Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          7zBYkf7ZKxlfmoMrF1/2V6VChvjSGddx4OPgSBF5T6w=
Subject key identifier:   8C:B5:AD:ED:4E:88:70:0B:B3:1B:83:3A:3C:CC:1D:38:B6:94:10:BA
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       0197711B0FBFB6B91F02A73D8AB119E15CA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          158F
Signing time:             Sun 15 Jun 2025 01:01:28 +0000
Manifest this update:     Sun 15 Jun 2025 01:01:28 +0000
Manifest next update:     Mon 16 Jun 2025 01:01:28 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: dfsIwaHu7Am1Y5nvYGzPmhZDEjQZ1ASfDD4DGQGRCLQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1b:0f:bf:b6:b9:1f:02:a7:3d:8a:b1:19:e1:5c:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: Jun 15 01:01:28 2025 GMT
            Not After : Jun 16 01:01:28 2025 GMT
        Subject: CN=8cb5aded4e88700bb31b833a3ccc1d38b69410ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:77:22:6d:91:49:97:15:0a:e3:c9:36:fd:9f:
                    95:1e:3e:cb:a8:4d:da:02:5a:07:54:68:8f:52:45:
                    f8:16:35:c5:ec:2d:5a:8a:d1:fa:2e:9a:77:08:c2:
                    d1:9c:b3:46:9c:b1:88:7d:03:30:96:7b:6c:59:57:
                    e9:83:e8:85:5f:12:f7:15:52:8c:4a:9e:06:95:35:
                    71:4b:db:cd:8e:72:98:c3:1f:9f:a6:e3:6e:54:32:
                    80:c8:c8:b7:0d:8b:f3:0e:06:90:e1:19:69:c9:5c:
                    fe:8d:14:33:f6:bb:de:2a:4e:13:bb:ce:6c:85:38:
                    64:d8:6b:e5:dd:cf:10:9f:f4:84:9e:84:77:20:3b:
                    ec:64:6f:aa:81:ab:ed:0c:e0:50:02:50:cf:4b:43:
                    39:12:8a:e9:cb:d8:20:67:6d:5c:7b:ee:6d:3c:82:
                    ea:fe:e4:c7:2d:99:4c:1a:28:8f:c8:8a:43:d1:fb:
                    bd:04:e6:2b:6c:8e:78:d6:35:91:d2:2e:8b:15:64:
                    71:68:1f:97:86:cd:b0:a5:86:76:15:a3:f8:db:6f:
                    09:c7:ac:0d:d8:8b:a3:61:04:d4:ce:b5:7e:8e:37:
                    0d:a0:cb:01:0f:c6:bd:49:3c:c9:db:65:5e:6a:26:
                    f6:52:17:bc:ba:d0:8d:c4:a2:0f:61:2d:1e:7c:bd:
                    c5:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:B5:AD:ED:4E:88:70:0B:B3:1B:83:3A:3C:CC:1D:38:B6:94:10:BA
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:ed:3b:ad:d6:a2:1e:3c:20:ce:73:da:0a:a1:db:96:39:08:
         7b:12:2d:af:ee:f6:22:f9:52:47:2a:b5:60:3c:47:2b:47:d0:
         70:04:72:d5:d8:43:d0:52:4c:b5:c4:16:19:dd:c4:ba:a1:96:
         98:75:7c:80:81:14:9c:63:f3:27:b1:4f:d1:d8:44:fc:a6:52:
         3b:36:a9:01:0b:ab:80:75:e7:65:ce:0d:be:42:8a:0e:45:62:
         4d:aa:7b:83:f7:2d:2d:23:76:9b:91:fb:f5:b2:0d:40:5b:26:
         1f:f3:2d:d5:77:d6:80:b2:06:8e:ad:74:55:fe:07:bf:c3:a2:
         d3:6b:a7:5c:f0:62:4c:9f:01:32:a9:c8:75:3b:c6:c8:56:c9:
         fa:76:16:7a:5b:9b:ab:05:ea:8f:2f:71:11:65:e1:43:35:b4:
         87:42:ad:cb:b3:d1:4c:05:b5:43:58:15:80:98:01:a4:a9:e3:
         f6:b9:62:61:a5:4f:36:f9:a5:f0:48:e8:ff:e8:28:a8:b1:df:
         17:84:67:d7:56:a2:a7:04:21:bc:5a:38:ef:70:9d:28:8c:50:
         44:c0:e2:e0:89:de:6f:34:30:76:70:77:d0:b5:a7:05:c7:f6:
         78:60:f3:b0:f8:ce:25:ca:d7:94:3c:d6:5a:35:c2:82:d9:e8:
         77:6f:45:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGw+/trkfAqc9irEZ4VykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjUwNjE1MDEwMTI4WhcNMjUwNjE2MDEwMTI4WjAzMTEwLwYDVQQD
Eyg4Y2I1YWRlZDRlODg3MDBiYjMxYjgzM2EzY2NjMWQzOGI2OTQxMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XcibZFJlxUK48k2/Z+VHj7LqE3a
AloHVGiPUkX4FjXF7C1aitH6Lpp3CMLRnLNGnLGIfQMwlntsWVfpg+iFXxL3FVKM
Sp4GlTVxS9vNjnKYwx+fpuNuVDKAyMi3DYvzDgaQ4RlpyVz+jRQz9rveKk4Tu85s
hThk2Gvl3c8Qn/SEnoR3IDvsZG+qgavtDOBQAlDPS0M5Eorpy9ggZ21ce+5tPILq
/uTHLZlMGiiPyIpD0fu9BOYrbI541jWR0i6LFWRxaB+Xhs2wpYZ2FaP4228Jx6wN
2IujYQTUzrV+jjcNoMsBD8a9STzJ22Veaib2Uhe8utCNxKIPYS0efL3FGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIy1re1OiHALsxuDOjzMHTi2lBC6MB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANe07rdai
HjwgznPaCqHbljkIexItr+72IvlSRyq1YDxHK0fQcARy1dhD0FJMtcQWGd3EuqGW
mHV8gIEUnGPzJ7FP0dhE/KZSOzapAQurgHXnZc4NvkKKDkViTap7g/ctLSN2m5H7
9bINQFsmH/Mt1XfWgLIGjq10Vf4Hv8Oi02unXPBiTJ8BMqnIdTvGyFbJ+nYWelub
qwXqjy9xEWXhQzW0h0Kty7PRTAW1Q1gVgJgBpKnj9rliYaVPNvml8Ejo/+goqLHf
F4Rn11aipwQhvFo473CdKIxQRMDi4InebzQwdnB30LWnBcf2eGDzsPjOJcrXlDzW
WjXCgtnod29FyQ==
-----END CERTIFICATE-----