon 16 Jun 2025 13:00:56 +0000
Files and hashes:         1: cNbQfLZOoOgZ46Cyngk_5Bljspo.crl (hash: HBaA4iqCQQ19JxFbMaS+LgL3nKnBw8gdw/CFG3iSxl4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cNbQfLZOoOgZ46Cyngk_5Bljspo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:73:ad:c0:8d:7f:6d:e1:0c:75:c2:8e:5a:2b:32:d7:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70d6d07cb64ea0e819e3a0b29e093fe41963b29a
        Validity
            Not Before: Jun 15 13:00:56 2025 GMT
            Not After : Jun 16 13:00:56 2025 GMT
        Subject: CN=923336398276006a91b1b5083b90ea298d76fc01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:4a:82:55:2a:32:f8:48:d9:dc:fb:91:7e:4a:
                    a2:00:4e:0b:45:fc:8e:1e:29:78:c4:c0:74:05:f2:
                    13:b0:37:4d:63:17:67:8e:5a:46:9b:8d:b8:d8:87:
                    06:59:45:37:7b:78:f3:ea:6b:4c:88:d7:19:f8:d7:
                    59:b8:99:e9:76:ea:03:dc:88:89:52:07:68:42:c5:
                    56:fa:27:99:cb:76:7e:85:8b:78:e5:d3:82:f6:dd:
                    31:af:d0:ed:d2:3d:4c:b9:09:53:f7:09:a2:93:56:
                    86:ec:50:1d:82:e8:94:d5:25:29:b0:b3:33:2d:6e:
                    72:63:b7:e0:7d:62:0c:a0:57:74:72:03:07:ba:bd:
                    07:08:1f:eb:94:a9:7d:c9:fa:3d:e2:de:27:60:6f:
                    a2:35:ad:56:b6:60:69:93:7f:89:4a:43:f6:64:6b:
                    2c:11:f6:91:9d:c0:c0:26:ca:34:4f:80:5d:3f:a0:
                    79:14:2e:b6:ad:73:3d:66:9e:2b:06:68:2d:99:88:
                    30:83:2e:ae:6b:c2:ef:6d:1e:b3:a8:a7:6b:6a:5c:
                    bf:c9:ad:17:e6:03:58:63:1f:8f:cb:24:7a:79:bc:
                    ea:29:fc:7e:41:59:e7:63:52:1e:cc:a4:d6:37:c7:
                    c3:c1:36:89:6e:cf:80:2a:3d:f8:7d:f7:f0:6f:ba:
                    c8:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:33:36:39:82:76:00:6A:91:B1:B5:08:3B:90:EA:29:8D:76:FC:01
            X509v3 Authority Key Identifier:
                keyid:70:D6:D0:7C:B6:4E:A0:E8:19:E3:A0:B2:9E:09:3F:E4:19:63:B2:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNbQfLZOoOgZ46Cyngk_5Bljspo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:07:33:2a:e9:fb:96:52:73:50:c9:57:5c:08:bc:3d:4a:e6:
         40:99:80:24:b5:f4:5a:b7:ea:57:1c:49:19:cd:d1:17:e6:54:
         af:12:e0:79:ad:8b:df:52:43:e3:15:40:18:9e:db:bf:6b:92:
         7e:0a:d9:61:3c:74:ee:72:3e:fe:dc:cf:1c:bc:5d:58:d3:0a:
         88:56:4d:57:96:84:b0:2d:cb:66:12:19:f7:72:62:78:6b:d0:
         45:f1:dc:98:9a:30:3f:a9:03:6c:85:e0:80:2b:31:66:13:8e:
         75:42:89:c4:d9:f9:7a:d7:bd:46:63:ec:bc:87:5b:b3:d9:7a:
         19:08:a9:d3:aa:dd:3f:db:a6:01:71:9a:52:8b:12:0c:53:29:
         61:54:bd:0e:12:b7:49:9b:46:c4:55:04:a9:4a:8d:13:a7:fa:
         24:26:7f:f3:d0:ce:4c:37:9e:b5:71:33:0d:78:0f:8c:f7:77:
         a0:e0:1d:6c:05:1d:fc:ac:b8:2b:dc:18:d9:b8:0f:bd:6d:ca:
         25:b6:62:b5:57:1a:4e:eb:16:cb:15:a1:e3:7e:11:09:ac:7b:
         d0:1b:b3:4d:48:1a:48:6f:44:b0:d1:34:1b:62:ff:0c:58:b9:
         79:1a:34:95:77:b5:5e:57:b7:b1:5a:50:17:79:62:0b:56:8f:
         68:9c:ac:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdzrcCNf23hDHXCjlorMtdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZDZkMDdjYjY0ZWEwZTgxOWUzYTBiMjllMDkzZmU0MTk2
M2IyOWEwHhcNMjUwNjE1MTMwMDU2WhcNMjUwNjE2MTMwMDU2WjAzMTEwLwYDVQQD
Eyg5MjMzMzYzOTgyNzYwMDZhOTFiMWI1MDgzYjkwZWEyOThkNzZmYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UqCVSoy+EjZ3PuRfkqiAE4LRfyO
Hil4xMB0BfITsDdNYxdnjlpGm4242IcGWUU3e3jz6mtMiNcZ+NdZuJnpduoD3IiJ
UgdoQsVW+ieZy3Z+hYt45dOC9t0xr9Dt0j1MuQlT9wmik1aG7FAdguiU1SUpsLMz
LW5yY7fgfWIMoFd0cgMHur0HCB/rlKl9yfo94t4nYG+iNa1WtmBpk3+JSkP2ZGss
EfaRncDAJso0T4BdP6B5FC62rXM9Zp4rBmgtmYgwgy6ua8LvbR6zqKdraly/ya0X
5gNYYx+PyyR6ebzqKfx+QVnnY1IezKTWN8fDwTaJbs+AKj34fffwb7rIRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIzNjmCdgBqkbG1CDuQ6imNdvwBMB8GA1UdIwQY
MBaAFHDW0Hy2TqDoGeOgsp4JP+QZY7KaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY05iUWZMWk9vT2daNDZDeW5na181Qmxqc3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8wNTkxMGItMjVkOC00MTNkLWFjNTgt
ODI0Yzc3Zjg5MWM5LzEvY05iUWZMWk9vT2daNDZDeW5na181Qmxqc3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8wNTkxMGItMjVkOC00MTNkLWFjNTgtODI0Yzc3Zjg5MWM5
LzEvY05iUWZMWk9vT2daNDZDeW5na181Qmxqc3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARQczKun7
llJzUMlXXAi8PUrmQJmAJLX0WrfqVxxJGc3RF+ZUrxLgea2L31JD4xVAGJ7bv2uS
fgrZYTx07nI+/tzPHLxdWNMKiFZNV5aEsC3LZhIZ93JieGvQRfHcmJowP6kDbIXg
gCsxZhOOdUKJxNn5ete9RmPsvIdbs9l6GQip06rdP9umAXGaUosSDFMpYVS9DhK3
SZtGxFUEqUqNE6f6JCZ/89DOTDeetXEzDXgPjPd3oOAdbAUd/Ky4K9wY2bgPvW3K
JbZitVcaTusWyxWh434RCax70BuzTUgaSG9EsNE0G2L/DFi5eRo0lXe1Xle3sVpQ
F3liC1aPaJys/g==
-----END CERTIFICATE-----