Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
File:                     nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft (raw, json)
Hash identifier:          /ZNwFWknF6ylxtfQVXiC7RXdwE905rCTVcGaDmL7z/M=
Subject key identifier:   C0:3E:BC:9A:31:67:22:1B:6C:63:1A:EC:B8:23:07:C2:4A:DD:1A:9C
Authority key identifier: 9C:E8:94:F1:D7:73:1E:99:61:71:9B:E1:ED:99:84:68:FC:BA:BE:A9
Certificate issuer:       /CN=9ce894f1d7731e9961719be1ed998468fcbabea9
Certificate serial:       0197782F4C2CD19785C6A0DF3FE1FE0C6E7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
Manifest number:          157B
Signing time:             Mon 16 Jun 2025 10:00:54 +0000
Manifest this update:     Mon 16 Jun 2025 10:00:54 +0000
Manifest next update:     Tue 17 Jun 2025 10:00:54 +0000
Files and hashes:         1: nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl (hash: abQstXUtjr1cYwziq+IbPcPVyC1ViN1TRXVrZ9DOBmQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:78:2f:4c:2c:d1:97:85:c6:a0:df:3f:e1:fe:0c:6e:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ce894f1d7731e9961719be1ed998468fcbabea9
        Validity
            Not Before: Jun 16 10:00:54 2025 GMT
            Not After : Jun 17 10:00:54 2025 GMT
        Subject: CN=c03ebc9a3167221b6c631aecb82307c24add1a9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:51:f6:d1:e7:b6:fb:8d:9c:ba:8c:4c:27:52:
                    a8:04:b5:77:6e:37:4b:21:db:45:56:b0:d9:5b:6f:
                    ce:58:12:04:28:63:d7:67:ef:70:04:ef:6b:85:c3:
                    ef:b3:5c:76:d6:34:1e:92:fd:75:d3:61:37:fc:10:
                    ab:6d:4f:e2:1c:70:00:53:20:59:89:13:9c:95:4f:
                    f3:60:a6:38:3f:63:e1:72:4f:53:2d:1b:17:bc:27:
                    e5:5d:7b:dc:48:7b:0d:35:5b:e1:78:d5:15:c9:17:
                    3e:0c:d1:9a:c9:af:7d:a7:2d:a6:58:74:72:83:91:
                    fd:2d:4d:f5:5a:c0:5b:20:e1:7c:66:ae:78:09:d0:
                    35:6f:27:af:91:70:ab:98:9c:fb:9c:95:6e:66:c8:
                    e6:bb:b7:bd:bb:a8:d5:0e:80:98:cd:c5:16:87:60:
                    3c:4c:09:9c:56:7f:10:8e:5e:77:2f:6e:12:d5:6d:
                    11:d4:92:9e:56:b1:82:2c:a3:1f:d0:54:cd:09:09:
                    91:ff:7c:19:01:d2:17:2b:f2:4f:37:c3:e6:0c:25:
                    e2:9e:88:11:ab:76:c1:c6:0e:f2:a0:96:9e:cc:48:
                    e3:49:ef:4d:35:f9:50:4e:4f:5e:f1:b6:11:16:c3:
                    07:f4:66:74:af:86:9f:73:5d:2b:c0:82:09:d7:d3:
                    b5:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:3E:BC:9A:31:67:22:1B:6C:63:1A:EC:B8:23:07:C2:4A:DD:1A:9C
            X509v3 Authority Key Identifier:
                keyid:9C:E8:94:F1:D7:73:1E:99:61:71:9B:E1:ED:99:84:68:FC:BA:BE:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:a8:7f:c5:d8:54:35:80:46:19:e5:80:c7:47:71:4c:a7:87:
         92:a0:70:66:e0:fc:8f:69:93:ad:64:11:65:0e:da:53:80:8f:
         70:79:e6:96:1a:f3:07:86:3f:24:38:67:aa:83:b7:52:99:fe:
         de:c5:db:53:66:cd:a7:02:62:19:f2:77:06:d0:ff:d0:da:9b:
         9f:91:9d:48:7a:6e:71:25:d1:7c:74:81:ae:ab:77:2b:53:ba:
         48:ee:af:fb:b7:0a:56:37:0c:aa:44:ed:8b:a0:c0:7d:c1:c1:
         34:52:e6:49:8d:25:ce:b5:c4:0b:9c:78:9e:41:2f:69:49:a7:
         ea:30:33:5a:70:3c:b5:6c:0d:71:b5:f1:fb:4d:66:6c:db:91:
         a7:f8:51:59:cb:20:3a:ac:d3:1e:c5:e8:92:fe:67:47:52:b7:
         62:cf:5a:2f:f8:7a:ba:39:bd:a6:f4:d9:5f:4a:83:5d:90:a7:
         62:83:b6:c2:61:f9:c1:56:91:84:e2:0d:e8:bc:c3:6c:7f:0c:
         58:6e:4f:a1:63:df:d9:e9:89:83:b6:ec:65:2a:17:44:80:61:
         ea:cf:dd:32:9a:24:19:2d:52:60:48:16:4c:82:7b:db:00:1a:
         fb:0c:bb:7a:a4:3e:20:66:86:51:0a:aa:5a:b1:b7:28:8f:3d:
         30:f6:fe:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd4L0ws0ZeFxqDfP+H+DG59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZTg5NGYxZDc3MzFlOTk2MTcxOWJlMWVkOTk4NDY4ZmNi
YWJlYTkwHhcNMjUwNjE2MTAwMDU0WhcNMjUwNjE3MTAwMDU0WjAzMTEwLwYDVQQD
EyhjMDNlYmM5YTMxNjcyMjFiNmM2MzFhZWNiODIzMDdjMjRhZGQxYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFH20ee2+42cuoxMJ1KoBLV3bjdL
IdtFVrDZW2/OWBIEKGPXZ+9wBO9rhcPvs1x21jQekv1102E3/BCrbU/iHHAAUyBZ
iROclU/zYKY4P2Phck9TLRsXvCflXXvcSHsNNVvheNUVyRc+DNGaya99py2mWHRy
g5H9LU31WsBbIOF8Zq54CdA1byevkXCrmJz7nJVuZsjmu7e9u6jVDoCYzcUWh2A8
TAmcVn8Qjl53L24S1W0R1JKeVrGCLKMf0FTNCQmR/3wZAdIXK/JPN8PmDCXinogR
q3bBxg7yoJaezEjjSe9NNflQTk9e8bYRFsMH9GZ0r4afc10rwIIJ19O1HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMA+vJoxZyIbbGMa7LgjB8JK3RqcMB8GA1UdIwQY
MBaAFJzolPHXcx6ZYXGb4e2ZhGj8ur6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xZjk2OWMtZTM4Ny00NmZkLTg2MjQt
ZGM3ZjBjMDk0YjM5LzEvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xZjk2OWMtZTM4Ny00NmZkLTg2MjQtZGM3ZjBjMDk0YjM5
LzEvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmqh/xdhU
NYBGGeWAx0dxTKeHkqBwZuD8j2mTrWQRZQ7aU4CPcHnmlhrzB4Y/JDhnqoO3Upn+
3sXbU2bNpwJiGfJ3BtD/0Nqbn5GdSHpucSXRfHSBrqt3K1O6SO6v+7cKVjcMqkTt
i6DAfcHBNFLmSY0lzrXEC5x4nkEvaUmn6jAzWnA8tWwNcbXx+01mbNuRp/hRWcsg
OqzTHsXokv5nR1K3Ys9aL/h6ujm9pvTZX0qDXZCnYoO2wmH5wVaRhOIN6LzDbH8M
WG5PoWPf2emJg7bsZSoXRIBh6s/dMpokGS1SYEgWTIJ72wAa+wy7eqQ+IGaGUQqq
WrG3KI89MPb+/g==
-----END CERTIFICATE-----