Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft
File:                     sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft (raw, json)
Hash identifier:          8H1eUXD0xz4afjRuklQxJpidCZyNG7BnBLEv2TYn9To=
Subject key identifier:   59:8B:36:07:5F:06:0E:7A:02:EA:3E:4F:C7:D5:54:19:77:6F:A6:1C
Authority key identifier: B0:BB:87:D2:0C:C4:20:DF:41:E0:90:C3:3B:4C:40:EF:CB:0D:D8:78
Certificate issuer:       /CN=b0bb87d20cc420df41e090c33b4c40efcb0dd878
Certificate serial:       01976D06891F5B5D73F179305D8D89B4FD72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sLuH0gzEIN9B4JDDO0xA78sN2Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 06:00:34 +0000
Manifest this update:     Sat 14 Jun 2025 06:00:34 +0000
Manifest next update:     Sun 15 Jun 2025 06:00:34 +0000
Files and hashes:         1: sLuH0gzEIN9B4JDDO0xA78sN2Hg.crl (hash: aK0IgAXRaCsPTLAofzpeG2NaVPoUcQZHBzyqN8ST/wY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sLuH0gzEIN9B4JDDO0xA78sN2Hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:06:89:1f:5b:5d:73:f1:79:30:5d:8d:89:b4:fd:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0bb87d20cc420df41e090c33b4c40efcb0dd878
        Validity
            Not Before: Jun 14 06:00:34 2025 GMT
            Not After : Jun 15 06:00:34 2025 GMT
        Subject: CN=598b36075f060e7a02ea3e4fc7d55419776fa61c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a2:bf:e5:ad:a3:d5:ed:34:4f:36:e7:7f:32:
                    ed:f0:a4:36:27:4a:3d:a4:4b:a3:b7:30:d9:4a:59:
                    47:fa:80:0a:2a:50:8f:9a:c4:fa:e6:da:e6:c2:41:
                    17:99:6e:74:c8:03:df:5c:60:c1:53:37:ee:3a:bd:
                    fd:81:40:82:72:86:9f:c2:9c:7b:b4:db:3b:39:fc:
                    0b:f6:c7:ac:25:8c:ed:82:01:0d:0e:58:fb:82:2f:
                    c1:65:b1:1b:a9:d3:68:80:24:85:6e:8a:8f:e3:ba:
                    56:e9:5a:82:03:b7:f3:1e:b9:78:59:61:65:c9:b8:
                    68:99:07:c1:74:c4:1c:21:1e:2f:87:44:42:81:20:
                    6a:ba:2e:dd:d8:90:a9:d8:e4:4b:5c:5f:9c:c4:9e:
                    ff:66:3f:de:7e:db:f0:d0:dd:b9:e8:4e:a7:0b:c4:
                    cc:8f:a4:8e:23:c0:56:d6:16:6a:11:e2:db:03:a2:
                    4c:41:68:e3:0c:b3:cc:ba:62:a7:8e:47:bc:a7:ff:
                    b0:27:b6:ad:46:68:e6:d0:ca:72:91:ad:42:69:e8:
                    70:eb:c2:15:20:f5:66:bf:6d:6b:d1:f5:22:a2:f2:
                    fe:f1:60:ad:3d:46:c8:85:17:de:c1:55:43:e8:8a:
                    2c:0f:9f:ea:4f:01:fc:1e:03:97:00:79:fd:0f:ab:
                    0b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:8B:36:07:5F:06:0E:7A:02:EA:3E:4F:C7:D5:54:19:77:6F:A6:1C
            X509v3 Authority Key Identifier:
                keyid:B0:BB:87:D2:0C:C4:20:DF:41:E0:90:C3:3B:4C:40:EF:CB:0D:D8:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLuH0gzEIN9B4JDDO0xA78sN2Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:57:7d:3c:54:a7:01:91:0d:e1:50:fd:ba:3b:82:6a:4f:58:
         f7:bb:0d:0f:e2:ff:7d:08:95:48:ce:83:fa:75:aa:13:b1:55:
         23:a1:2a:c5:67:8c:39:45:4c:f6:4f:ed:4f:1d:c4:20:dd:6e:
         d5:b6:52:ce:c7:67:57:cc:ca:31:91:18:38:6e:85:ef:6f:5a:
         2c:4f:e8:a0:cb:80:ad:b8:1c:73:62:32:35:d1:8e:7d:51:bf:
         14:9e:e7:21:41:4b:14:81:05:f7:d2:99:3b:b7:df:c7:b1:9f:
         d7:24:fe:aa:46:1c:60:23:27:71:2c:2a:e2:80:bf:44:6c:0d:
         9f:d1:c3:ad:fc:33:2b:95:21:2f:69:37:95:55:f9:11:68:08:
         6d:f5:31:fe:9b:51:b1:36:f1:23:61:73:20:7b:fb:81:a5:14:
         ab:80:0d:03:d6:e9:0e:de:51:d5:9b:5c:09:95:ef:6b:e3:23:
         3c:62:64:93:34:d5:82:39:e8:d0:65:2e:93:ab:c9:8e:0d:03:
         f4:54:69:4c:12:57:e5:c3:1c:87:bd:ee:db:9d:9c:23:bd:fd:
         51:4a:fa:30:9d:60:b6:aa:3e:b7:a3:f6:bd:9b:48:ce:cf:3e:
         03:cd:bb:e7:ab:9a:4e:28:64:fc:84:f3:6a:e4:02:16:e0:08:
         59:6c:f3:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtBokfW11z8XkwXY2JtP1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYmI4N2QyMGNjNDIwZGY0MWUwOTBjMzNiNGM0MGVmY2Iw
ZGQ4NzgwHhcNMjUwNjE0MDYwMDM0WhcNMjUwNjE1MDYwMDM0WjAzMTEwLwYDVQQD
Eyg1OThiMzYwNzVmMDYwZTdhMDJlYTNlNGZjN2Q1NTQxOTc3NmZhNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6K/5a2j1e00TzbnfzLt8KQ2J0o9
pEujtzDZSllH+oAKKlCPmsT65trmwkEXmW50yAPfXGDBUzfuOr39gUCCcoafwpx7
tNs7OfwL9sesJYztggENDlj7gi/BZbEbqdNogCSFboqP47pW6VqCA7fzHrl4WWFl
ybhomQfBdMQcIR4vh0RCgSBqui7d2JCp2ORLXF+cxJ7/Zj/eftvw0N256E6nC8TM
j6SOI8BW1hZqEeLbA6JMQWjjDLPMumKnjke8p/+wJ7atRmjm0Mpyka1Caehw68IV
IPVmv21r0fUiovL+8WCtPUbIhRfewVVD6IosD5/qTwH8HgOXAHn9D6sLgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFmLNgdfBg56Auo+T8fVVBl3b6YcMB8GA1UdIwQY
MBaAFLC7h9IMxCDfQeCQwztMQO/LDdh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0x1SDBnekVJTjlCNEpERE8weEE3OHNOMkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80ODEzZjItNGM2My00YWEwLTliMjIt
MzdiYzhlNjU2ZWIxLzEvc0x1SDBnekVJTjlCNEpERE8weEE3OHNOMkhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80ODEzZjItNGM2My00YWEwLTliMjItMzdiYzhlNjU2ZWIx
LzEvc0x1SDBnekVJTjlCNEpERE8weEE3OHNOMkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMVd9PFSn
AZEN4VD9ujuCak9Y97sND+L/fQiVSM6D+nWqE7FVI6EqxWeMOUVM9k/tTx3EIN1u
1bZSzsdnV8zKMZEYOG6F729aLE/ooMuArbgcc2IyNdGOfVG/FJ7nIUFLFIEF99KZ
O7ffx7Gf1yT+qkYcYCMncSwq4oC/RGwNn9HDrfwzK5UhL2k3lVX5EWgIbfUx/ptR
sTbxI2FzIHv7gaUUq4ANA9bpDt5R1ZtcCZXva+MjPGJkkzTVgjno0GUuk6vJjg0D
9FRpTBJX5cMch73u252cI739UUr6MJ1gtqo+t6P2vZtIzs8+A82756uaTihk/ITz
auQCFuAIWWzzuw==
-----END CERTIFICATE-----