Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          MhIEnMu13tby/yYeI2hYd6+tpK5DiaiNosL5CxJ/UFY=
Subject key identifier:   49:E1:F4:4E:A1:FC:06:BF:F1:0D:95:08:44:D8:2D:07:C3:20:B1:09
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       01976DAB78F1B23217735B8A4A943CD478F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 09:00:43 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:43 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:43 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: N90EPp0rq9Lwf9CN3cCSPBmUW6de0KfQ2Hq5W9PLexg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 09:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:78:f1:b2:32:17:73:5b:8a:4a:94:3c:d4:78:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Jun 14 09:00:43 2025 GMT
            Not After : Jun 15 09:00:43 2025 GMT
        Subject: CN=49e1f44ea1fc06bff10d950844d82d07c320b109
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:f1:b9:f2:23:72:10:86:b4:2c:05:6b:59:12:
                    a2:dd:ec:5e:8b:5c:70:d6:6e:a9:2f:a8:f9:23:84:
                    94:dd:4b:e3:1b:a2:26:fe:e9:8d:73:23:80:77:ee:
                    dd:9a:7b:26:4d:50:ee:3d:fb:a4:d6:56:45:68:73:
                    f2:75:77:9b:6a:c5:f9:fb:f5:74:a2:9e:0f:84:65:
                    e6:2b:08:b3:10:24:9c:c9:da:72:3e:0e:74:d0:ce:
                    78:4d:f7:eb:0f:4b:2f:11:34:5e:c9:b5:08:f6:57:
                    af:b3:f3:6b:5a:d1:87:20:50:89:8e:0b:36:ee:35:
                    8d:94:67:61:e0:40:46:f8:21:bb:b1:bf:82:a9:82:
                    90:81:dc:e2:01:ce:2f:29:58:17:04:79:ae:62:fa:
                    ee:49:53:9f:f7:ea:f3:6c:79:b8:a6:d3:ec:da:4d:
                    cc:3d:8a:58:84:88:fe:27:1e:4b:22:81:65:2f:fd:
                    00:46:9e:fa:d1:5e:93:07:e1:42:9c:ba:23:67:b3:
                    34:6e:93:fa:88:c9:46:55:64:cd:be:3f:49:9e:37:
                    7a:a4:ad:7e:53:e8:96:99:d3:7e:d0:c2:62:2f:90:
                    a9:e7:b7:d0:eb:81:46:20:e7:aa:16:b2:25:d5:2d:
                    20:59:37:d9:f2:52:d9:42:65:89:76:f3:87:f9:72:
                    e8:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:E1:F4:4E:A1:FC:06:BF:F1:0D:95:08:44:D8:2D:07:C3:20:B1:09
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:42:6f:50:b0:3c:00:62:b5:a1:c2:27:0f:fd:68:46:fe:8f:
         05:1a:7c:3f:ea:f1:2b:6f:f9:0a:44:54:ab:fa:dc:1c:ba:b7:
         5a:a3:47:9a:27:28:a1:8e:09:e9:8f:08:1b:1b:b2:01:c6:29:
         67:32:e9:ff:a3:1d:1d:5f:e7:fb:01:3d:88:49:67:b4:36:cf:
         90:1b:06:d4:b1:74:31:9a:69:0e:9d:14:0b:d8:df:a8:ce:aa:
         37:91:af:79:c8:7f:93:7e:cb:a3:07:09:8c:49:15:35:93:51:
         ba:11:52:02:d8:d3:b7:4d:a4:dc:1b:9f:af:5b:a0:1b:2b:1d:
         82:a1:fe:de:3d:38:82:ae:92:2f:39:01:f6:90:55:4f:ee:5b:
         bf:f2:5e:62:1e:27:d4:9b:09:69:12:4b:87:5e:f2:70:3d:19:
         38:de:6d:c1:9b:9e:b3:44:d1:b9:a1:19:c8:43:3d:12:e8:68:
         90:2f:c6:75:43:97:5f:41:7d:14:0e:ba:7e:82:49:97:db:ea:
         8f:ae:ad:70:fa:1c:77:a4:e9:22:ad:e6:4e:b1:15:d9:16:03:
         39:f5:c3:53:ce:66:b0:a0:ca:52:dc:59:bb:74:75:ff:ef:5e:
         67:df:d8:bf:46:50:7e:83:bf:92:ba:36:d8:b2:75:b2:e2:63:
         f0:0c:f9:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq3jxsjIXc1uKSpQ81HjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjUwNjE0MDkwMDQzWhcNMjUwNjE1MDkwMDQzWjAzMTEwLwYDVQQD
Eyg0OWUxZjQ0ZWExZmMwNmJmZjEwZDk1MDg0NGQ4MmQwN2MzMjBiMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vG58iNyEIa0LAVrWRKi3exei1xw
1m6pL6j5I4SU3UvjG6Im/umNcyOAd+7dmnsmTVDuPfuk1lZFaHPydXebasX5+/V0
op4PhGXmKwizECScydpyPg500M54TffrD0svETReybUI9levs/NrWtGHIFCJjgs2
7jWNlGdh4EBG+CG7sb+CqYKQgdziAc4vKVgXBHmuYvruSVOf9+rzbHm4ptPs2k3M
PYpYhIj+Jx5LIoFlL/0ARp760V6TB+FCnLojZ7M0bpP6iMlGVWTNvj9Jnjd6pK1+
U+iWmdN+0MJiL5Cp57fQ64FGIOeqFrIl1S0gWTfZ8lLZQmWJdvOH+XLoTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEnh9E6h/Aa/8Q2VCETYLQfDILEJMB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAUJvULA8
AGK1ocInD/1oRv6PBRp8P+rxK2/5CkRUq/rcHLq3WqNHmicooY4J6Y8IGxuyAcYp
ZzLp/6MdHV/n+wE9iElntDbPkBsG1LF0MZppDp0UC9jfqM6qN5Gvech/k37LowcJ
jEkVNZNRuhFSAtjTt02k3Bufr1ugGysdgqH+3j04gq6SLzkB9pBVT+5bv/JeYh4n
1JsJaRJLh17ycD0ZON5twZues0TRuaEZyEM9EuhokC/GdUOXX0F9FA66foJJl9vq
j66tcPocd6TpIq3mTrEV2RYDOfXDU85msKDKUtxZu3R1/+9eZ9/Yv0ZQfoO/kro2
2LJ1suJj8Az5Ww==
-----END CERTIFICATE-----